Most active commenters
  • LoganDark(3)
  • subscribed(3)

←back to thread

Leaker reveals which Pixels are vulnerable to Cellebrite phone hacking

(arstechnica.com)
452 points akyuu | 16 comments | 30 Oct 25 23:12 UTC | HN request time: 1.119s | source | bottom
Show context
derbOac ◴[30 Oct 25 23:39 UTC] No.45766747[source]
They couldn't answer the question most on my mind: "We’ve reached out to Google to inquire about why a custom ROM created by volunteers is more resistant to industrial phone hacking than the official Pixel OS. We’ll update this article if Google has anything to say."
replies(10): >>45766778 #>>45777056 #>>45778032 #>>45778056 #>>45779079 #>>45779102 #>>45779404 #>>45780503 #>>45781099 #>>45783125 #
LoganDark ◴[31 Oct 25 23:59 UTC] No.45778032[source]
GrapheneOS makes security trade-off that are inconvenient to the user. This results in a far more secure device, but nonetheless a device that the general public would find far more annoying. Google would lose a proportion of its user base by implementing the same protections.

Example: https://old.reddit.com/r/GooglePixel/comments/ytk1ng/graphen...

Also Google Pay is missing.

replies(4): >>45778078 #>>45779111 #>>45779935 #>>45780063 #
zb3 ◴[01 Nov 25 00:07 UTC] No.45778078[source]
Which particular thing you consider inconvenient or even annoying? You can even install Google Play there.

I see just one minor tradeoff - no face unlock.

replies(4): >>45778348 #>>45778541 #>>45779117 #>>45781598 #
1. LoganDark ◴[01 Nov 25 01:32 UTC] No.45778541[source]
Google OS-level integration is absent, and while Google Play Services can be installed, you're still missing things like Chromecast. Also, there's more manual configuration (although I don't remember exactly what, I've never used GrapheneOS). A lot of stuff you do get for free, but not all of it, and stuff that's been removed as a "feature" isn't always stuff that nobody wants.
replies(4): >>45778799 #>>45779066 #>>45779070 #>>45779960 #
2. Mehvix ◴[01 Nov 25 02:32 UTC] No.45778799[source]
> stuff that's been removed as a "feature" isn't always stuff that nobody wants.

Graphene isn't made to cater to what everyone wants. Face ID and fingerprint unlocking so clearly have no place in a hardened OS. "Google OS-level integration is absent" should not be suprising.

This said, you ought to be able to have BFU security with stock Android and it's embarrassing Google ships stock vulnerable.

replies(3): >>45778814 #>>45779136 #>>45781614 #
3. LoganDark ◴[01 Nov 25 02:36 UTC] No.45778814[source]
> Graphene isn't made to cater to what everyone wants.

I know! My entire point is Graphene wouldn't be a good choice for the stock OS on a mass-market phone. The Graphene devices will be great, but if Google were to replace their stock OS with Graphene there would be problems.

replies(2): >>45780593 #>>45786075 #
4. gonzalohm ◴[01 Nov 25 03:38 UTC] No.45779066[source]
Is it really missing Chromecast? I read that it works if you have Play services (but haven't tried)
replies(2): >>45780172 #>>45782144 #
5. tranq_cassowary ◴[01 Nov 25 03:39 UTC] No.45779070[source]
That's because the OS integration is priviliged and that's problematic. On GrapheneOS Play runs sandboxed, like any other user-installed app.
6. tranq_cassowary ◴[01 Nov 25 03:54 UTC] No.45779136[source]
Fingerprint is present in GrapheneOS. Face unlock and pattern unlock are left out because insecure. Patterns unlock is insecure in design. You start at a certain point and the next points you can go to are very limited (not the same point again and you have to be able to reach it). This makes it hard to make a strong lock. Face unlock is insecure because lack of proper hardware for it on the supported phones. Fingerprint is secure. Coercion can be worked around via 2FA feature (fingerprint + pass/PIN).
7. elric ◴[01 Nov 25 07:59 UTC] No.45779960[source]
I have no idea what you're talking about. Graphene is my daily driver. "Manual configuration" does not ring any bells. Google OS-level integration being "absent" is a core feature, not an annoyance.

The problem with Graphene is that some app publishers are absolute asshats, they think their app is "more secure" when they require the Google verification spiel, when it is the other way around.

replies(1): >>45780790 #
8. gilrim ◴[01 Nov 25 08:47 UTC] No.45780172[source]
Nah, works without issue. None of the complaints mentioned in this thread is true. There are some issues wrt corp spyware like intune device management, but the kinks are being worked through and figured out (tldr: required apps from corp must be manually installed when activating profile).
9. scheeseman486 ◴[01 Nov 25 10:26 UTC] No.45780593{3}[source]
Virtually every issue I have with GrapheneOS stems directly from the lack of Google Play Integrity causing app incompatibilities. There's some little bits of friction here and there like security mitigations causing app crashes, but when that happens the OS tells you exactly what happened, why, and how to prevent it in the future (there's toggles to disable specific mitigations on a per-app basis). If the OS was deployed widely, those crashes would likely disappear as patches get deployed by developers.

It's very polished and completely usable as a daily driver.

10. mordnis ◴[01 Nov 25 11:12 UTC] No.45780790[source]
Is the battery life better with Graphene?
replies(1): >>45781185 #
11. gf000 ◴[01 Nov 25 12:39 UTC] No.45781185{3}[source]
I would say, similar. In theory it may be slightly worse, because you are not using play services to deliver notifications, but each app does their own fetching (I believe that's how it works), but you will also restrict apps more (due to e.g. being able to restrict network access), so the two sort of cancel out.
replies(2): >>45781481 #>>45782134 #
12. mordnis ◴[01 Nov 25 13:28 UTC] No.45781481{4}[source]
I see. Thanks for the feedback!
13. chasil ◴[01 Nov 25 13:47 UTC] No.45781614[source]
Graphene on my Pixel 6 certainly does support fingerprint unlocking.

I prefer pattern unlock, which it does not support.

14. subscribed ◴[01 Nov 25 14:57 UTC] No.45782134{4}[source]
Yes unless the app offers Unified Push (like Molly vs Signal).
15. subscribed ◴[01 Nov 25 14:59 UTC] No.45782144[source]
No, works fine for me from sandboxed (very much unprivileged) YouTube, New Pipe And VLC.

I do have sandboxed Google services installed.

16. subscribed ◴[01 Nov 25 22:38 UTC] No.45786075{3}[source]
Okay, but who cares to be honest? :)

If the general public prefers unsafe phones, they can chose literally any else brand. This is never going to be a mass market phone because of the tradeoffs that are perfectly fine for the intended recipients (eg people who believe a torch/calculator app REALLY doesn't need internet access, or that their Instagram REALLY doesn't need to have access to ALL the photos/videos.