ExploreTrendingAnalytics
Nostr Archives
ExploreTrendingAnalytics
Max90d ago
Your smartphone transmits your location to corporate servers every 4.5 minutes, even when you've explicitly opted out. It knows which medical clinics you visit, which protests you attend, and which friends you spend nights with, and this information is sold to data brokers, advertisers, and government agencies without meaningful consent. GrapheneOS is an open-source operating system that transforms Google Pixel hardware into a private device under your control, one that has proven resistant to Cellebrite forensic extraction tools used by law enforcement worldwide. This guide covers the surveillance problem, the technical architecture that solves it, and a complete walkthrough from installation to hardened configuration with privacy-respecting applications. nostr:naddr1qqgxgv3hxf3njef4xvunqv33xumrjq3qklkk3vrzme455yh9rl2jshq7rc8dpegj3ndf82c3ks2sk40dxt7qxpqqqp65w9gck6x
💬 28 replies

Replies (28)

AU991390d ago
Assuming he doesn't mean location but means pinging cell towers which is a proxy
0000 sats
Max90d ago
The OS does that in the background. Check the 2021 Trinity College Dublin study: https://www.scss.tcd.ie/doug.leith/apple_google.pdf "Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google"
0000 sats
Max90d ago
Yes, great book, and frequently updated.
0000 sats
Max90d ago
Funny cause it's true...
0000 sats
Sophia90d ago
Thank you for this information!
0000 sats
Diyana90d ago
Been experiencing a lot of issues with my grapheneos ever since I plugged to charge in a rental car :/ anytime my battery dies it takes a massive amount of effort to turn it back on and always stalls on the grapheneos logo just sits there and I have to pres power and sound buttons to restart and then pause for it to first regain charge before powering. It's weird and frustrating. I think I've been hacked. I woke up today wanting to just juke it.... Like reset from ground 0 but unsure how yet.
0000 sats
Max89d ago
Make sure you set the USB C port to charging only even when unlocked, this might have prevented the exploit. There are also power only USB cables or adapters who cut the data cable connection. Yes, it is a good idea to regularly reinstall graphene os and start from zero, make sure you have all backups.
0000 sats
dangershony90d ago
Thank you for this Max
0000 sats
Final89d ago
Sometime ago unlocked extractions stopped providing access to the full filesystem. We didn't do anything in particular to cause that. If that's not available they'll do 'logical extraction' instead where they acquire the data through traditional logical operating system features like ADB. The big capabilities to look out for are AFU (extraction AFU without password) and Brute Force capabilities, neither of which are present.
0000 sats
Max89d ago
No, really curious tho!
0000 sats
Max89d ago
Isn't signal calls & jitsi enough?
0000 sats
Max89d ago
That's why you have airplane mode.
0000 sats
Max89d ago
It'll take at least a year until that gets released, get a used Pixel 8a for now, cheap and secure.
0000 sats
Max89d ago
There is no other hardware with a lockable boot loader and secure elements. They are working with a second manufacturer at the moment.
0000 sats
Max89d ago
Yes, we desperately need freer hardware, and I'd probably switch to an alternative if that would exist.
0000 sats
Final89d ago
It gives them all the files of an unlocked profile, calls and SMS history and light application data but this is depending on the techniques, OS and app support. Certain logical extraction techniques use standard ADB functionality, Android backup features, or more invasive methods like downgrading a system app to a vulnerable version (GrapheneOS closes this security hole). If they wanted data on certain apps like messengers then manually browsing the apps and reading the messages with a camera mounted to the screen may be needed instead. Full filesystem would give access to privileged OS data and the /data of all applications in at profiles not at rest. If there's a hot wallet app only protected by a simple PIN they could just clone that app data elsewhere and get control of the keys by brute forcing the PIN. Not usually possible on logical extractions.
0000 sats
Diyana88d ago
You mentioned pixel 9 as reported by the whistleblower... Are earlier pixels more vulnerable?
0000 sats
Max88d ago
The Pixel 8's Tensor G3 chip pairs with an upgraded Titan M2 security coprocessor to isolate sensitive cryptographic operations, while introducing Memory Tagging Extension (MTE) support for runtime detection of memory corruption vulnerabilities and significantly hardening the cellular baseband firmware with bounds sanitizers, integer overflow protection, stack canaries, and control flow integrity to reduce what has historically been a major attack surface. That's a major improvement compared to the 7 or earlier generations.
0000 sats
Diyana88d ago
So 8s are just fine then? Or should one aim to upgrade to 9?
0000 sats
Max85d ago
Yes
0000 sats
Diyana83d ago
I haven't reset yet but wanted to let you know doing the charging USB instructions seems to have fixed my starting after dying phone problem. Thank you, @3fc5f855…05bc04d3!
0000 sats
Max83d ago
Awesome.
0000 sats
Diyana89d ago
No idea how to do this yet but gonna research and read your article :)
0000 sats
Max88d ago
Yes, its explained there, super simple. Settings > Security & Privacy > Exploit Protection > USB-C Port > Charging Only To reflash graphene, just to the same steps you did to install it in the first place.
0000 sats
Max88d ago
8s are fine, especially if you have it already or want the cheapest option. Both 9 and 10 are marginal improvements in build quality, performance, battery, and they will receive updates for one or two years longer (standard is 7 years official support from google, Graphene usually supports even longer)
0000 sats
Diyana88d ago
K good. Hope I dont need to replace it. So hope to figure out whats wrong with it and fix it.
0000 sats
Max88d ago
I'd say make selective backups of your important files, not everything since that might include the malware, and then go again through https://grapheneos.org/install/web and start over.
0000 sats
Diyana88d ago
Ok great! Just did. Hope the next few days I am just gonna reset the whole thing once I figure out what I need back of on and how.
0000 sats