So currently, fingerprint does not work in apps, only screen unlock. Is that a setting that I'm missing, or something that hasn't been implemented in the android 11 build for pixel 3?

> Is it hard to get the IMEI changed with a Pixel 4?

If you figure out how please let.me.know

!mjolnir watch #ptio-friends-bl:privacytools.io

cn3m: that won't work lol

Jonah: ah thanks

you're quick

dngray must be talking to you lol

lol true

fomijafi: the next Android 11 release fixes biometric support

we're waiting to get some other things fixed

Cool. Just wanted to check in to make sure other people had reported or whether I should put something on the issue tracker

I went ahead and got the 4a and will be waiting however long it takes to get a port for it. I will be donating $60 USD at some point.

Anybody using seedvault backup on USB stick? I don't recall ever getting a 12 word password to decrypt a backup.

<brockin042[m] "Anybody using seedvault backup o"> When you select the backup option, the first thing it'll do is provide the 12 words. You must have clicked past the screen.

Also, you can clear data to Seedvault app to generate new 12 words and make new backup too

Lia: appreciate it, I deleted data from app. Now I see password to write down.

Hello grapheneos community,Thank you for the work that you do. I'm very happy to have found something that can help respecting my basic human rights like privacy from something as crucial as a smartphone. In my case I have a special need for this as I am being harassed by private investigators from a bitter ex family member. I installed grapheneos

on pixel 4 on my PC using my wifi. However I have recently discovered my home WiFi has been compromised and that they may have had access to my laptop. This is a large investigative firm with vast resources and she's spending a ton of money trying to make my life miserable. Anyways, I am a script kiddie that just knows how to follow instructions. I

probably should have tried to verify the download but I installed this in a hurry. If the attacker had access to my laptop and WiFi could they have compromised my download and planted something during the process? Sorry for my ignorance and I appreciate any help I can get.

Hello grapheneos community,Thank you for the work that you do. I'm very happy to have found something that can help respecting my basic human rights like privacy from something as crucial as a smartphone. In my case I have a special need for this as I am being harassed by private investigators from a bitter ex family member. I installed grapheneos

on pixel 4 on my PC using my wifi. However I have recently discovered my home WiFi has been compromised and that they may have had access to my laptop. This is a large investigative firm with vast resources and she's spending a ton of money trying to make my life miserable. Anyways, I am a script kiddie that just knows how to follow instructions. I

probably should have tried to verify the download but I installed this in a hurry. If the attacker had access to my laptop and WiFi could they have compromised my download and planted something during the process? Sorry for my ignorance and I appreciate any help I can get.

Use auditor on another device

Or not. Just keep joining & leaving.

Saleh. Use auditor from another device to verify the intigredy of the OS install

Hi I'm looking for a way to audit my grapheneos as I believe the laptop and wifi I was using was compromised

Looking for someone to point me in the right direction as I'm a complete newbie

Any idea who compromised it

Or just worried

Shady investigative firm

Very resourceful. Cracked my iOS and android phones in the past

IPhone 11 and galaxy s9 both broken into almost right away

That's my I'm a proponent of only using wired. WiFi can never be trusted

Only thing I know of is the grapheme audit app

get a new laptop and flash grapheneos again and use the auditor

* Only thing I know of is the graphene audit app

Problem is I'm being tailed by these guys so I can't use public WiFi

you need to pay for forensics and research analysts to figure out if you are compromised otherwise

Obtaining the file would be difficult

those are really your only options im afraid

if you flash grapheneos on a compromised computer

Stop using internet all together for a bit and see what they do

They just follow me

Acting skills aren't as good as their hacking skillsb

again, just get a new laptop and flash it again

Yeah I need to find a way to do that without being tailed

then use auditor

The auditor app doss that require two phones with grapheneos?

OK thank you very much I will read into it.

I'm glad this community is so helpful

you're welcome. good luck.

Can't reproduce gallery app crashing when cropping

Oh, it was on edit button

Just reproduced it

strcat[m], if IMEI is not changeable this must be a fraud: movical.net/us-en/repair/google/pixel-4

That page mentions restoring original IMEI, under both "Repair IMEI" and "Change IMEI"

[ham5urg_](matrix.to/#/@freenode_ham5urg_:matrix.org): imei is changeable

Find a way under stock ROM to set USB mode to diag

It will most likely only work on stock and if they implemented it

What's with everyone thinking they're being gang stalked

I get covid has fucked our mental health but cmon lol

<lickidysplit-pti "What's with everyone thinking th"> Their in a gang now :P

Quite an investment for a test, I still did not bought an Pixel4. I hoped to find someone who can confirm or deny the possibility.

Its just a term lol

<ham5urg_ "Quite an investment for a test, "> It can be done, but its illegal and too time costly to implement such thing

anupritaisno1[m], why is it illegal?

Apple just implemented a MAC randomization for wifi. This is not illegal?

Found this script, looks good. Is this illegal too?

