MSAB XRY - Cracking Pixels?

Protonuser

Anyone heard stories of Pixel, specifically graphenes being cracked recently?

https://www.msab.com/updates/xry-10-4-1-new-release/

AAL: Exciting Things Ahead
 AAL also comes with improvements for physical support and security code or brute force for the latest Google Pixel models 6 and 7. AAL is changing – watch this space for more details in the next release.

final

Protonuser Above comment answers the details on XRY and GrapheneOS. There is nothing to suggest an extraction is possible without consent or providing an unlock to the device. XRY support GrapheneOS but support does not mean they can break into a device, it's to ensure compatibility when a user willingly surrenders. They can filesystem extract but no information on how it's possible, only that you need to give away the PIN.

GrapheneOS develops security enhancements and new features often, and an actor involved in targeting GrapheneOS would be less likely to have a long term met objective due to that. The effort MSAB and others will have to put in with targeting Pixel 8 and above thanks to new exclusive security enhancements like MTE and other mitigations will cost far more than the amount of effort they are trying now.

Likewise, if there are exploits to brute force a Pixel that also somehow work on GrapheneOS (there is nothing to suggest this) then a future Duress PIN feature is on it's own GitHub branch which will make this threat irrelevant as the brute-forcer risks triggering the duress and wiping the OS with this procedure. If you have concerns about that now, use a long word count passphrase on a secondary user profile. This feature is coming out soon from what people have gathered.

As discussed on the forums many times before, If a threat actor steals your device then you are done for. They can contain the device away so it can't update or connect to anything then they can wait to exploit it once that capability is available. It's not about hiding evidence, its about having no evidence for them to see.

User profiles can be erased and remade at any time. If there is something a user risks exposing from an extraction then all they need to do is erase that profile that contains it when they suspect shit is hitting the fan. Erasing profiles erases all data on that profile, and as profiles use separate encryption keys it is unreadable as that data is encrypted and the keys purged from the device. If there is something they want to keep on the profile before erasing, then their best choice is to just encrypt the files and upload them to a random cloud used only on that device and forget about it.

Anti-forensic behaviours is a far better tactic than relying just on resisting the apps or exploits doing the forensics, because in the likelihood that an extraction is still successful, you would leave nothing of value to extract when it is done correctly. TAILS and Windows Sandboxes are excellent examples of these, they are systems that can only be truly examined if they are caught while actively being used.

matchboxbananasynergy

I would suggest reading https://discuss.grapheneos.org/d/7703-protection-from-xry-pro/3 as a first step from @final.