Sheesh, the US is sure getting scary. Well, it's a good thing it would be impossible to trace Signal to someone via metadata like a phone number, right?

DJ Putler@lemmy.ml · edit-2 9 days ago

Sheesh, the US is sure getting scary. Well, it's a good thing it would be impossible to trace Signal to someone via metadata like a phone number, right?

gnuthing [they/them]@lemmygrad.ml · 9 days ago

In custody, your phone will be hacked when it is taken away if it’s important.

Unless I turned off the USB port…

Collatz_problem [comrade/them]@hexbear.net · 9 days ago

They can turn it back on. Or they can apply some rubber-hose cryptanalysis.

DJ Putler@lemmy.ml · edit-2 9 days ago

I wouldn’t bet my life on GrapheneOS in person despite being a fan of the project due to wanting to treat my phone as a computer

*actually forgot to mention they charged the duress password guy with destruction of evidence this isn’t speculative at all lmao

gnuthing [they/them]@lemmygrad.ml · 6 days ago

Yeah tails does have graphene beat, but a lot of folks see a phone as a necessity. Graphene is best if you’re gonna have a phone. It can turn off the USB port where it can’t even be charged without being off. It can reboot itself if not unlocked frequently enough, putting the phone back into a BFU state.

Now it’s possible that there’s some exploit a state knows that is not public, but the software they generally use does not work on graphene as long as you are not running a pre-2022 version of graphene. Someone else mentioned rubber-hose cryptanalysis, but like if I’m getting beat for my unlock, then what do I care about getting charged with destruction of evidence?

f3nyx@lemmy.ml · 8 days ago

personally, my bet is that they don’t have anyone qualified enough to pull off an exploit like that (on me).

the problem with my bet: what we’ve seen is that they won’t care, and accuse individuals of terrorism based off the color of their clothes.

DJ Putler@lemmy.ml · 8 days ago

I just refuse to believe Google doesn’t have some kind of hardware backdoor, or that Motorola won’t once that is up and running.

f3nyx@lemmy.ml · 8 days ago

hardware vulnerabilities undoubtedly exist, whether intentional or not. its simply the nature of designing these complex semiconductors.

that said, if one company intentionally creates a backdoor, won’t they all? what phone do you buy at that point?

any startup or small phone company may not have intentional backdoors, but I can guarantee their hardware security on all other levels pales to what apple and google can accomplish. I think the question then becomes are you more worried about google having a backdoor, or about third party compromises?

im not a fan of our choices, there is no silver bullet.

Salah [ey/em]@hexbear.net · 7 days ago

It’s about knowing that any phone can have a backdoor and being careful on how you use it. Don’t bring your phone to a protest.