509
Even State Department-funded Human Rights Watch admits that authorities combine legal and illegal methods to obtain convictions: https://text.hrw.org/report/2018/01/09/dark-side/secret-origins-evidence-us-criminal-cases
Combining dragnet surveillance with device hacking is intended in the design of both tools. Hence, State Department-funded Signal dupes you into handing over your identity as part of the population-centric mapping. In custody, your phone will be hacked when it is taken away if it's important.
https://xcancel.com/hannahcrileyy/status/2034273723667161480#m
I wouldn't bet my life on GrapheneOS in person despite being a fan of the project due to wanting to treat my phone as a computer
*actually forgot to mention they charged the duress password guy with destruction of evidence this isn't speculative at all lmao
Yeah tails does have graphene beat, but a lot of folks see a phone as a necessity. Graphene is best if you're gonna have a phone. It can turn off the USB port where it can't even be charged without being off. It can reboot itself if not unlocked frequently enough, putting the phone back into a BFU state.
Now it's possible that there's some exploit a state knows that is not public, but the software they generally use does not work on graphene as long as you are not running a pre-2022 version of graphene. Someone else mentioned rubber-hose cryptanalysis, but like if I'm getting beat for my unlock, then what do I care about getting charged with destruction of evidence?
personally, my bet is that they don't have anyone qualified enough to pull off an exploit like that (on me).
the problem with my bet: what we've seen is that they won't care, and accuse individuals of terrorism based off the color of their clothes.
I just refuse to believe Google doesn't have some kind of hardware backdoor, or that Motorola won't once that is up and running.
hardware vulnerabilities undoubtedly exist, whether intentional or not. its simply the nature of designing these complex semiconductors.
that said, if one company intentionally creates a backdoor, won't they all? what phone do you buy at that point?
any startup or small phone company may not have intentional backdoors, but I can guarantee their hardware security on all other levels pales to what apple and google can accomplish. I think the question then becomes are you more worried about google having a backdoor, or about third party compromises?
im not a fan of our choices, there is no silver bullet.
It’s about knowing that any phone can have a backdoor and being careful on how you use it. Don’t bring your phone to a protest.