• General

  • Potential appearances of GrapheneOS in mobile forensic reports

New court case in the Netherlands regarding pixel phone, EVERY pixel phone that they cannot decrypt/unlock is 'uncontrolled' and the public prosecutors always try their hardest to keep those pixel phones from being returned to their owners. Sometimes the judges go along and sometimes they wont.

The public prosecutor has taken the position that the seized cannabis buds should be withdrawn from traffic.

The Google Pixel phone should also be hidden from traffic. Although the police have not yet been able to investigate this telephone, it is known that this type of telephone is often used to communicate encrypted to commit criminal offences. According to the public prosecutor, the uncontrolled possession of a Google Pixel phone is therefore contrary to the public interest and the law.

The public prosecutor has asked the court to confiscate the seized iPhone, now that conversations or chats were conducted with this phone that related to the planning of the criminal offense.

The seized beacon can be returned to the seized party.

Source: https://uitspraken.rechtspraak.nl/details?id=ECLI:NL:RBAMS:2024:2669

    Lol, I won't go to the Netherlands, I would be suspect for whichever crime ! :)
    Good that I spend next holiday in Denmark and Sweden ... (or not ?...)

      Eirikr70 Good that I spend next holiday in Denmark and Sweden ... (or not ?...)

      I'd really like to go to Denmark or Sweden, which city in Denmark or Sweden do you plan to visit ?

          Xtreix Just Copenhagen and Stockholm. I don't have the driving license, so I stick to big cities.

            Hathaway_Noa Note that the court decided to give the phone back to the suspect:

            The court cannot establish a relationship between the seized Google Pixel phone and the proven fact. The mere fact, as stated by the prosecutor, that this is a phone with which encrypted and covert communication can also be used to commit criminal offenses, does not mean - without further substantiation which is lacking - that this phone was used for that purpose and thus that its uncontrolled possession is contrary to the public interest and the law. This phone must therefore be returned to the accused.

              • [deleted]

              • Post #47
              • Edited

              Europol, NCA, NL police etc know graphene is a real problem due to the very high level and amount of narcotic traffickers who seem to use them.

              You read about how some of the biggest traffickers in Europe get arrested in Dubai as such and they have GOS phones.

              The how and the why I'm not sure as I'm not technically savvy but I'm 100% certain they will be trying to push an exploit through GOS server onto the phones to intercept data. Wether it's illegal or not they will be trying to.

              They cloned the sky servers in 2019 then created an exploit in 2021 which has brought so many criminal trials.

              There's not an encrypted phone network albeit the others were solely used by criminals that they havent hacked or cloned the servers to intercept data.

              GOS will be no different.

              Mod note:

              Information in this comment is based on an inaccurate understanding of GrapheneOS and its infrastructure.

              Exploiting GrapheneOS servers would be essentially pointless. Doing so would not permit an attacker to exploit phones running GrapheneOS.

                “ All you have to do is prove your innocence, and you can be on your way.”

                @[deleted]

                The how and the why I'm not sure as I'm not technically savvy but I'm 100% certain they will be trying to push an exploit through GOS server onto the phones to intercept data. Wether it's illegal or not they will be trying to.

                I agree they will try. However gOS operates in different way, that won't be that easy.

                They cloned the sky servers in 2019 then created an exploit in 2021 which has brought so many criminal trials.

                They cloned more cryptophones' servers than just SkyECC.

                There's not an encrypted phone network albeit the others were solely used by criminals that they havent hacked or cloned the servers to intercept data.

                My OSINT says the same. The only publicly available 'alternative' are these white/russian/silent/pgp/encrypted/stealth sim cards. The logical conclusion is - many people using 'cryptophones' in the past use gOS nowadays.

                GOS will be no different.

                We'll see.

                [deleted] maybe it's a good idea for GOS to implement some sort of multi-signing for each push update they perform. It would reduce a single point of error.

                  [deleted]

                  While this certainly sounds like something the investigating authorities are aiming for, it will no longer be so easy after the latest ECJ ruling. Or, in my opinion, impossible. Someone may one day succeed in penetrating grapheneos, but there will be no hack comparable to encro or sky. There will only be targeted attacks against individuals, which, at least in Germany, will require an order from a criminal court. An investigating judge is no longer sufficient for this. Furthermore, it has now been established by the highest court in Europe that a defendant must be given full access to all the details on which his indictment is based. This means that any judge who authorizes such surveillance will actually read what he signs and instruct the investigating authorities to maintain integrity. Anom can't be used in Germany as evidence anymore.