Because some countries are sissy countries hahahaa

The UK for example

Not in all countries tho

But the devs have spoken on this with Me already and they are not going to be implementing it anytime soon

I offered 500 aud and another member said he would match, so money isn't an issue. I think its more so the time and other stuff they have already going on

Fixing bugs in the OS itself etc.

I think the concern is fraud, (i.e steal a phone, original owner gets the IMEI blacklisted, and the thief changes the IMEI thus using a stolen phone)

A confirmed shell-howto like the one I posted before is good for me.

I don't want to change the IMEI more than once.

<ham5urg_ "Apple just implemented a MAC ran"> Graphene has this as default

lickidysplit-pti, yes.

Mac WiFi and imei are too different things

I know, but they have simillar concepts.

What about Bluetooth Mac? Is it randomized too?

I'm aware. U can change imei very easy with root. But that breaks gos security

<ham5urg_ "What about Bluetooth Mac? Is it "> I don't believe so

yes

Well I was wrong

Doesnt that mean having to re-do the pairing every time you connect to a BT device?

<null[m] "Doesnt that mean having to re-do"> I don't experience this.

Auto connects to my car unit, portable speaker etc.

"Bluetooth has MAC randomization as part of the spec"

"unlike Wi-Fi, privacy is standard in the Bluetooth LE spec"

That is good and makes life easier.

if you are only using Bluetooth like Wi-Fi and removing pairings then the privacy is comparable to Wi-Fi privacy

Is it possible to get root-access to a GrapheneOS-device without breaking it? To get adb and fastboot work.

ham5urg_: what are you trying to do

renlord, to get my old IMEI into a Pixel4.

Your old imei???? Why would u wanna do that

Did u change it before installing GoS and now carrier won't work?

Only way to change it would be to flash stock - root / reinstate your old imei and reflash GoS :/

What's happened to the off topic room?

#grapheneos-offtopic:matrix.org

Still there for me

Sorry, did not know about the offtopic channel. I will switch to it.

Thanks. I somehow dropped out.

can this be used on a supported device and connected to a large screen to act as a tv box? it wont be android tv interface i dont think, but at least an android interface on a large screen? maybe using rf remote/keyboard? rf keyboard is ideal, but ir or other ideas you may have (bluetooth is last resort)

If your devices supports HDMI out I think so.

<lickidysplit-pti "If your devices supports HDMI ou"> Which Pixels do not, unfortunately. Stupid Google removed Miracast support, too.

You have to use Chromecast.

The hardware is there. The software is not

i wonder if miracast was removed for secu reasons...its a source of data leak perhaps...or maybe they're just extending and extinguishing ala msft

also there are plenty of tv boxes, some of which work with both android and linux like pine64...would getting gos on there be as simple as recompiling kernel with firmware specific to that board, putting dtb files and recreating an iso? or maybe even just using the dtb+kernel+drivers+firmware of the android images for those boards, while putting gos userspace there? how modded is gos kernel/firmware/lowlevel?

EEE: GrapheneOS has development support for the hikey boards

pine64-lts using allwinner a64 is particularly good contender as there are many other form factors using the a64 chip and also it doesnt require raminit blob, apparently there is a fix for the cpu bug

the issue is these devices can't officially be supported beyond test targets due to lacking hardware security features

So I lost my beloved Pixel 3a running Graphene OS but it was returned to lost & found and I'll get it back tomorrow. I know the odds are astronomical that somebody tampered with the device. Correct me if I'm wrong but there's two options basically:

1. Somebody modified the bootloader. I would see that easily because of "verified boot".

2. Somebody brute-forced my 4-digit PIN. How could I verify this didn't happen? Is there any system logs I could inspect regarding authentication attempts?

I hope you at least have it setup so you can enter pins more than 4 digits when entering a pin

how many? 16?

I have a question: is this expected behavior that once you were not able to unlock with fingerprint it is locked until you reboot the device or not?

If not, is this bug solved with the fix to biometrics in the development build? I have no possibility to factory reset my device.

I am on pixel 3xl if it helps or change something

* I have a question: is this expected behavior that once you were not able to unlock with fingerprint it is locked until you reboot the device or not?

If not, is this bug solved with the fix to biometrics in the development build? I have no possibility to factory reset my device in order to test the development build.

I am on pixel 3xl if it helps or change something

if you reboot it will still be locked

you need to enter your pin or passphrase, then you will be able to fingerprint unlock for a period of time

im not sure if its time, or activity based exactly

but pin will be required if theres too many bad fingerprint attempts

When I enter my passphrase, the fingerprint unlock is still locked. The only way to enable it again is to reboot, put my passphrase and then I am able to unlock it with fingerprints again

Hydroalcoolic gel is so bad for this... 😔

Sounds like a security feature to me

<deetot "Sounds like a security feature t"> Can it be confirmed? It was not the case before, it changed with the update to Android 11

oh i dunno

A question, would it be possible to setup the phone so that if it is unlocked in the presence of a specific bluetooth device it would stay unlocked (even if the screen goes blank) as long as the specified bluetooth device is nearby?

