graykey countermeasures

[deleted]
If you choose words outside the dictionary it will certainly increase the complexity and make it harder to crack by guessing.
But since it's not random, entropy is still the wrong word to use.

This kind of complexity is similar to how some people choose a weird unicode or emoji in their passwords. It's a good idea to just throw something in there that will thwart non-targeted attacks. Definitely peace of mind if you're hash is dumped in a breach.

But imagine a targeted attack, from say law enforcement, that is investigating you. They already know what languages you speak. They've searched through your social media and other personal information. They will build a word list that is not limited to just English. Maybe they even have some previously used passphrases.

The entropy is a specific number calculated assuming everything is randomized. That represents an attacker who is just going to brute force using the entire set of possibilities.
Anything that is user chosen, is going to be far below that entropy.

I'm not saying that user chosen can't be really strong and resist cracking. Just that entropy is no longer the factor.

Blastoidea

Yes, that definition does agree with my earlier statement that there are different types of randomness rather than the absolutist notion of "it's random or it's not".
The world of mathematics I was referring to is quite interesting and quantum mechanics gets into the nitty-gritty. Nothing could ever truly be random as long as you can know the initial state. Then it goes into whether an initial state of a quantum system can ever be known. Heisenberg uncertainty principle.

It can be very fascinating for nerds like us.

First post here, apologies if there's any inaccuracies.

supersonic
Broad consent is just GrayKey's way of saying they can attempt an extraction on devices they do not officially support, they don't say how, but likely just by generic methods all phone forensics devices use. On devices they officially support, they can perform filesystem extractions.

For some context: In the past, GrayKey did not allow extractions for devices they could not support, and only had a limited pool of supported devices, mainly iPhones and Samsung Android devices. They say they support Google devices for Broad Consent, but you should not worry about this feature - this would apply even if you used the Stock OS.

For your second question, Daniel Micay made a good response on this already for a different phone forensics tool, his answer would apply to GrayKey also.

If you want a real world example: If an adversary wanted to attempt to extract data from a Pixel with a phone forensics tool like this, they would need in most cases:

• To have the phone in the after-first-unlock state,
• Know the device's PIN or password,
• Turn off the screen lock
• Enable Developer Mode, and enable USB debugging.

Even after all of this, they would only be able to perform a logical extraction (a copy of the user's files inside the profile they are extracting). Daniel's comment already specifies that these tools only work after unlocking the device using the credentials you have setup on the device in his first sentence. Having a strong PIN or password make this scenario almost impossible. These devices only work providing you know what the passcode is beforehand.

Even if there was a case that an adversary could perform an extraction through other means such as a novel exploit, GrapheneOS is designed to make exploits less effective, less reliable, more time consuming, or at best impossible. If there was an exploit done on the Secure Element that stopped brute force throttling then it is mitigated because GrapheneOS supports longer passwords, matchboxbananasynergy has already stated that a long, 7-word diceware phrase is secure enough to not rely on secure element throttling, which is possible to have thanks to this feature.

If your device was in the after-first-unlock state but the adversary didn't know the passcode, then you can just set the automatic reboot to happen at a very early time beforehand so the device leaves the AFU state before they would be able to attempt something.

If the device was in either state or the attacker wanted to use a USB device as a method of exploit, GrapheneOS can block USB devices and the adversary could not turn it off without being able to get to the settings via passphrase or novel exploit.

If some adversaries attempt to downgrade system components to have a greater chance of exploitation there is also a mitigation. For example, Cellebrite's 'Advanced Logical' downgrades a system component app to a vulnerable version to provide better extraction capabilities. However, GrapheneOS closes this loophole by enforcing an increment of the app's versionCode with each package install and boot time.

If you use everything in a user profile separate from the administrator, then the adversary would need to exploit to get into the profile in addition to just finding a way in to the admin profile, which already is difficult. User profiles have separate encryption keys, so deleting the profile before your device was taken by the adversary means there is no data to extract, as it is all encrypted and the keys are erased with it.

