There is no such thing like "bad government" and "good government". I mean - it really depends on people's views, therefore we must not blissfully put our data into govt hands because "they will protect us from terrorists and child rapists". What they will do, actually, is that for sure they will abuse innocent citizens at some point of time. They will. Even if they don't, they will. Or maybe they are doing it right now and they need more control to make it easier
I really love Graphene OS but I _wish_ there was a version in which you could get a root shell and extract private data of apps you install when verified as the user. The developers are on record as saying that root blows a hole in their security model (it does!) but if there was _some_ way of doing it safely, so I can modify applications I as the user wish to, it would be my ideal OS. I know I could download and self sign it, but I'd rather not…
As long as the USB port of your phone is used, you can not stop it. This is the backdoor the governments want without having to be tethered. Vote for privacy. Vote against the police state. Vote for freedom.
Libertarian rant aside. Governments fund these kinds of operations in secret so they can "effectively do their jobs". There's a ton of subcontractors working on AWS platforms that do analysis of this UFED "dump". (just a zip file of your phones directories). Emails, Phone logs, Carrier settings, Browser History, Text Messages, Cookies, Apps, App Logs, App Data, if it's on your phone, it's in the zip.
This feels like countering insinuations on the Internet with insinuations on the Internet.
Cellebrite doesn't publicly publish the latest support matrix so we have no real idea what progress if any they've made against recent iPhones and iOS versions, nor any real detail on how something like Lockdown Mode influences outcomes for their software.
Nor does this show anything about Pixel 9 or Pixel 10 and the newest variants of Android OS (which for Pixel 10 makes sense given (2024), but for Pixel 9 does it?).
What we do know as both companies disclose this is that Apple implements particularly with Advanced Data Protection enabled significantly more E2EE than Google, and both companies invest significantly through i.e. Apple's SEAR into the security of their hardware, software and platforms.
That GrapheneOS exists is great but I don't think this post helps much.
This is a post by a user on the GrapheneOS forum not associated with the project in any way from May 2024. Their post referenced April 2024 Cellebrite capabilities rather than the July 2024 data or later where they had fully caught up to recent iPhones and iOS. The post is from May 2024, they didn't have time travel.
GrapheneOS has access to recent Cellebrite Premium documentation from the past couple months which shows the state of things in the previous published documentation from earlier in 2025 along with the 2 snapshots published in 2024 has been carried over.
I am probably the only one but the geek in me would love to see an article where digital forensics are used against the most common operating systems in their most secure configuration - just to see how they compare with one another.
This kinds of make me want to get a pixel and install GrafeneOS there.
I'll admit that big companies may have some incentive to protect their users' privacy; but they are an easy legal target. If tomorrow the US or EU pass legislation that mandates a backdoor in all mobile devices, the entire world is screwed.
>...because it is doing far more hardening than iOS against these attacks. iPhones also have security element, but the companies developing attacks, had successfully bypassed secure element throttling from Apple for years (and are doing the same with Samsung and Qualcomm
Is it true that Pixels are more hardened against brute forcing the security module and that iphones (and other phones) are easily bypassesed by these hacking tools?
The only thing that comes to my mind is the so-called blobs, the closed source hardware drivers that are needed to make an Android phone work and that run at high privilege level.
If GrapheneOS is not tightly sandboxing them, then chances there are that a capable operator can use whatever backdoor each driver offers, mainly the wifi adapter, the baseband modem and the Bluetooth adapter.
No matter what GrapheneOS developers have done.
Imagine the wifi driver being able to spoof on pin entry procedure.
> Cellebrite admits they can not hack GrapheneOS if users had installed updates since late 2022.
So, how do I know that GrapheneOS is not a honeypot for the really big fish?
At this point it seems if you really want to be safe, you have to add obscurity (in addition to conventional best practices). Like changing the pinout on your USB port so the exploit device can't connect.
As mentioned in the link, Graphene has a lot of additional security feature. It can auto reboot after X hours without being unlocked. You can lock down the usb port to be charge only, or even completely disabled so that the only way to charge is with the device powered off.
20 comments
[ 6.0 ms ] story [ 38.0 ms ] threadAnd it looks like this is the draft, and it was published on the author's blog here: https://telefoncek.si/2024/05/2024-05-30-grapheneos-and-fore...
> Cellebrite admits they can not hack GrapheneOS if users had installed updates since late 2022.
Libertarian rant aside. Governments fund these kinds of operations in secret so they can "effectively do their jobs". There's a ton of subcontractors working on AWS platforms that do analysis of this UFED "dump". (just a zip file of your phones directories). Emails, Phone logs, Carrier settings, Browser History, Text Messages, Cookies, Apps, App Logs, App Data, if it's on your phone, it's in the zip.
Cellebrite doesn't publicly publish the latest support matrix so we have no real idea what progress if any they've made against recent iPhones and iOS versions, nor any real detail on how something like Lockdown Mode influences outcomes for their software.
Nor does this show anything about Pixel 9 or Pixel 10 and the newest variants of Android OS (which for Pixel 10 makes sense given (2024), but for Pixel 9 does it?).
What we do know as both companies disclose this is that Apple implements particularly with Advanced Data Protection enabled significantly more E2EE than Google, and both companies invest significantly through i.e. Apple's SEAR into the security of their hardware, software and platforms.
That GrapheneOS exists is great but I don't think this post helps much.
GrapheneOS has access to recent Cellebrite Premium documentation from the past couple months which shows the state of things in the previous published documentation from earlier in 2025 along with the 2 snapshots published in 2024 has been carried over.
I'll admit that big companies may have some incentive to protect their users' privacy; but they are an easy legal target. If tomorrow the US or EU pass legislation that mandates a backdoor in all mobile devices, the entire world is screwed.
Is it true that Pixels are more hardened against brute forcing the security module and that iphones (and other phones) are easily bypassesed by these hacking tools?
If GrapheneOS is not tightly sandboxing them, then chances there are that a capable operator can use whatever backdoor each driver offers, mainly the wifi adapter, the baseband modem and the Bluetooth adapter.
No matter what GrapheneOS developers have done.
Imagine the wifi driver being able to spoof on pin entry procedure.
https://blog.okturtles.org/2024/06/the-ultimate-ios-to-graph...
So, how do I know that GrapheneOS is not a honeypot for the really big fish?
At this point it seems if you really want to be safe, you have to add obscurity (in addition to conventional best practices). Like changing the pinout on your USB port so the exploit device can't connect.