@renex correct me if im wrong, but didn't android have that under "smart lock" in previous versions?

but did smart lock get phased out?

Don't know, can't find anything relevant in Settings. There is a something called Trust agents, but it is empty

smart lock was the only thing I knew of that did exactly what you want, sorry.

I recall smart lock too

Maybe it requires play services

might be.

an old device of mine running android 9 with play services has smart lock feature.

I doubt there are many Google Fi users here but, after another go at it, I think I can say that Google Fi does not work on GrapheneOS.

Phone calls work for a while, and seemingly after reboots, but after a while incoming calls do not work.

Other things like visual voicemail and receiving MMS are always broken.

Again, not unexpected. But I would caution against even trying.

lickidysplit-pti: ham5urg_: there isn't a way to change the IMEI with root access, or with fastboot, you're posting incorrect information

in general, modern basebands do not allow changing it, due to regulations forbidding that

a blog post from 2015 (over 5 years ago) about an HTC phone substantially older than the post itself is not going to help you

you're posting info about en.wikipedia.org/wiki/HTC_One_(M7)

it has no relevance anymore

I'll be changing a 5-year-old iPhone 7 next year for a new phone. In general, would I get a good phone experience with Graphene in case I install it on, say, a hypothetical Pixel 5(a) when it comes out next year?

Mostly that boils down to will I be able to use apps like Uber, Grubhub etc.? Are they available on F-Droid?

And can they work without Play Services?

you can install apps from the Play store with Aurora Store, the standard F-Droid repository only has open source apps

hi, i did a development build with no keys, which i just want to install on my testing device. Where can i find the img file to use?

genghiz: many apps will work without Play services, others won't

consider using web sites instead when they won't

You mean PWAs?

web apps

Yeah. Progressive Web Apps.

whats the diff between that and a normal web app

cwecw2d323de32d3: `out/target/product/$DEVICE/`

I dunno. I thought all web apps these days were PWAs

cwecw2d323de32d3: up to you to make sure to flash all the images and firmware if you're doing it that way (the quick development cycle)

PWAs utilise service workers.

I don't think any normal web app is bound to do so.

yikes

is it system.img ?

seems so =) thx

Why the yikes?

cwecw2d323de32d3: no

cwecw2d323de32d3: you need to flash all the firmware and OS images

cwecw2d323de32d3: not 1

cwecw2d323de32d3: when you do a signed build per the instructions, it generates a factory images bundle with all the images and a script to flash them for you

since you're doing it by hand, you need to know what to flash

first of all you need to flash radio and bootloader firmware partitions to make sure those are all the correct version (and then you don't need to flash them when doing further development builds until they change again)

you need to flash all the OS partitions and flash them again when they change / keep them in sync

initially, super, vbmeta, boot, dtbo, vbmeta, vendor, vbmeta_system, system, product

if you're doing things with development builds and flashing manually you need to know what to flash and when

just do a signed build + use factory images if you don't want to deal with that

ok please bear with me, all i did was pressing m and enter. then after some hours it said build process complete

so the next step would be : Generating signed factory images and full update packages

?

no

i need my phone connected and flash the bootloader firmware right

using adb tools

did you source envsetup.sh and used choosecombo, etc?

in the same shell

yes i went trough these steps @ Setting up the OS build environment

it chose the default settings

i think it was user

the bootloader on my device is unlocked too

cwecw2d323de32d3: what exactly are you trying to do?

development builds solely for testing?

Will Google pixel C ( the tablet) ever be support?

no

it's EOL and didn't meet our security requirements

even before it was EOL I mean

it was not a typical Android Pixel device and had a ChromeOS-style bootloader without support for hardware security features with an alternate OS

there are probably non-Pixel tablets that are more viable targets than that

I see. I guess I'll have to stick with a degoogled lineage tablet for the moment

use an iPad

[human451](matrix.to/#/@human451:matrix.org): pixel C doesn't even meet the glassrom requirements

it stopped being sold in 2017 and was last updated in June 2019

strcat[m] i'm just trying to run an insecure test build on my new 3a device

Encryption doesn't work

Lockscreen password doesn't work

Selinux is permissive

cwecw2d323de32d3: you could just flash all the images by hand then

quick and dirty

[human451](matrix.to/#/@human451:matrix.org) how can anyone accept this?

how?

anupritaisno1: encryption and SELinux worked for it on AOSP

it's just not supported anymore

the only problem with it was that the bootloader doesn't support alternate OSes properly

is m oattools-package useful here?

so you can't have verified boot and full keystore functionality

other than that it's just really old, end-of-life (not updated anymore), doesn't support modern AOSP (wasn't a Treble device)

cwecw2d323de32d3: only if you want to do a signed build

cwecw2d323de32d3: otherwise you can just flash the images by hand already assuming you built properly

[strcat](matrix.to/#/@strcat:matrix.org): actually why not just force otatools to be built?

