Technology

59555 readers

4979 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

143

Leaked Documents Show What Phones Secretive Tech ‘Graykey’ Can Unlock (www.404media.co)

submitted 3 days ago* (last edited 3 days ago) by misk@sopuli.xyz to c/technology@lemmy.world

11 comments fedilink hide all child comments

Mirror: https://archive.is/2024.11.19-141227/https://www.404media.co/leaked-documents-show-what-phones-secretive-tech-graykey-can-unlock-2/

top 11 comments

sorted by: hot top controversial new old

[–] TechnoFish@lemm.ee 26 points 3 days ago (1 children)

One good thing about windows phones was that hardly anyone would have been insane enough to spend resources to develop a forensic tool for it.

[–] IDKWhatUsernametoPutHereLolol@lemmy.dbzer0.com 26 points 3 days ago (1 children)

Lol, did you see what windows computers do? They literally upload your key to microsoft. Like they aren't event hiding the fact. If you don't create a microsoft account to allow for the upload, then they just store the key unencrypted and its effectively like no encryption.

[–] lud@lemm.ee 3 points 2 days ago

That's because people are stupid enough to never write down their keys and it's better to have somewhat worse encryption compared to no encryption.

In an enterprise the recovery keys are most often stored in AD or Entra.

[–] jet@hackertalks.com 20 points 3 days ago* (last edited 3 days ago) (2 children)

https://discuss.grapheneos.org/d/17505-graykey-leaked-doc-of-android-device-capabilities

https://grapheneos.social/@GrapheneOS/113510696930156578

[–] muntedcrocodile@lemm.ee 8 points 2 days ago (1 children)

So essentially grapheneos is keeping me safer than google lol.

[–] q5VtXnYt@infosec.pub 6 points 2 days ago

Always has been

[–] WhyJiffie@sh.itjust.works 10 points 2 days ago

It's a bit ironic that on the forum the poster did not remove the tracking parameters from the google drive link

[–] just_another_person@lemmy.world 23 points 3 days ago (1 children)

Anyone have the linked docs from the article? Looks like archive didn't get them in time.

[–] GlenRambo@jlai.lu 3 points 3 days ago

Its linked in other commenters post

[–] mac@lemm.ee 6 points 2 days ago* (last edited 2 days ago) (1 children)

Has there been any information about how long physical access is needed for these attack methods to extract data?

I've got my auto restart set at 8 hours, in graphene's mastodon thread, they say 10 minutes is best for highest levels of security. The short time frame given in that thread makes me wonder if these exploits give instant access to data.

[–] jet@hackertalks.com 8 points 2 days ago* (last edited 2 days ago)

Typically the attacks don't take 10 hours.... they take seconds, what takes time is getting the captured device a laboratory and the laboratory having time to look at it. So what will happen usually is the phone is put into a faraday bag, hooked up to a usb charger, and put on a shelf until the laboratory can get around to it.

Once the lab starts attacking the phone, it could take seconds as I said above, but some attacks are more involved requiring the phone to be disassembled and leads soldered onto the board. The restarting is about reducing the time the lab has before they can start and finish their attack

The same process applies to computers and laptops as well, there are lots of mouse jigglers for sale to prevent a screen saver from going on.