• User-uploading of files is now fully enabled!! Check out our full announcement for details.

    All accounts with 0 posts on them have been purged. If you are coming back to us after a long time and you find you can't log in, then that would probably be why.

Info On Cellebrite (Smartphone Cracking Tool) and GrapheneOS

For any threads that are not purely stories, opinions, or questions. Threads with purely information found on any wiki are not allowed either!
Arnox

Arnox

Master
Staff member
Founder
Messages
6,064
Privacy circles have been abuzz with talk of how the police, using Cellebrite, were able to crack the protections on the shooter's Android phone in about 40 mins. This got me very curious as to the capabilities of Cellebrite in terms of getting into a phone with GrapheneOS.

Luckily, I was actually able to find this post by the GrapheneOS devs on Mastodon. It's a year old or so as of this writing, but it should still be very applicable. The full text of the post is below.

https://grapheneos.social/@GrapheneOS/110664229081782995 said:
Cellebrite and others in their industry use logical extraction to refer to extracting data from a device after unlocking it, enabling developer options (requires PIN/password), enabling ADB and permitting access for the ADB key of the attached device. See https://cellebrite.com/en/glossary/logical-extraction-mobile-forensics/

The baseline doesn't involve exploitation. The next step up is exploitation via ADB to obtain more data than ADB makes available.
Obtaining data from a locked device requires an exploit. If it was unlocked since boot, the OS can access most data of the currently logged in users.

GrapheneOS includes our auto-reboot feature to automatically get data back at rest so that it's not obtainable even if the device is exploited. Can set this to a much lower value than the default 72 hours. 12 hours won't cause inconveniences for most users, but you can go lower.

User profiles that are not currently active have their data at rest. GrapheneOS provides the option to put secondary users back at rest via end session for convenience. Sensitive global system data is stored by the Owner user, which is why you can't log into another user first.

GrapheneOS also provides the option to disable keeping a secondary user active in the background, to force ending the session when switching away from it. We provide substantial exploit protection features (https://grapheneos.org/features#exploit-protection), and we're working on some major improvements.

For user profiles that are not currently logged in, their data is protected by encryption even if the device is exploited. An attacker needs to brute force the password. If you use a strong random passphrase, they cannot do it. Otherwise, you depend on hardware-based security.

Most Android devices don't have decent hardware-based encryption security. If a typical Android device has the OS exploited, the attacker can trivially bypass any typical PIN/passphrase via brute force. We only support devices defending against this (https://grapheneos.org/faq#encryption).

iPhones, Pixels and certain other Android devices provide hardware-based throttling of unlock attempts via a secure element. We explain how this works at https://grapheneos.org/faq#encryption. This protection depends on security of the secure element, which is quite good for Pixel 6 and later.
Click to expand...
 
I believe a correctly secured Pixel with GrapheneOS has better attack-resistance than either a stock Pixel or any iPhone.

There are also leaks of internal Cellebrite documents and software around the Internet. :-D
 
CharlieTheStooge said:
I believe a correctly secured Pixel with GrapheneOS has better attack-resistance than either a stock Pixel or any iPhone.

There are also leaks of internal Cellebrite documents and software around the Internet. :-D
Click to expand...

Doesn't the software need special hardware to work as well?
 
Arnox said:
Doesn't the software need special hardware to work as well?
Click to expand...

Depends on what it entails. If it is just communication with hardware to perform device exploitation and data extraction there probably is not much the software can do by itself. But if there is exploitation logic in the software that might be different.

There is allegedly over a terabyte of 'data' from Cellebrite floating around the Internet and if it contains firmware for Cellebrite hardware it may be possible for someone to emulate its functionality.
 

Similar threads

Arnox
German Police Have (Potentially) Compromised The TOR Network
Replies
4
Views
221
NextGenerationGhost
Arnox
Software GrapheneOS - Finally Giving Back Full Control of Your Phone
Replies
5
Views
439
Arnox
Arnox
Arnox
(In Dev) Sanctuary Security and Reliability Specification/Standards for Professionally Hardening Linux
Replies
3
Views
909
Arnox
Arnox
Arnox
Someone Emailed Me About Potentially Linking This Site to An App
Replies
17
Views
346
Arnox
Arnox
Arnox
Sanctuary Update - 6/23/2024 (The User Uploads Update)
Replies
5
Views
3K
Arnox
Arnox
Back
Top