That works too

it said build completed

because I don't want to force it to be built in dev builds

waste of time

but then i did m oattools-package and stopped it after a couple minutes

that was bad

Ah

cwecw2d323de32d3: make sure to use the same shell

with the environment set up

i am in the same shell

[cwecw2d323de32d3](matrix.to/#/@freenode_cwecw2d323de32d3:matrix.org): make installclean and run it again then

you can't switch to another unless you set it up there too

cwecw2d323de32d3: it should run just fine

okay, but did the m oattools package overwrite the old build now?

no

ok cool

so can i just take the img file now ?

system.img ?

cwecw2d323de32d3: no

read what I wrote above please

flashing

cwecw2d323de32d3: no

<anupritaisno1[m] "[human451](matrix.to/#/@"> ?

if you aren't going to read what I wrote you aren't going to get a good result

ok i go back

there are multiple firmware images you need to flash and multiple OS images

cwecw2d323de32d3: if you aren't able to do that by hand then continue following the instructions

make a signed build and flash that with the script

[cwecw2d323de32d3](matrix.to/#/@freenode_cwecw2d323de32d3:matrix.org): for i in $(ls *img | sed 's/.img//g'); do fastboot flash "$i" "$i".img; done

Worked for me lol

you also need to format userdata

ok better stick with the signed build now

which means i need to build again?

no

[cwecw2d323de32d3](matrix.to/#/@freenode_cwecw2d323de32d3:matrix.org): no

just continue the instructions

thank you

. script/envsetup.sh

m target-files-package otatools-package

script/release.sh whatever

Some apps like messaging will force a full build idk why

human451: offtopic, but I use the microG builds of LineageOS 15.1 on my Pixel C (with microG completely disabled), works perfect, and has Security patch from August: download.lineage.microg.org/dragon

But incremental build of that is around 10 minutes

<NorbertTretkowsk "human451: offtopic, but I use th"> Go to offtopic chat then

Norbert Tretkowski: no, it doesn't have the security patch from August

that's a false claim

Norbert Tretkowski: LineageOS uses a fake security patch level across most devices

it's not accurate

Well

the last available security patch level for the Pixel C is June 2019

Lineage trues to backport the security patch for up to 5 or so past versions

But your kernel and vendor are unpatched

doesn't matter

exactly

and so are components in system not developed as part of AOSP

they dropped Pixel C support

* Lineage tries to backport the security patch for up to 5 or so past versions

I hate legacy tbh

There was this device soc

Msm8994

CAF only did 2 versions and then dropped it

Had to merge LTS and track several repos for security patches

the reality is that the device never supported secure installations of alternate OSes and has been end-of-life without full security updates being available anywhere for over a year

I somehow managed to do so for 3 years

Then I was like fuck it

And left

Because backporting the security patches to an EOL kernel itself took away 80% of my time

Not worth it

BTW I also updated the vendor

Took as many blobs from other devices as I could.

Hi, i have a question. If i enable dark mode for web contents on Vanadium, i'll make my fingerprint unique?

Hi all, how is the storage encryption done, is it FDE or FBE? Does an option exist to do FDE?

FBE

Hey, sorry if this has already been asked a lot, but I was on the beta channel and didn't realize. My phone updated to android 11 and now I cannot use mobile data and I was just wondering if this was a common problem. Thanks for any help

thx Lia, any chance to start off with Graphene OS based on Android 9 and keep FDE?

No.

Profile-based encryption uses FBE

ok, thx

<sentientted[m] "Hey, sorry if this has already b"> You checked the APN settings for your carrier?

Autopsy: I tried finding the apn in the settings and cannot find it, would you be able to tell me where it is?

deepthought: I'm not sure why you wouldn't want per-profile encryption where the data can become at rest when a profile is logged out, rather than the key being stuck in memory after early boot until the device is off

deepthought: in fact, considering that your phone is probably on nearly all the time, I'm not sure what you really get from FDE vs. a sophisticated adversary unless you have time to turn off the phone

Iirc wrappedkey is a thing

That makes FBE outperform

I would accept FBE on top of FDE as and additional security measure

<sentientted[m] "Autopsy: I tried finding the apn"> Usually network > mobile network,

Might be a thing with pixel 5

deepthought: layering encryption on more encryption doesn't make it more secure

[deepthought](matrix.to/#/@deepthought:matrix.org): you do realize you're technically fde right?

Metadata encryption basically gets you close to FDE anyway

Double encryption usually doesn't work well

it's not about it not working well but that it's security theater

all data and file names are encrypted

Autopsy: Yeah that is the problem that I found out, it is not there on android 11 and I cannot find anything showing where it is. Do you have any other idea where i could find it, do you think it could be in developer options?

