iris.to Open in urlscan Pro
188.114.97.3  Public Scan

Form analysis
0 forms found in the DOM

Text Content

IRIS

0
~$0.00
HomeSearchAbout
Sign up

Trending Notes

Condemned Fish

23h

For about seven months after publishing Broken Money, I was so burned out from
writing. I had written that book within a year, while also writing public
articles and private client reports as usual. So I was basically just absolutely
dead in terms of writing, had pushed myself a bit too far, and was kind of
phoning it in for articles and reports the next few months with gradual
recovery. But within the past couple months, my writing energy has fully
returned. So many articles in the pipeline, in various states of development!
36
4
241

Prickly Ape

18h

#GrapheneOS
uncovers leaked documentation for smartphone exploits by Cellebrite. XRY and
Cellebrite say they can do consent-based full filesystem extraction with iOS,
Android and
#GrapheneOS
. It means they can extract data from the device once the user provides the lock
method, which should always be expected. They unlock, enable developer options
and use ADB. Cellebrite's list of capabilities provided to customers in April
2024 shows they can successfully exploit every non-GrapheneOS Android device
brand both BFU and AFU, but not GrapheneOS if patch level is past late 2022. It
shows only Pixels stop brute force via the secure element.

Cellebrite has similar capabilities for iOS devices. This is also from April
2024. We can get the same information from newer months. In the future, we'll
avoid sharing screenshots and will simply communicate it via text since to
prevent easily tracking down the ongoing leaks.

Pixel 6 and later or the latest iPhones are the only devices where a random 6
digit PIN can't be brute forced in practice due to the secure element. Use a
strong passphrase such as 6-8 diceware words for a user profile with data you
need secured forever regardless of exploits. Pixels are doing a bit better on
the secure element front and iPhones are doing a bit better against OS
exploitation, but not by much. As always, this shows the importance of our
auto-reboot feature which gets the data back at rest after a timer since the
device was locked. Our focus in this area is defending against exploitation long
enough for auto-reboot to work. It's set to 18 hours since the device was locked
by default, but users can set it as low as 10 minutes. Since around January, we
massively improved security against these attacks. By default, our recently
added USB-C port control feature disallows new USB connections in AFU mode after
the device is locked and fully disables USB data at a hardware level once there
aren't active USB connections. Users can set it to also do this in BFU or even
when unlocked. Users with a high threat model can fully disable USB including
USB-PD/charging while the OS is booted to only allow charging while powered off
or booted into the fastboot/fastbootd/recovery/charging modes. GrapheneOS on 8th
gen Pixels is ideal due to hardware memory tagging. Consent-based data
extraction (FFS) is not in the scope of what we're trying to defend against
beyond shipping our secure duress PIN/password implementation to replace
insecure approaches via apps. Data users can backup is inherently obtainable
with consent, which is nearly all. Within the past 24 hours, there has been an
attack on GrapheneOS across social media platforms misrepresenting consent-based
data extraction as GrapheneOS being compromised/penetrated. The person doing it
is pretending to be multiple people and falsely claiming we covered it up.
GrapheneOS is the only OS having success defending against these attacks. We
could do more with a successful hardware partnership such as having encrypted
memory with a per-boot key instead of relying on our kernel memory zeroing
combined with auto-reboot and fastbootd zeroing. New versions of iOS and Pixel
OS often invalidate their existing exploits, but devices in AFU are stuck in AFU
mode waiting for new exploits. Random 6 digit PIN is only secure on a
Pixel/iPhone and only due to secure element throttling. Use a strong passphrase
to avoid this. If you wonder why duress PIN/password is taking so long, it's
because we aren't doing it for show like existing implementations. It needs to
work properly and guarantee data will be unrecoverable with no way to interrupt
it. Slowly rebooting to recovery to wipe isn't acceptable. See
https://x.com/GrapheneOS/status/1775305179581018286
for our thread covering the firmware improvements we helped get implemented in
the April 2024 release for Pixels. It doesn't currently really help the stock
Pixel OS because they haven't blocked the OS exploits that are being used yet
but it helps us. Our hope is that our upcoming 2-factor fingerprint unlock
feature combined with a UI for random passphrase and PIN generation will
encourage most users to use a 6-8 diceware word passphrase for primary unlock
and fingerprint + random 6-digit PIN for convenient secondary unlock. Cellebrite
documentation and has stated they'll upload future versions of it if you want to
look at the rest of it:
https://discuss.grapheneos.org/d/12848-claims-made-by-forensics-companies-their-capabilities-and-how-grapheneos-fares/4
We have info on XRY, Graykey and others but not the same level of reliable
details as this.
31
61
100

Hot Caterpillar

23h

GOOD MORNING NOSTR, STAY HUMBLE AND STACK SATS 🫡
69
7
128

Empty Aardvark

12h

I started making a conscious effort to be nicer a few years ago and my life
greatly improved. My self talk used to be extremely negative because my parents
spoke that way to me as a child. I interrupted that pattern by treating myself
the way I treat my children. With kindness, patience and understanding. Ask
yourself, if someone talked to your loved one the way you talk to yourself would
you be ok with it? If the answer is no it’s likely time to address it.
22
9
123

Lively Blackbird

14h

The average laser-eyed
#Bitcoin
 pleb has a better understanding of monetary policy and economics than most
bankers and government officials.
14
7
94

Empty Aardvark

22h

This church took 632 years to build. Heinrich Heine explained: "Men in those
days had convictions; we moderns have opinions. And it needs more than opinions
to build a Gothic cathedral." Bitcoin is our cathedral.

24
9
97













































Trending hashtags
#bitcoin
#grownostr
#nostr
#plebchain
#photography
#art
#nature
#caturday
#artstr
#coffeechain
#asknostr
#grapheneos
#introductions
#photostr
#siamstr
#foodstr
#buyintoart
#tunestr
#dogstr
#catstr
#gm
#lightning
#travel
#mastoart
#music
#zap
#plebs
#ayearforart
#japan
#grownstr
#btc
#weirdstr
#artwork
#memes
#comic
#homesteading
#100pushups
#fedigiftshop
#farmupdate
#silentsunday
#giftideas
#fediart
#proofofsteak
#djtrolling
#winamp
#blooming
#plantstr
#gardening
#naturephotography
#bloomscrolling