Need someone with knowledge

TheOne

Hi I Wonder if someone would be intrested in talking with me about safety regarding grapheneOS. If someone got the time to chat?
Need some answers on some questions I got.

ryrona

TheOne You can just write your questions here, and someone will probably be able to respond.

TheOne

If a Phone is factory reset, isnt it a security risk for forensic (police etc) to get access to the information data inside. How much can they recover?
If a Phone been used by many users and the Phone been passed around, how far back can forensic go? Can they see all data from all users using it? (Every person have done a factory reset between each user).
Cant forensic police just force factory reset via recoverymode? And then get access to information.
Thanks.

Phead

For a rather in-depth explanation see this link: https://grapheneos.org/faq#encryption and the following excerpt:

The OS stores a high entropy random value as the Weaver token on the secure element (Titan M on Pixels) and uses it as another input for key derivation. The Weaver token is stored alongside a Weaver key derived by the OS from the password token. In order to retrieve the Weaver token, the secure element requires the correct Weaver key. A secure internal timer is used to implement hardware-based delays for each attempt at key derivation. It quickly ramps up to 1 day delays before the next attempt. Weaver also provides reliable wiping of data since the secure element can reliably wipe a Weaver slot. Deleting a profile will wipe the corresponding Weaver slot and a factory reset of the device wipes all of the Weaver slots. The secure element also provides insider attack resistance preventing firmware updates before authenticating with the owner profile.

When you reset your device, all encryption keys are wiped with it. Since all files are stored encrypted they cannot be accessed without the corresponding keys rendering them unreadable in case the keystore got wiped.

TheOne

Thank u