[sentientted](matrix.to/#/@sentientted:matrix.org): it's a bug

Does anybody know if this still up-to-date?

I'm working on fixing it

deepthought: no

[sentientted](matrix.to/#/@sentientted:matrix.org): please pm me asap

deepthought: and it's somewhat misinformed in the first place

I am unable to test the fix myself

not written by someone that knows what they're talking about or tried to educate themselves on the topic first

but rather they have preconceived opinions and regular take the opportunity to push those

I'm not sure why you care what's written by a consistently dishonest and manipulative person who pushes misinformation after it is corrected

all you have to do is look at their twitter feed and how they regularly do that over and over again

goal is clearly not makings things better or educating others

they mostly do it about things like bitcoin

strcat: Thx, I am just used to FDE and I personally consider FBE less secure

deepthought: okay, I'm not sure how a key for the entire data partition in memory from early boot until power off (how often is your phone powered off?) is more secure

but you do you

what value does FDE have on a device that's always powered on?

anupritaisno1: just so you know I already pmed you, but there is no rush

to properly benefit from encryption you need fine-grained encryption where you can keep data at rest

FYI BDE (the FDE you're talking about) actually leaks metadata anyway

I doubt you turn off your phone even when you're asleep

Android already mounts filesystem's with allow discards

See system/vold

So BDE really

It's debatable if it does not leak metadata

if you want to properly benefit from encryption you need to use profiles

It might be leaking more

and if there was only FDE you could not take good advantage of it in practice

because how often do you actually have your phone powered down

Never?

and if your concern is a sophisticated adversary, and the phone is powered on / decrypted, it's not really defending against them

the key is right there in memory

until it's powered off again

[strcat](matrix.to/#/@strcat:matrix.org): BTW what about wrappedkey?

at least with per-profile encryption you can keep sensitive data in a profile you rarely use

BDE?

There is a key in ram but it is invalid after a reboot

anupritaisno1: none of that seems very relevant to this

The real key is in keymaster

anupritaisno1: the TEE keymaster

Yeah

and the TEE memory is the same physical memory as the SoC just partitioned with IOMMU protection

Google might tie it with the titan M

TEE is not a secure element

anupritaisno1: but they don't use it AFAIK

Titan M doesn't have an API for that stuff just the regular keystore API

Yes

Already tried on pixel 4

I'm sure it can work but it uses TEE

The kernel driver is there but it refuses to set up wrapped keys correctly

I don't really see how that helps anything

<deepthought[m] "BDE?"> Block device encryption

the only benefit of keeping the encryption key away from the OS is if an attacker compromises the OS they get all your data but maybe they don't get the persistent encryption key

so if they're kicked out of controlling the device

but without wiping

and then somehow get physical access later on

they can't decrypt it

seems like a super contrived, basically useless threat model to me

anupritaisno1: Thx, that's what I meant by saying FDE

so yeah it's an improvement

You're not technically encrypting your entire disk

but I don't think wrappedkey or similar features have much real world benefit

You're encrypting a part of it

deepthought: with FBE, all data and file names are encryption, data is encrypted on a per-block basis like FDE

anupritaisno1: Yes, I know, some parts must be kept unencrypted

i.e. generally 4k blocks

file names are encrypted in 32 byte blocks on GrapheneOS (16 byte on the stock OS)

Also FDE actually works a lot better

* Also FBE actually works a lot better

Might not be noticeable on pixel

* deepthought: with FBE, all data and file names are encrypted, data is encrypted on a per-block basis like FDE

CAF had broken discard support for hardware accelerated BDE for several years

Google never used it

But this meant most old phones used to slow down

A lot

deepthought: either way all data is encrypted, FBE is just finer-grained since there can be per-directory / per-file keys, that's the difference

Is discard really important considering the lifespan of a phone today?

deepthought: file names are padded out to 32 byte blocks so the length of a file name isn't known (just multiple of 32 byte, nearly all files are <= 32 byte names though, and I'm unaware of data being stored in file names)

deepthought: yes, it's important, and I don't know what you mean by the lifespan of a phone

and I'm not sure why that matters anyway

<deepthought[m] "Is discard really important cons"> Trim is important

I prefer to be concerned about real things based on threat models

not imaginary stuff and baseless FUD

I never use trim/discard on encrypted PC partitions

deepthought: and why is that? can you justify it?

<strcat[m] "all you have to do is look at th"> Matthew Green does seem have a thought-provoking Twitter feed. This thread from this morning is particularly concerning- commenting on a Nation article about DHS surveillance nitter.net/matthew_d_green/status/1308406474864033800#m

The performance hit is huge

kryptonymous: really not sure on the relevance

US politics is a bad fit for this channel

<strcat[m] "deepthought: and why is that? ca"> Basically users trim a lot and then ask why their performance sucks

Continued in OT

don't most devices just have a configuration that uses fstrim

anupritaisno1:

information content of the TRIM information will be small.