                  C-670/22

                      • [deleted]

                      • Post #52
                      • Edited

                      Nuttso IMO they will learn from there errors and it'll be done illegally and will be done for 'intelligence only' therefore catching people in the act of committing crimes and intercepted data will not be required as evidence like it is being used currently. Lots of rumours similar is happening to signal also.

                      They don't play by the law as has been shown with how they have hacked past crypto phones. If they can catch some criminal bang to rights with millions of pounds worth of narcotics, in the midst of a robbery or such the messages they have intercepted won't really matter.

                          [deleted] IMO they will learn from there errors and it'll be done illegally and will be done for 'intelligence only' therefore catching people in the act of committing crimes and intercepted data will not be required as evidence like it is being used currently.

                          This has been used for a long time. Depending on how difficult it is for the investigating authorities to convict someone, they do not shy away from falsifying evidence. Be it that, in cooperation with the public prosecutor's office, they do not inform the investigating judge of the true circumstances, or that they happened to be at the scene, or that they are completely free to invent spies. Europol does not abide by any laws at all; it places people in criminal circles who are allowed to commit even the most serious crimes in order to prove their loyalty. They are then brought before the courts as confidants who do not have to make a direct statement. Encro and Sky have provided a small insight into the whole affair, but have changed absolutely nothing. The market is flooded with cocaine and other substances. This whole war on drugs is a joke and people in the highest political, military and police circles are playing along with it. In Germany alone, 100 kg of cocaine are consumed every day. Investigating authorities boast about finding a ton of cocaine, yet several tons arrive in the EU every day.

                          A serious drug dealer will only use his grapheneos as if it were already compromised. This is also the only approach that actually protects against surprises.

                          [deleted] They don't play by the law as has been shown with how they have hacked past crypto phones.

                          In fact, the data was collected by encro and Sky in accordance with the law. This was also confirmed by the ECJ in the judgment I linked to. They used a little trick to circumvent certain criminal procedural regulations in some EU countries.

                          [deleted] Lots of rumours similar is happening to signal also.

                          We monitor this with a very simple approach. If this were true, we would know immediately. I don't want to say exactly how we do this.

                                other8026 locked the discussion .

                                GrapheneOS phones don't blindly trust GrapheneOS servers. To put it bluntly, it really wouldn't matter if they were compromised because malicious updates wouldn't be signed by the required keys.

                                For all of the services I can think of, our phones just get data from the servers. No additional info is sent with requests. So, there's virtually zero useful user data on GrapheneOS servers (to law enforcement or whoever). Use a VPN in the owner profile to hide your IP address if you want.

                                Edit to share some links:

                                other8026 unlocked the discussion .

                                To bring a little clarity here. Firstly, grapheneos servers are configured more securely than comparable providers. During the compilation process, the releases are signed with a key that only the developers have. Without this key, no manipulated operating system can be installed on the end devices. Every change in the source code is communicated publicly. The only damage that a server takeover could cause would be to cut off the user from the possibility of receiving updates. Which could become a problem if certain critical security updates are released that close RCEs, for example. The phones would be unprotected against publicly known security vulnerabilities as long as they do not have the latest security updates. For this very reason, grapheneos places so much emphasis on getting the security bulletins out as quickly as possible each month.

                                Regardless of this, a targeted hack would be necessary. It would have to be able to bypass several security mechanisms and it would be very difficult to make this hack persistent. See verified Boot.

                                This is why we only recommend grapheneos as the basis for Molly. There is nothing comparable. It would be downright negligent to recommend anything else.

                                21 days later

                                What do you mean by having GOS as the "basis" of molly? Do you mean y'all will only recommend properly configured molly installed on a properly configured GOS for maximum attainable security/privacy?

                                (By molly I am assuming you're talking about that hardened fork of Signal, right?)

                                  GlytchMeister GOS recommend Molly due to the large attack surface of the Signal and WhatsApp apps, messages are E2EE, but it would seem that the apps are very vulnerable, I can no longer find the source on Mastodon, but I have read it.

                                  In addition, Accrescent, which contains the fully FOSS version of Molly, will soon be available in "Apps" to create a chain of trust.

                                    Oh I didn't know Accrescent was mature enough for implementation within GOS, their github says its still in early alpha. I've been avoiding Accrescent because of that. If its mature enough for GOS's Dev team, I guess it's mature enough for me?