If an adversary wanted to attempt to get into a GrapheneOS device they would not use an automated tool for law enforcement, private investigators or academics. They would need much stronger resources, and a threat with a large amount of time and budget will get control over the device because software and hardware cannot sufficiently protect against physical threat. Features such as duress passwords can be useful, but they are not the device protecting against physical threats - the person is the key component. These features are worked by people triggering it on their own choice, or an adversary being subverted by the victim to enter the duress password instead of the real one.

Daniel's comment also highlighted that with time exploits and vulnerabilities, disclosed and undisclosed will increase and there is eventual possibility to gain control over it that way, since they can just keep the device and stop future security updates fixing them. To protect against those types of threats sufficiently then you need to just be responsible and meet a set-up and use case that is equal to your threat model. Although as mentioned before, using GrapheneOS and taking advantage of its features is enough to ensure automated extractions don't happen.

Graphite Just saw this now, good idea, thank you!

Just saw this thread. Summarized, it would appear everyone is looking for a balance of difficult-to-guess vs memorable vs practical to type.

Yes, 6 of your favorite sports teams has plenty characters to qualify as high entropy, yet is obviously not secure. And a 1000 ASCII string is neither easy to remember nor type...

We also agree that adding a dozen layers of obfuscation, as per xkcd, will net in us thoroughly forgetting the password.

But, if one adds only one or two abstraction techniques, with clearly defined rules and internal structure, result could be memorable, typeable, high entropy and not found in any dataset (because that's one issue that bugs me about diceware, never mind that it is ultimately derived with a help of a device, which could be compromised.)

Several ideas:

Make up words - they're not found in any dictionary. From simple:

• verbing (using verbs)
• idiotoid (belonging to a class of idiots)
• markuous (capable of marking)

To more involved:

• dedoorification (process of removing a door)
• tintdow (window that had been tinted)
• Pirellified (a car that was equipped with Pirelli-branded tires)
• stratothunderous gloud (gloomy cloud that brought a storm with lightning)

It is amusing to come up with a coherent mix of these that makes a legible sentence. Make them not pertain to your interests or surroundings.

Another internal structure can be with using different languages - even if you don't speak them.

Can anyone poke holes in these?

Should we be worried about the new Graykey update?

https://www.magnetforensics.com/blog/graykey-supports-full-access-for-google-pixel-series-6-and-8/

Benten Hi,

Please see this thread, it is a part of a list of affairs: https://discuss.grapheneos.org/d/10023-exploit-of-device-after-first-unlock-to-obtain-data-that-isnt-at-rest/27

Vulnerability brokers have been placing extra work in targeting Pixels and GrapheneOS. The extraction scenarios currently known require AFU and a RAM dump, or 'consent' extraction for GrapheneOS. Various security features like automatic reboots, improved user profiles (ending sessions), and blocking USB devices are existing countermeasures users should take advantage of. Turning off your device is the best security measure for forensics and nothing comes close.

There is no information on how Graykey are able to facilitate their extraction, or if it is similar to another company like MSAB where some of their methods are publicly known at this time. Support of a device does not confirm or deny a compromise, it is a broad term to imply compatibility. They will hide such information.

GrapheneOS will also continue to employ further countermeasures beyond existing ones, such as a duress PIN soon.

As mentioned in this thread already, if a device is seized then any device shall only become more insecure as it remains with a lack of updates.

[deleted]

How's about a very long password and then salting that with a word? Being able to switch off the phone very quickly would be very useful as well

One word from you the minimum 2 word band name, switching languages. Add a numbers, perhap relevent dates, to the word to increase the effort needed.
Example, a rock fan might have.....
Schwarz01 (Sabbath), (deep) Purple04, Weiss68(snake)

DeletedUser115 I'm not sure if my advice will suffice the purpose of security, so any valuable criticism is welcome!

to memorise a few words( i guess it dont have to be exactly 7) maybe turn to literature or music and borrow the words there, then try to displace some letters with similarly shaped symbols use own imagination here, so when you'll need to input those characters you'll be basing off own perception and will succeed smoothly.