TRIM simply discards unused blocks

anupritaisno1: saout.de/pipermail/dm-crypt/2012-April/002420.html

strcat: Yes, I know what it does, never enabled it on my PCs

the only information is which blocks are used / not used

nothing beyond that

with FDE chances are the attacker gets your device with the data decrypted anyway

with FBE you can partition it between profiles and at least avoid them getting the device with more than the active profile decrypted

I would not enable it on a phone either as lifespan of a phone is 2-3 years because after that time, there are not security updates anmyore. I am not a phone power user, so why would trim be a huge advantage for me

we want to provide more control over user profiles so there is direct control over keeping a profile active in the background (for example, to receive alerts of notifications) or logging it out immediately so that the data is at rest again

it's one of the things being worked on

various aspects of improving profiles

since it's one of the most important encryption features along with being very useful for isolating workspaces with different shared data

encryption is no good if you just keep data decrypted all the time

strcat: I do not really need the partitioning of FBE as I do not store secret stuff on my phone, but I agree that it is useful for others

that's like how many companies claim data on their servers is encrypted because they use FDE

but the servers are just always on and decrypted

<strcat[m] "that's like how many companies c"> Useless

deepthought: I think you're misunderstanding why it's useful and how profiles can be used then

strcat: Yes, that's right.

If police, etc want to raid they can do freezing attacks and so on

strcat: That may be the case

deepthought: also just because the granularity is currently limited to profiles doesn't mean it can't be more granular

[strcat](matrix.to/#/@strcat:matrix.org): BTW encryption does help

it only helps if it's at rest or it's an unsophisticated adversary

<strcat[m] "kryptonymous: really not sure on"> Agree politics are a low-level waste of time. But the article Matthew Green cited (thenation.com/article/politics/homeland-security-portland) was not focused on politics, but on phone cloning and surveillance. The journalist, Ken Klippenstein, is reputable. Protection from the these illicit activities I would imagine would be of particular concern to GOS

users.

Example the homeserver I'm chatting from has SED + dm-crypt

So that if my provider throws the drives away nothing is disclosed

But even my provider openly admits it won't protect against an advanced adversary

kryptonymous: I don't see the relevance to the discussion or channel

you're just being contrarian with little basis and for no clear reason

You can just open a SED by not cutting off the drive's power and data can be extracted from RAM anyway

someone linking a story you think is interesting doesn't mean they are an honest person

and I really don't see the relevance to their bias and manipulative behavior when it comes to these things

Hi all

I forgot my password and now my phone is useless. Graphene os on the latest release for 3a. I managed to POWER OFF+VOLUME DOWN and now I'm stuck on choice "start/power off/BarCode/Rescue mode/Recovery Mode/Restart Bootloader"

Can I somehow safe my phone (full wipe) and start all over?

which are plainly visible from looking through their feed about how they act when it comes to topics like this

You referenced Matthew Green's twitter feed. I try to learn from you and others every day. That's the only reason I went there. Just trying to make sense of everything

and what I said is that they always take the opportunity to push misinformation when it suits them

and don't retract it

and continue pushing it

that doesn't mean their feed consists solely of misinformation

it means you can't trust what they say

[riapreg](matrix.to/#/@riapreg:matrix.org): select recovery mode

Once booted to a dead android logo press power and then press volume up

Use the volume up/down keys to go to factory data reset and use power to confirm

Ah BTW

they are smart and know better, but choose to feign ignorance and push misinformation when it suits them

Think I forgot my pixel 4 password too

You'd mentioned Bitcoin above- is that in particular a topic on which he disinforms?

Shit

Anyway there was nothing important on it

kryptonymous: encryption, secure messaging, cryptocurrencies, mobile phone security, mobile OS security, various privacy topics, web browsers

strcat: anupritaisno1 Thx for the information and answers

they like to push a lot of misinformation

sometimes they change their mind and push misinformation in the other direction

they are almost as likely to spread FUD about iOS as Android even though they are a pretty fervent iOS fanboy

can't trust what they say, it's that simple

<anupritaisno1[m] "Think I forgot my pixel 4 passwo"> 42069

inherently dishonest person

so for example they always promote Signal but then every now and then they'll push some FUD about it when they dislike something

they don't stick to factual criticism

BTW, in Linux it is possible to do FDE and e.g. Encfs, or additionally encrypt files with pgp

same for stuff like Telegram and lots of other things

there is legitimate criticism mixed in with a whole lot of FUD

and they know it's not true

they just don't care

anupritaisno1: yes. correct. thanks a lot! you saved me 😉

I found some more references regarding issues with FBE

deepthought: and what about the issues with FDE?

Interesting. OK thanks.

comparted to FDE it was not just the link I sent

[deepthought](matrix.to/#/@deepthought:matrix.org): how many times does it need to be said?

