A
Alllus

  • a day ago
  • Joined 12 days ago
  • In Cellebrite Premium July 2024 documentation
  • In Cellebrite Premium July 2024 documentation

    Here's the Cellebrite Premium 7.73.1 Pixel Support Matrix from February 2025.

    Pixel 6-9 with GrapheneOS - the best! No any access to BFU/AFU state

    • In Using duress password example
    • In Using duress password example

      Second pin (2FA, after enter fingerprint) compatible with Duress password? Second pin = duress pin = erase data?

      • In Cellebrite Premium July 2024 documentation

        If I bought a Pixel 9. I install GraphenOS, install all Google programs (google translate, Play Market, Chrome, Google Drive, Google Photos and others), completely disable the USB port, set an 18-character password and a fingerprint (for convenience), set the device reboot time to 1 hour. I am not interested in anonymizing the phone. What is important to me is counteraction to hardware complexes UFED, GRAYKEY, etc. Will this be enough? Will this be a protection mode similar to the iPhone downlock mode?

      • In Cellebrite Premium July 2024 documentation

        troika no any problems. Example trigger actions - Run "settings" applet, Enter search "factory reset", click confirm button...

        P. S. Its very simple example.. You can make it more complex. For example, add a screen sensor lock, multiple retries, etc.

        • In Cellebrite Premium July 2024 documentation

          GrapheneOS https://discuss.grapheneos.org/d/20401-grapheneos-improvements-to-protection-against-data-extraction-since-2024 is a thread about recent improvements to the defenses.

          https://discuss.grapheneos.org/d/20402-cellebrite-exploits-used-to-target-serbian-student-activist

          You are very convincing in your arguments! Today, the Pixel 9 order). I have a question - I used the Honor MAGIC 6 Pro (Quallcom Snapdragon 8 Gen 3, MagicOS 9.0 Android 15, with descret security chip S1, MagicOS-8.0-Security-White-Paper.pdf ) and use processes automation - "Macrodroid" on the phone. I provided this application with all possible access. I write triggers under my phone model:

          • turning off the phone in 15 seconds when turning off the mobile network (Faraday box);
          • blocking the phone when stealing a phone from my hands;
          • Turning off the phone within 10 seconds when connecting the USB cable;
          • the second factor in the authorization of PIN when unlocking with a finger;
          • turning off the phone if not unlocked within 1 hour,
          • turning off the phone after 2sec clicking the volume button up and other safety macros.

          This is a good set of security addons functions. Therefore, is it possible to use a macrodroid on your OS for extra experiment for me?
          My profession is an activist ... And every day it can be dangerous for my work. All information in my phone.

            • In Cellebrite Premium July 2024 documentation

              GrapheneOS Aside from that, a password is hardly immune to brute force unless you use something like 6-8 random diceware words.

              Do you think that the police will do BruteForce PIN code of more than 10-15 digits BFU State? Even Oxygen Forensic Detective does not see it appropriate to hack a PIN code of more than 9 digits. All BruteForce templates are designed for a graphic key (up to 9 points) and PIN code (up to 9 digits). Everything else is months and years. The criminalistic police department has hundreds of smartphones for analysis per week ...
              In addition - it makes no sense to reboot in a few hours, if the UFED - is a mobile portable device and the dump of your owner’s phone will be extracted immediately during a police search of the apartment (in AFU State).

              The user of the phone that has with important data - must do all efforts to turn off the phone before his return to the police. With one button or gesture of the finger. Any options.

              P.S. Support for Pixel 8 and 9 (Physical Dump ( ADB(Rooted) ), File Dump (Android Backup, APK Downgrade), Logical (Apps Data, Phone book, Call logs, SMS etc) ) added to the UFED version 7.72 (release from 2024-10-31).

              GrapheneOS - nice security OS, but no Applepay/Gpay method payment(((. Its very important minus for me..

                • In Cellebrite Premium July 2024 documentation

                  GrapheneOS Cellebrite's current documentation shows they can exploit iOS 18 and later versions

                  What sense is there to be afraid of Cellebrite if they use these vulnerabilities only to read the encrypted file system image? But the file system remains encrypted. A password longer than 10-15 characters does not even make sense to brute force. They cannot bypass password protection even on the Samsung S20 etc. All attempts to prevent access to the USB port are attempts to prevent reading the file system image, but no one will brute force a password longer than 10 characters. A good password, updating the system and rebooting the phone for a few hours - completely makes the phone invulnerable on any version of the latest OS. Sorry for my bad English