Privacy

38853 readers

904 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

Can someone explain if Cellebrite (or similar tools) can bypass your device's Encryption? (sh.itjust.works)

submitted 1 day ago by throwawayacc0430@sh.itjust.works to c/privacy@lemmy.ml

13 comments fedilink hide all child comments

I'm talking about this article that I remember reading last year, but I never fully comprehend it. https://archive.md/qgBWB

Especially one of the images:

What does "BFU Extractions" mean? Does it just straight up bypass any lockscreen, even Before First Unlock?

The first time I came across that article, I just assumed if you have a strong password, your fine, now I'm not so sure, I'm starting to get a bit paranoid... 😖

you are viewing a single comment's thread
view the rest of the comments

[–] Max_P@lemmy.max-p.me 4 points 22 hours ago

It's derived by both a key from the TEE and the PIN/password.

The reason for that is so you need both the user's correct password, and the TEE to agree to hand out the key, which it may refuse to do if there's been too many attempts. When you factory reset it just generates a new key, instantly making all the previous data permanently inaccessible. The TEE will also wipe the key if you unlock the bootloader or try to break in the wrong way.

It's still only roadblocks though, extract the key from the TEE and you have unlimited attempts on what are usually weak 4-6 digit PINs. It's not a lot of tries. Then you better hope you had a good password.