Thread

Have you ever used or activated your sim or esim at home or work? Oops.

It is not mine and is not even fromy country. It is used around. I have 5 phones.A wifi spoofing system so I can pretend to be where I want and a gps disruptor.

Maybe learn about directional antennas. I dunno

From who? Information online is all tainted. Nothing useful at this point. They know all and stop whatever is not supposed to be given to the public.. only way old hardware warfare. Remove chips, shortcircuit antennas, disconnect microphones and cameras. Faraday cages and rf sensors to verify real offline transmissions. So... Best choice remove all the wifi equipmenta and rewire home. Some tracts in fiber. I bet in few years Internet will be unusable anyway so storing all I need in local network and doing physical optical backups.

I built many directional antennas years ago but now the new arrays and geometries are out of diy abilities. The only way is tricking the system with shields and coaxial delay so they cannot triangulate the signal. At a certain point better to avoid the transmission and that is it. With AI analysis they can easily decode position even with this tricks. Pair car plates from cameras with gsm position and rebuild behavior.

Yup. I feel like monero has the right idea with decoys. They need to be normalized though. Today, a decoy makes you stand out as bad as a coinjoin transaction. In monero, everyone is required to use decoys.

From who? Nobody, anybody. I just want the 'reasonable expectation of privacy' bar to go up not trend down as it has since the beginning. The reasonable expectation of privacy is about zero these days which lawfare can do whatever they want now.

No tech people should skip entirely a tech they do not understand. In the 90's I was in teams developing non contact smartcards and so on. I know quite well how to fuck up those system. The average guy does not. Unfortunately they now developed thing that I do not even know.

thank you 🫂💜

Assuming he doesn't mean location but means pinging cell towers which is a proxy

The OS does that in the background. Check the 2021 Trinity College Dublin study: 📄.pdf "Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google"

If you don’t want to be tracked - don’t carry a cellphone. Even a GrapheneOS powered phone is going to be periodically updating its location to the nearest cell tower to keep the HLR updated.

Yes but that's quite coarse grained.

Better than within 500m from what I understand. And 5G probably better.

Yeah not close enough to tell which shop or which doctor I'm attending.

Be a submarine and use a Faraday bag. Only surface when you absolutely need to.

That's why you have airplane mode.

Funny cause it's true...

I know 😂

Yes, great book, and frequently updated.

According to cellbrite, no. Even if they get an unlocked phone, they cannot do most exploits they usually do. If its locked or even shut down, I haven't heard of any exploit.

Nice..

Sometime ago unlocked extractions stopped providing access to the full filesystem. We didn't do anything in particular to cause that. If that's not available they'll do 'logical extraction' instead where they acquire the data through traditional logical operating system features like ADB. The big capabilities to look out for are AFU (extraction AFU without password) and Brute Force capabilities, neither of which are present.

Interesting, but the logical extraction still gives them all data?

It gives them all the files of an unlocked profile, calls and SMS history and light application data but this is depending on the techniques, OS and app support. Certain logical extraction techniques use standard ADB functionality, Android backup features, or more invasive methods like downgrading a system app to a vulnerable version (GrapheneOS closes this security hole). If they wanted data on certain apps like messengers then manually browsing the apps and reading the messages with a camera mounted to the screen may be needed instead. Full filesystem would give access to privileged OS data and the /data of all applications in at profiles not at rest. If there's a hot wallet app only protected by a simple PIN they could just clone that app data elsewhere and get control of the keys by brute forcing the PIN. Not usually possible on logical extractions.

Make sure you set the USB C port to charging only even when unlocked, this might have prevented the exploit. There are also power only USB cables or adapters who cut the data cable connection. Yes, it is a good idea to regularly reinstall graphene os and start from zero, make sure you have all backups.

No idea how to do this yet but gonna research and read your article :)

Yes, its explained there, super simple. Settings > Security & Privacy > Exploit Protection > USB-C Port > Charging Only To reflash graphene, just to the same steps you did to install it in the first place.

Ok great! Just did. Hope the next few days I am just gonna reset the whole thing once I figure out what I need back of on and how.

May I ask what service you use? I am aware that Silent Link does not offer voice, and I feel like I need voice as a new dad. Am I wrong? In the age of AI, is it just a matter of time until my voice is stolen and used to impersonate me for nefarious reasons? I heard you can do calls over Signal if you get your loved ones to download it

I am currently using usmobile warp although I am not certain that the carrier matters that much as you can manually lock the mic the location and the camera on and off. You can also set up a alternate profile which I use to switch between a very locked down graphene os and a very sandboxed google play. Hope this helps!

No, really curious tho!

Im holding out buying a pixel only cause of their stupid announcement. Cunts.

It'll take at least a year until that gets released, get a used Pixel 8a for now, cheap and secure.

>: /

People will continue to use what they know until the cons of doing so outweigh the pros. If they’re not concerned about their privacy then there is no motivation to switch to a new protocol, it’s as simple as that. #fuckandroid #buyaniphone

What I’m getting at is, by extension, do you completely erase the benefits you gain by setting up a privacy device if you’re sitting right next to people all day who can be drone striked to their phone location

If you’re sitting next to people that could be targeted by a drone strike, it seems like you have bigger issues to deal with, hehe.

Lol

There is no other hardware with a lockable boot loader and secure elements. They are working with a second manufacturer at the moment.

Now I'll freely admit, I don't know much about chip design, but I watched something a long while back where someone showed that there are parts of chips which aren't made clear on manufacturer's details, posts which aren't clarified. That's what got me thinking... Why would Google, who were founded for the purpose of mass surveillance, provide a tool which can bypass it? It doesn't make sense. So if another company is going to make hardware which Graphene will work with, I'd be much more interested to learn more. All the while it's on Google hardware it's not for me. They can watch me openly, like they currently do, on Amdroid.

Yes, we desperately need freer hardware, and I'd probably switch to an alternative if that would exist.

The Pixel 8's Tensor G3 chip pairs with an upgraded Titan M2 security coprocessor to isolate sensitive cryptographic operations, while introducing Memory Tagging Extension (MTE) support for runtime detection of memory corruption vulnerabilities and significantly hardening the cellular baseband firmware with bounds sanitizers, integer overflow protection, stack canaries, and control flow integrity to reduce what has historically been a major attack surface. That's a major improvement compared to the 7 or earlier generations.

So 8s are just fine then? Or should one aim to upgrade to 9?

8s are fine, especially if you have it already or want the cheapest option. Both 9 and 10 are marginal improvements in build quality, performance, battery, and they will receive updates for one or two years longer (standard is 7 years official support from google, Graphene usually supports even longer)

K good. Hope I dont need to replace it. So hope to figure out whats wrong with it and fix it.

I'd say make selective backups of your important files, not everything since that might include the malware, and then go again through

Web installer | Install | GrapheneOS

and start over.