Hi

With the UK goverment forcing crapple to give access to encrptyed data what are the best steps within Graphene to make this as difficult as possible.

    The UK wants Apple to build a backdoor for iCloud, which is Apple's suite of cloud-based services, not their devices. GrapheneOS does not have a suite of cloud-based services built for consumers. This will not affect GrapheneOS.

    But if you're asking about protecting your data on device, just make sure you have a Pixel 6th generation or newer (Pixel 8 and newer is recommended for enhanced security) with GrapheneOS installed, a 6-8 digit PIN code or 6-8 word passphrase for your primary lock, and keep your device up to date.

      This is why open source software is soo important. Especially that end-to-end encrypted chat apps and end-to-end encrypted cloud storage apps are fully open source.

      Now, this information leaked, but Apple themselves would never have been allowed to tell, and we could have been left in the dark. But for open source software, the chances of such compromised security getting detected would be great, as the code would be committed to the source repository, and would have to be merged by all forks and third-party apps as well.

      Only threat to GOS users is that if you pass something compromising/sensitive to apple user and this law will be granted, you'll be fucked. Avoid communicating with applers.

        That's what I was thinking too, fuck them.

          DeletedUser143 Avoid communicating with applers.

          grayway2 That's what I was thinking too, fuck them.

          I don't think this is the right way to think about this. It could have been us. It could have been GrapheneOS that was put with such a gag order.

                DeletedUser143 I am all for freedom of speech but if you can't control your outputs, how can you hope your GrapheneOS will keep you safe?

                For all I know and what my consience tells me, it is very likely iOS already has a backdoor(s), authorities just look for official ways to put it into practice.

                  ryrona It could have been GrapheneOS that was put with such a gag order.

                  Good point, actually. How GrapheneOS would circumvent this?

                      dc32f0cfe84def651e0e Good point, actually. How GrapheneOS would circumvent this?

                      Since GrapheneOS does not include any end-to-end encrypted services by default, the gag order would probably be to order a backdoor in the disk encryption layer so law enforcements can decrypt data without your PIN or passphrase.

                      Either way, I think the protection would be the same. Everything being open source, and the builds being reproducible. This would increase the likelihood that such a compromised security would be detected. And being open source, the community could then choose to patch away the added backdoor or weakness, in a minimal fork of GrapheneOS. I really believe open source is what will keep us safe from such things, and why open source is so important.

                      Hopefully, GrapheneOS being open source is enough to deter governments from making such gag orders to begin with, since the risk of discovery is much larger.

                          ryrona

                          Since GrapheneOS does not include any end-to-end encrypted services by default, the gag order would probably be to order a backdoor in the disk encryption layer so law enforcements can decrypt data without your PIN or passphrase.

                          Im wondering if this is even possible, considering grapheneOs is not a company comparable to apple (they arent selling a product), i know its legally more difficult, but technically they can just say, they dont offical offer support in whatever country with hostile goverment wants them to implement this.

                              Rkpaxam Apple will not be forced to do anything by the UK,
                              Apple have spent too much money getting the information they have on people to give away this via a back door. I mean Icloud, that's data centers all over the globe, not just a single device access.
                              it's not that Apple care about its customers information, its protecting its hold on the customers and the money it extracts from them that it cares about.
                              Your GrapheneOS enabled phone in your pocket is secure, you know that, but the second you send something to anyone Apple or not, you are at the mercy of the internet and as we know the internet is a sharp double edged sword.

                                  area51 Apple will not be forced to do anything by the UK

                                  Sure they will, as long as they want to gain profits from UK sales they will have to comply.

                                      0xsigsev UK sales, Apple executives must laugh out loud, imagine, devices you would happily give away for free, having people stand out in the cold and rain outside an Apple shop to pay ridiculous amounts of money to get the latest glass brick spyware on offer.
                                      The device is not the money, its what you do with it that's the money, and the data money potential is huge. That's why Apple will not allow anyone any agency or Govt access to it.

                                          area51 That's why Apple will not allow anyone any agency or Govt access to it.

                                          What they say vs what they actually do is two different things. And yes, they know exactly where the money is, so not allowing them to sell new units will hurt them. look at all the bending apple is trying to do to be able to sell in Indonesia again.

                                            • KK8y

                                              • Post #30

                                              If the apple user encrypted her data to the cloud would she be safe?

                                              Aside from this cloud issue, how does Graphene's security compare with Apple's... What makes one more secure than the other?

                                                K8y Your backup in apple is encrypted, problem is apple have keys to the encryption.

                                                As for your second thread it was discussed here look it up.

                                                  dhhdjbd Im wondering if this is even possible, considering grapheneOs is not a company comparable to apple (they arent selling a product), i know its legally more difficult, but technically they can just say, they dont offical offer support in whatever country with hostile goverment wants them to implement this.

                                                  I assume they might be able to issue gag orders like this to individual persons too, not just companies, and key persons in the GrapheneOS project physically live somewhere and thus need to respond to such orders from at least some jurisdictions. The non-profit that handles paying salaries to the developers and so might also be susceptible.

                                                  But in one sense you are right it will be harder, GrapheneOS does not sell anything in any country, so is not at risk of losing revenue from refusing to comply to such orders in specific markets they otherwise have no legal responsibility towards.

                                                    Regardless of the hardware or software system you use, if for example the FBI gives an NSL to a manufacturer or developer, they will have your information and you will not be aware. If the manufacturer or developer is not part of the federal area of action, they will have other methods.

                                                    I don't use iCloud but maybe this is the trigger that pushes me into my own storage only and getting my stuff out of other cloud environments.

                                                    Either hardware-encrypted drives like Kingston or nextcloud or a combination of both.

                                                    Who's to say that Proton (for example) hasn't already been forced to do something similar?