this post was submitted on 21 Jul 2024
11 points (100.0% liked)

GrapheneOS [Unofficial]

60 readers
6 users here now

Welcome to the GrapheneOS (Unofficial) community

This feed is currently only used for announcements and news.

Official support available on our forum and matrix chat rooms

GrapheneOS is a privacy and security focused mobile OS with Android app compatibility.

Links

More Site links

Social Media

This is a community based around the GrapheneOS projects including the hardened Android Open Source Project fork, Auditor, AttestationServer, the hardened malloc implementation and other projects.

founded 3 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
11
GrapheneOS Comments On Cellebrite Developments (grapheneos.social)
submitted 1 month ago by [email protected] to c/[email protected]
2 comments fedilink hide all child comments
 

Cellebrite Premium documentation we published in May and which recently received a lot of media coverage was from April 2024. Someone has shared a newer version of the iOS table indicating Cellebrite caught up to iOS 17.5.1 or higher along with the iPhone 15 for the OS exploits.

It's common for them to fall behind by a few months for new iOS and Android versions. Android and iOS have no secure way to automatically get devices back into Before First Unlock from After First Unlock as GrapheneOS does so attackers can simply wait until they have an exploit.

We're currently waiting for one of our several sources to provide us with the new Android and iOS documentation. We aren't going to post the leaked iOS table in this thread because we can't confirm that it's authentic yet. We should have the new documentation quite soon though.

It's unfortunate that there was a whole bunch of secondary news coverage where it was misreported that Cellebrite was unable to exploit current iOS based on documentation from April 2024. It's July 2024 now, and they've had months to restore the capabilities broken by an update.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 3 points 1 month ago (1 children)

I don't think I'd call that "misreported", just not up to date. It's not like reporters knew there was a development in that area.

[โ€“] [email protected] 3 points 1 month ago

They are paid to research and report on a topic after all, so it would make sense for them to double check that everything is up to date.