FBE + metadata encryption is equivalent to BDE

Or better in some cases

it's not equivalent

anyway it's not interesting to discuss a technical topic based on conjecture and claims not based on how it actually works

if you wanted to use FBE with a global boot passphrase and use it the only way you can use FDE, nothing stops you from using it that way

Metadata encryption does encrypt sector 0 though

I don't find metadata encryption to be much an improvement but sure it has that now

file names were already padded + encrypted

* if you wanted to use FBE with a global boot passphrase to use it the only way you can use FDE, nothing stops you from using it that way

there is no data that's not encrypted - the difference is not that

the difference is that FBE is granular so it's more flexible in how it's used and can be used in a way that provides finer-grained encryption keys

either way all data is encrypted

The difference it, the device did not boot the full OS yet with FDE

FBE is what enables per-profile encryption keys and the ability to explicitly store data that's device encrypted which is what makes it so that accessibility services don't need to disable credential-based encryption like before (since it's per-profile)

and for example our Updater app explicitly opts into direct boot and stores the downloaded updates with device encryption

deepthought: the device booted the OS either way

deepthought: and while FBE enables finer-grained encryption keys it doesn't force that to be done

deepthought: I don't think designing around a global boot passphrase makes much sense especially when the real value is in data that's kept at rest while locked

but FBE certainly does not prevent using that approach

either way, FDE or FBE, all data stored is encrypted

if you wanted you could use a single global encryption key with FBE

it's not a property of whether you use block layer or filesystem layer encryption

the filesystem layer encryption as used in the default AOSP encryption has per-profile encryption keys, that's a higher level design choice

it wasn't possible with FDE, but FBE obviously doesn't force doing it that way

previously if you enabled an accessibility service

with FDE

credential-based encryption was simply disabled

because how else could it work? it didn't have the flexibility to be able to configure anything (including security restrictions) before entering the passphrase

so also

the setting for a limit on the # of attempts to decrypt couldn't really work with FDE at least without a hardware implementation

and you didn't have a way to get an over-the-air security update without decrypting all data so you couldn't apply a security fix in a situation where you didn't want to decrypt your data

among other examples

and of course having per-profile encryption keys is a pretty big deal especially considering how focused we're going to be on profiles

strcat: anupritaisno1 Thank you.

profiles are the way that the OS provides having separate identities / workspaces

apps can't share data or communicate across them

and that's the only way you can have multiple instances of an app

previously with a boot passphrase, the owner of the device would have to enter that on boot and then everything is decrypted until it's powered off

vs. the approach of per-profile encryption keys based on the per-profile lock method

with support for convenience via secondary unlock mechanisms (currently biometrics, but if you look in the tracker, we have plans for 2-factor secondary unlock)

so you can set a passphrase for each profile, the passphrase is required for the initial unlock (on boot, or if it was logged out after usage)

secondary unlock mechanisms are only used for lockscreen security + protecting keystore

How do you recover from 2fa?

they don't weaken encryption

anupritaisno1: what do you mean

it's a secondary unlock mechanism

Let's say your fingerprint hardware broke

it doesn't matter if it stops working or you forget it

What now?

anupritaisno1: so you're inconvenienced by having to log in with your passphrase every time instead of only for the initial unlock

don't really see how 2FA secondary unlock changes that

* don't really see how 2 factor secondary unlock changes that

[strcat](matrix.to/#/@strcat:matrix.org): wait so is 2fa like a simpler passphrase + biometric and you keep a complex passphrase for encryption?

it will work exactly as secondary unlock mechanisms already do

anupritaisno1: yes it's simply the ability to add a 2nd factor (PIN, passphrase) to secondary unlock

it has nothing to do with the primary unlock mechanism used for the profile's encryption key

secondary unlock is only usable for a limited time and a limited # of attempts after primary unlock

and of course can't be used for the initial unlock

that's how it already works, this is how it is now

So what's the threat model?

the feature we plan to add is just the ability to add a PIN + passphrase to secondary unlock

Somebody can't unlock when you're asleep?

we want people to be able to use a strong passphrase for their primary unlock mechanism

while having convenience

which is why the existing secondary unlock feature is useful

but right now secondary unlock only offers biometric options (IR-based face scanning or IR-based fingerprint scanning)

Also I hear biometric manager now uses the same methods for face and fingerprint so what stops this feature from being implemented?

so we want to add the ability to add a PIN + passphrase for secondary unlock

so then it's knowledge + biometric instead of just a physical thing

it's a straightforward feature

anupritaisno1: nothing stops it from being implemented

there are a lot of planned features on the tracker, this is one of them

Does seem there's challenges

making the UI

is the main challenge

not really much of a challenge

Care will need to be taken to make sure we store the passphrase somewhere secure

you don't store passphrases

Like we can't put the passphrase in the DE by accident

<strcat[m] "you don't store passphrases"> Yes hashed

Can we reuse the per user code for pin scrambling?

I don't remember how we implemented the setting for that

I don't think it can be done the same way

the main 'challenge' is figuring out the existing UI flow, where to put this, and implementing the UI securely

since it's largely a UI security feature (it only works when the profile is already logged in with the main unlock method)

maybe we could wire it up to further secure the keystore locking security

but that might not be realistic

Basically don't create a system ui bypass vuln?

keystore protects keys that are tied to lock state when locked

and of course that's based on lock methods

ideally it would use fingerprint + PIN for that not just fingerprint

but it may not be realistic to do that

[strcat](matrix.to/#/@strcat:matrix.org): also

the main unlock method isn't something we want to change other than perhaps removing the bad choices (pattern, PIN) and limiting PIN to secondary unlock

but I don't think it makes sense to remove those choices from secondary profiles

Should the password be asked here?

no

it's solely about secondary unlock

FYI, the link does not work for me jollyrogers.ca/public/grapheneos-channel-rules.txt

Unable to connect

[strcat](matrix.to/#/@strcat:matrix.org): so secondary password only on lock screen?

yes

keep it simple

Not if a biometric app wants it?

it's unrelated to that

biometrics can be set to only be usable in apps rather than secondary unlock

they're separate uses

(it's just only in the Settings app for face unlock atm)

[strcat](matrix.to/#/@strcat:matrix.org): then should this password be backed on titan m or no?

look at the face unlock settings on the Pixel 4

<strcat[m] "look at the face unlock settings"> Oh BTW they need fixing

anupritaisno1: no - there's no reason to store it anywhere but the profile's credential encrypted data

what about it needs fixing?

Unless you are on the dark theme some UI elements are not visible

Happens on the official GSI too

atm the priorities are SetupWizard and the APN stuff

really need that done this week

APN probably today

Waiting for this build to finish

Also not sure if we can fix that face unlock issue [strcat](matrix.to/#/@freenode_strcat:matrix.org)

Might need to decompile the face unlock app and fix the resources

no

I don't really see why it would be a problem

copying their xml configuration is an easy option but we could also just figure it out ourselves

Well it isn't

and I don't know why you say there might be a possibility we can't fix it

doesn't make any sense

Just a few instructions on the setup screen aren't readable

ok and it's just some ui code

why wouldn't we be able to fix it

even if we didn't have something to use as a reference we could fix it

Dunno

We can?

there are other minor issues with dark vs. light theme in some of the UI

no reason it can't be fixed

How would you

we just don't have the Settings app fully configured properly

don't know what you mean

but you not knowing how to do something doesn't mean it can't be done

a minor UI issue is entirely fixable

<strcat[m] "we just don't have the Settings "> So more overlays?

if that's the problem

usually the problem is we're missing resource configuration

no point of doing it with overlays if we want the same configuration across all devices

we can just change the default Settings resources

look at the existing examples in the Settings repo

the Settings app has resources you can use to configure various aspects of the appearance, which settings are enabled and to add things like demonstration graphics

Doing it

even if it didn't we can just change the code

but any differences are going to be from resources

[strcat](matrix.to/#/@strcat:matrix.org): actually I think I got it

So the problem is white text on white, maybe some resource is hardcoded somewhere?

I was able to figure that out in the past working on oms

Anyone have any opinions on the safety of using KeepassDX on graphene

bypassbobby[m]: It's an open-source app, and you can deny it network access

I mean if authorities got the phone how secure is it

may be it depends on your master password

bypassbobby: Do you mean if the authorities get the phone while it's unlocked?

Lynn had a quick look at it and said it appeared respectable. They are a cryptographer who had a closer look at Aegis Authenticator github.com/lynn-stephenson/analysis…r/Aegis%20Authenticator%20v1.1.4.md

If the phone is locked they'll have to unlock it first to even try at your encrypted password databse.

They said use Aegis over andOTP

Yes if they somehow unlocked the phone and keepass was the only thing between them and all my password

* Yes if they somehow unlocked the phone and keepass was the only thing between them and all my passwords

bypassbobby[m]: I suggest watching vimeo.com/95066828 from 16:33 onwards for a threat model vs a government

bypassbobby: should be reasonably safe. Guess if you had biometric database unlocking enabled and they were able to fake your biometrics you passwords are theirs

Otherwise would depend on the strength of your passphrase.

Is it possible to open veracrypt files on graphene

<jpds "bypassbobby: I suggest watching "> Thanks I'll check that out

16:13* actually

I'm thinking an encrypted USB would be better to load the encrypted container with my passwords on

<jpds "16:13* actually"> What the hell was that haha

I know a lot of people here like to use profiles..

Working on having seedvault back up profiles...

<bypassbobby[m] "Is it possible to open veracrypt"> Theres EDS - sovworks.com/index.php also EDS lite on fdroid, which is an older version.

Any timeline for when Android 11 is coming to GrapheneOS?

<faxing[m] "Any timeline for when Android 11"> Likely soon github.com/GrapheneOS/os_issue_tracker/milestone/2

faxing: Android 11 GrapheneOS is in the Beta channel