Thanks a ton, this is exactly what I was looking for. Big fan of your work with Accrescent by the way.
I'm glad to hear that a factory reset should be enough. I was worried about forensic retrieval of poorly wiped data, but I should have considered the fact that it's all encrypted anyway, and as long as the keys are gone the data effectively is too.
- Assuming you wipe (and if necessary, reflash) the device beforehand, they cannot without an exploit.
- (...) Celebrite is also mostly used to extract data from unlocked devices anyway.
As I understand it, forensic extraction tools/platforms such as UFED, Xry, Oxygen, Graykey, and their ilk usually have methods for extraction from some locked devices, although apparently these often only work after first unlock. Presumably they're leveraging exploits to achieve this, so I suppose they might possibly have some exploit for persistence too. Unless I want to buy a new phone, I guess I'll have to take that risk. Anyway, I feel a lot better now that I know that a factory reset will be a secure enough wipe to prevent data retrieval.
On further consideration I'm definitely going to wipe and re-install GrapheneOS after passing through too, because even though Auditor should detect any tampering with the OS itself, as far as I'm aware it won't be able to tell me whether they've sneakily installed any certificates or anything like that.