| ▲ | Johnny555 4 days ago | |
>...because it is doing far more hardening than iOS against these attacks. iPhones also have security element, but the companies developing attacks, had successfully bypassed secure element throttling from Apple for years (and are doing the same with Samsung and Qualcomm Is it true that Pixels are more hardened against brute forcing the security module and that iphones (and other phones) are easily bypassesed by these hacking tools? | ||
| ▲ | bri3d 4 days ago | parent | next [-] | |
I don't think I agree with this assessment; I have a lot of respect for GrapheneOS but they are very prone to this type of puffery, especially in face of criticism. The information in this and other GrapheneOS articles comes from a leaked copy of the Cellebrite support matrix which is shipped with their end-user (law enforcement) devices, so it's a point-in-time look at one vendor's capabilities in one product line. At the time this article was written, Cellebrite had brute force-based passcode access to iPhones before the iPhone 12 (prior to the Secure Storage Component), and supposedly had support for the iPhone 12 on iOS versions prior to 17 in development (vs. just under research), while they had no access to bruteforce on Android devices using the Titan M2 (Pixel 6 and later). The general trust model is pretty similar: the user's passcode is entangled with (predictable) secure entropy and used to derive a key encryption key which can unlock the filesystem. Firmware running on a secure processor rate-limits passcode attempts. Apple's implementation is well-documented here: https://support.apple.com/guide/security/secure-enclave-sec5... . Google's implementation is called Weaver and I'm less sure how it works cryptographically, but it seems conceptually similar. For more about the support matrix: https://osservatorionessuno.org/blog/2025/03/a-deep-dive-int... Overall I would say that a modern iPhone running the latest iOS and a modern Pixel running GrapheneOS represent the absolute state of the art in protection, and seem to have pretty similar public support from forensic vendors. The article is right that essentially everything else is junk; hardware vendors by and large seem to really struggle to implement secure software (including ROMs and bootloaders). | ||
| ▲ | DANmode 4 days ago | parent | prev [-] | |
Yes, except for "easily". | ||