zlacker

[return to "Graphene OS: a security-enhanced Android build"]
1. throwa+Ou[view] [source] 2025-07-25 01:55:04
>>madars+(OP)
The main missing feature is password under duress that would open a different “user”. So even if you’re forced to give away your password they won’t get to the real account (some hidden profile or similar).

At least hidden profiles would be good enough for basic protection.

They have this which wipes your device, but you can get killed under duress. https://discuss.grapheneos.org/d/14722-using-duress-password...

◧◩
2. mbanan+Zv[view] [source] 2025-07-25 02:04:29
>>throwa+Ou
GrapheneOS community manager here. The problem with something like this is that it cannot be reasonably hidden when it would be exposed by someone using basic tools. Our Duress PIN/Password feature doesn't make any attempts to mask itself, precisely because we think doing that only gives people a false sense of security.

We think there's a good chance a motivated adversary is going to be familiar with GrapheneOS and its features, and the more mainstream it becomes, the more this can mean "your abusive significant other" rather than someone at the border.

The moment people know this feature exists, it can become dangerous even if you don't use it. You can be threatened to unlock, and even if you do, the adversary can choose to not believe you since they can think you're just hiding it. That puts you in a dangerous situation where they think you can provide something that's literally not there.

It's a very difficult problem to solve, and we don't think that proposal can solve it.

◧◩◪
3. throwa+Fw[view] [source] 2025-07-25 02:09:42
>>mbanan+Zv
Tbh I’d say 99% of the criminals won’t know about this.

Let’s say someone have you at gunpoint, you can just give your mains profile pass.

If they don’t even know there is a secret profile you’re good to go.

You’re right, they might assume you’re hiding, but I’d say 99% won’t know what’s even graphene and from those who know I’d say they might force you and you can have 3 sets of bank accounts:

Main profile: 100 Secondary: 1000 Terriary: $$$

Also if you hide all traces of grapheneos would be safer too. Nobody even knows is graphene, so they can’t even check what features you have. Again we are talking about 99% of the criminals, not the tech savvy 1%.

I’d prefer plausible deniability like Vera crypt than what we have now.

◧◩◪◨
4. mbanan+qx[view] [source] 2025-07-25 02:14:28
>>throwa+Fw
You can argue most bad people won't know about it - but I would say we can't really know.

I think the main problem is that people can be affected that aren't even using it, which is why it is such a big problem. You can't really hide it's GrapheneOS either, even just by virtue of the features available on the device, you'll be able to deduce what it is.

I understand the idea behind it but it simply isn't realistic to provide and can put people in danger - the very thing it's meant to prevent.

◧◩◪◨⬒
5. throwa+ry[view] [source] 2025-07-25 02:21:31
>>mbanan+qx
But also in your case criminals can threaten you to give access to bank accounts you don’t have.

When I say hide, again for 99% of the people. Splash screen, setting spoofing. Sometimes good enough is better than perfect.

And even if the attacker can see the other profile you can just say was your friend’s profile and it’s lost.

Or better, not sure if possible: export the profile in a file like veracrypt. Then when you need the profile import from this file and would restore the secret profile.

[go to top]