so I can understand how the pixel with grapheneOS protects in real life scenario can anyone explain this:

So for example law enforcement seize your pixel 6/7
The phones at rest,BFU, with a strong 128bit password. All relevent locks are in place like bootlocker locked, no OEM unlocking, USB only recognized when unlocked, simcard/esim with NO sim lock etc

What would be the step by step bullet points that a forensics team would try to carry out?

And how/what feature would the graphene os pixel protect against each step?

This is purely just for knowledge and understanding, its not urgent

    Step 1: Threaten to hurt your family if you don't unlock it for them.

    There are no other steps, and GrapheneOS can't protect you from it.

      csis01 A reason why I suggest that a feature of a self destruct PIN should be introduced. Entering this PIN does not unlock the phone, but resets is to factory default. Hence, data is gone.

      Overall, the hardware and software seems to be very secure. Several years ago, the FBI requested Apple to help to get the data of an encrypted and locked iPhone. Apple didn't help and in the end, the FBI bought a working exploit chain to open the phone.

      And i would say, this is the way law enforcements agencies would go. They have plenty of time to do their investigations. In this time, the phone does not receive any updates. Hence, they can hope that an exploit chains becomes available where cost vs. benefit is okay for the case.

          Fulgrim A reason why I suggest that a feature of a self destruct PIN should be introduced. Entering this PIN does not unlock the phone, but resets is to factory default. Hence, data is gone.

          This is a feature that's been reportedly in the works. Implementing features like that needs to be done with extreme care to do them right, because people with very high threat models will naturally need to be able to rely on them. It's best to take the appropriate time to make sure they're solid, rather than publish a half-baked implementation that's flawed.

              matchboxbananasynergy :-D

              I'm happy to hear that this feature is on the schedule. Just created a new thread a second ago to request this feature. You can close the thread.

                Fulgrim thanks for the reply.
                Yeah I remember hearing they're calling it the "duress password" or something along those lines.
                If I remember right , it wouldn't just be a factory reset, they are also trying to include a more thorough wipe and disable the ability to power off the phone etc until the wipe is completed.

                    csis01 I understand what youre saying, but it still didn't answer my question

                    If someone can answer the steps I asked for that would be grateful, providing the law enforcement don't buy a hacker exploit

                      Fulgrim ahh yes I remember this, I believe its a bit of a sad subject this one as the guy who was working on the "duress feature" also discovered this exploit but someone else was awarded the money......I might have Chinese whispered that story

                        L8437 Forensics will always find a way, they could probably write fastboot attacks which they also did for samsung and other android phones. Also the checkm8 attack for older iphones is basically an unpatchable bootloader attack.

                            Hathaway_Noa fair enough , this is confusing though as I understood that exploits cost millions and are done by hacker groups.
                            I believed that your normal forensics person would not have the capability or funding to get past the titan m2 plus strong 128bit password

                            Is that not the case?

                              If someone is using a 128 bit entropy password, you're no longer relying on the throttling done by the secure element.

                              Provided that you're utilizing features like auto reboot to put your data back at rest (BFU mode), there's not much that can be done to access that data.

                              Please refer to this answer by the project account which I linked you to in another thread you created:

                              https://discuss.grapheneos.org/d/4049-security-from-bruteforce/66

                                matchboxbananasynergy thank you. I'm just trying to explain it to some friends I have that have stock pixels that are interested in graphene, but I have to be able to explain it in simple layman's terms as they have tiktok brains

                                    L8437

                                    Well, there are many arguments besides contacts with Law Enforcem Agencies.

                                    One big argument is privacy. GrapheneOS is a very minimalistic OS without all of the bloatware and spyware that many manufacturer bundle with their phone. A freshly installed GrapheneOS is talking to only a very few numbers of server on the Internet, such as the software that provides updates for the OS.

                                    Next argument is, reducing the attack surface. Having a very minimalistic OS helps here. Furthermore, GrapheneOS contains several hardenings, which makes it harder to sucessfully apply an exploit.

                                    Does it make the OS bullet proof? No. When a threat actor with exreme amount of resources attacks you (such as the NSA) it is likely that they will find a way over time. But a reduced attack surface + hardenings helps to make it much harder for cyber criminals to compromize your phone. And when its to hard to compromize a system, efforts are higher than the possible profit.

                                      Arguments I'd give:

                                      • Guarantee that there are no hidden intentional software backdoors build into the OS.

                                      • VERY high functioning OS. Almost on par with stock.

                                      • MASSIVE privacy gain. So many bad built-in stuff just gone!

                                      • There is no built in surveillance of your phone to speak of, where as on a normal phone absolutely "every" part of your phone (contacts, sms, keyboard, clipboard, phone calls, location, network traffic, identity, photos, files, etc). is fully accessible to be surveilled. Almost everything is accessible by google.

                                      • per connection mac randomization. Makes you really invisible. not available on ANY stock phone.

                                      • Block apps from internet. What other OS can do this?

                                      • Storage scopes. This is phenomenal.

                                      • You can actually install invasive apps and use them without them using you. not worry about them having access to this and that. Where else can you get this?

                                      • Make google your bitch, instead of being its bitch.

                                      L8437 What would be the step by step bullet points that a forensics team would try to carry out?

                                      They are working constantly on improving their methods. When they encounter a device that they aren't able to unlock they put it aside and work on them till they find a way in. In BFU with pixel first step would be to try to pass the throttling and get to the raw data and work from there with brute force. If you're really that concerned than try this app:

                                      https://github.com/x13a/Wasted