←back to thread

Leaker reveals which Pixels are vulnerable to Cellebrite phone hacking

(arstechnica.com)
446 points akyuu | 1 comments | 30 Oct 25 23:12 UTC | HN request time: 0s | source
Show context
derbOac ◴[30 Oct 25 23:39 UTC] No.45766747[source]
They couldn't answer the question most on my mind: "We’ve reached out to Google to inquire about why a custom ROM created by volunteers is more resistant to industrial phone hacking than the official Pixel OS. We’ll update this article if Google has anything to say."
replies(10): >>45766778 #>>45777056 #>>45778032 #>>45778056 #>>45779079 #>>45779102 #>>45779404 #>>45780503 #>>45781099 #>>45783125 #
IncreasePosts ◴[31 Oct 25 21:45 UTC] No.45777056[source]
Is grapheheOS actually harder to hack or does cellebrite just not put a lot of effort into supporting it because the very low odds of LEs running into one in the wild?
replies(5): >>45777082 #>>45777144 #>>45777155 #>>45779084 #>>45779157 #
zb3 ◴[31 Oct 25 21:56 UTC] No.45777144{3}[source]
It physically disables USB ports when locked which significantly reduces the attack surface + can be configured to automatically reboot.
replies(2): >>45777712 #>>45778612 #
fph ◴[31 Oct 25 23:08 UTC] No.45777712{4}[source]
Two fixes that would be trivial to backport to mainline Android.
replies(3): >>45777832 #>>45777836 #>>45779218 #
ls612 ◴[31 Oct 25 23:27 UTC] No.45777836{5}[source]
iOS already does both of this afaik. At least the automatic reboot part, I think the USB data functionality is disabled in some cases while locked too.
replies(4): >>45777949 #>>45779169 #>>45779282 #>>45780058 #
int0x29 ◴[31 Oct 25 23:46 UTC] No.45777949{6}[source]
iOS is also compromised according to other cellebrite docs so that makes me think Graphene OS just might not be worth the effort for them.
replies(1): >>45777984 #
ls612 ◴[31 Oct 25 23:52 UTC] No.45777984{7}[source]
iOS was hackable in 2024 for certain hardware (in particular the checkm8 era phones) or for iOS versions which had known vulns at that point. Modern hardware with updates was still listed as “in research” which means “we can’t”.
replies(2): >>45778484 #>>45779287 #
1. strcat ◴[01 Nov 25 04:37 UTC] No.45779287{8}[source]
No, that's wrong. You're basing your claims on outdated leaks of Cellebrite documentation showing they didn't support the most recent iOS version yet, which they did end up support weeks later. You can't simply point to outdated documentation where they were working on catching up to claim they don't support those versions and devices today, which is in fact untrue.