GrapheneOS cracked by cellebrite? (See image)

Popey190000

Anyone know if this image is from a real case?

Feedback would be appreciated

Popey190000

grayway2

Popey190000 Assuming these are real parts of a forensic examination report, can you provide the source of the disclosure and the entire document.

DeletedUser370

Popey190000 Even if it is real, it doesn't tell us anything beyond "data was extracted" which, among other things, could mean that they obtained the password to the device by observing the owner entering it, or the owner unlocked the device for them. "Data was extracted" could simply mean that the owner unlocked the device for them, then they could have used a forensic tool to "extract" the data – as opposed to "extracting" the data manually. I don't think the picture really tells us anything useful.

mrket

Popey190000 Account created 6 hours ago, to share a blurry image uploaded 6 hours ago, providing practically no further details.

You ask if it's from a real case, then in a different comment claim to have more info about this case, still providing no verifiable information at all.

This is very obviously fake. Combined with other posts recently it's becoming more and more likely there's a coordinated effort to paint GrapheneOS as exploitable by police recently - luckily, these attempts aren't very convincing so far.

raccoondad

There is literally zero way of knowing unless its publicly disclosed....

Popey190000

grayway2 the chap got 12 year sentence in the UK based on the data extracted I'm told.

andrej567

also OS version would be good to know, did not see it there, its blurry

wagg3r

Popey190000 Who told you? Can you provide a source please? It seems there are a lot of brand new accounts suggesting breaches of GOS based on rumours recently.

grayway2

Popey190000 nice try Scotland Yard or whatever person who's creating these claims.

You are not providing sources at all and telling shit like this to create fear in the community so people stop using GrapheneOS.

nashgraph

To me it seems he just made it look like GrapheneOS.

andrej567

wagg3r these "news" add some excitement to my life but not that much that i would uninstall graphene os :-)

grayway2

wagg3r exactly a lot of brand new accouts who IMMEDIATELY claim that GrapheneOS has been remotely hacked or that a forensic company bypassed encryption or user password.

I do believe that cops are just pissed off when they are dealing with an up-to-date GrapheneOS Pixel device with a 6 digits pin.

Bypassing Titan M2 secure element is not possible at the moment and they don't have an AFU bypass too.

They can't push compromised updates as they did before with EncroChat or SKY.

phone-company

In Field "results and Findung" you can insert what ever you want. This is just a Protokoll.... Same as i'm writing here " yes i just extract the whole data from a pixel 9a grapheneOS Device"

So what? 😎

Pavestone2734

Would be easier to see with a higher resolution image. But I guess someone could make it low res intentionally.

MetropleX

The latest documentation we've looked at from a few months ago shows the most recent versions they could exploit were before patches in 2022.

If the phone was unlocked with developer options enabled, then it's expected they can extract all of the data from the device. GrapheneOS primarily works on defending a locked device against data extraction, not an unlocked one, especially with developer options already enabled.

According to Cellebrite's documentation for Cellebrite Premium, they cannot exploit a locked GrapheneOS device. They can extract data from GrapheneOS if they either have your PIN/password or are given access to developer options for ADB. It's not our goal to stop that.

If they have the PIN/password they can also just use the system backup implementation to do a backup providing most of the data. Preventing extracting most data with the PIN/password would mean preventing the user having access to that data. It's also too much attack surface.

andrej567

mrket

Account created 6 hours ago, to share a blurry image

what is the purpose of this? make me give up and install official system?

phone-company

grayway2 i think nothing more to say.... ☕

grayway2

andrej567 yes. They want us to believe that GrapheneOS is not secure at all so we move away from it.

There is also an attempt to definitely shut down GrapheneOS by making it looks like an OS build for the main purpose of serving criminals so it can be considered as an illegal project by courts and law from different countries.

mrket

andrej567 Honestly, with the low level of effort put into these posts as of late, it feels as though this is just an attempt to troll users of GOS.

If this is actually coordinated by governments or other powerful organizations, it's probably an attempt to get people to use insecure devices so it will be easier to conduct surveillance against them.

other8026

Just going to leave this here: https://grapheneos.social/@GrapheneOS/114784469162979608