20 August 2024

The most secure smartphone operating system?

On this planet duopolies rule, where there can also be anti-competitive behaviour or 'rigging' if one takes a deep dive into the subjects.

From supermarkets to politics to even geopolitical boundaries, consumers, constituents, citizens are realistically afforded only two choices.

In the smartphone world all the competition has been destroyed where there are only two main consumer operating systems that being Apple iOS and Google’s Android, neither of which respect your privacy or even security.

There is however one smartphone operating system which is the baseline for all Android smartphones in its most ‘purest’ form that being AOSP (Android Open Source Project) where manufacturers such as Google and Samsung later load up the operating system with their own ‘spyware’.

There are a few organisations that offer Android in its barest form, which then has privacy and security enhancements by LineageOS, /e/ foundation, GrapheneOS, CalyxOS, which run on new and older smartphones.

Cellebrite, an Israeli firm long regarded as an industry leader, is used to hack into peoples smartphones by governments within the FiveEyes global surveillance network, and also anyone else who will pay their fee, including hostile governments that abuse people's Human Rights, indicating that Israel 'supports' Human Rights abuse by those 'bad actors'.

Enter GrapheneOS, which is available on Google’s Pixel phones.

How ironic a ‘de-Googled’ Google phone.

Cellebrite are still unable to exploit locked GrapheneOS devices unless they're missing patches from 2022. A locked GrapheneOS device also automatically gets back to BFU from AFU after 18h by default.


See tables below:



"GrapheneOS is defending against these tools with generic exploit protections rather than by patching specific vulnerabilities. Until recently, it's likely that it was our generic memory corruption exploit mitigations including hardened_malloc which was successfully stopping this.

In February 2024, we added a new feature for disabling the USB-C port at a hardware level. In March 2024, we set the default mode to "Charging-only when locked, except before first unlock". In June 2024, we increased the default security level to "Charging-only when locked".

Later in June 2024, we extended our software-level USB protection, merged it into the newer hardware-level protection feature and extended the hardware-level protection to pogo pins on the Pixel Tablet. There's extremely strong protection against these USB-based attacks now.

Here's the Cellebrite Premium 7.69.5 Android Support Matrix from July 2024 for overall Android devices. Other than the Titan M2 on the Pixel 6 and later not being successfully yet to bypass brute force protection, it's largely just based on what they've had time to support."

See link: https://discuss.grapheneos.org/d/14344-cellebrite-premium-july-2024-documentation

If you truly value your privacy and security, then this would be reflected in your non-use of Apple or Google's Android smartphones from manufacturers like Samsung, Motorola, Nokia, et al.

No comments: