GrapheneOSAndroid 16 QPR2 experimental releases will be available soon. We're dealing with a lot of attacks on the project branching off from the smear campaign in France. We'd appreciate if our community would debunk this nonsense across platforms for us so we can focus on QPR2. Thanks.
If you see the fake story about someone claiming to be charged with premeditated murder because GrapheneOS supposedly didn't protect their data, see https://nitter.net/GrapheneOS/status/1997126386968903972 for a thorough debunking. Their story keeps changing and clearly isn't real. They may be a career criminal but this is fake.
halfredgreenapple@GrapheneOS Genuine doubt: How does GrapheneOS try to protect OS users from HNDL attacks? Other case is If the memory chip is removed, it will no longer have the protection support of the Titan M2.
@halfredgreenapple Read https://grapheneos.org/faq#encryption which explains how disk encryption is implemented. Copying the fully encrypted data from the data partition does not bypass anything. It's encrypted with randomly generated keys which are themselves encrypted with key encryption keys derived from the lock methods for each profile. Hardware-based key derivation ties it to the SoC and there's per-profile throttling by the secure element requiring the correct lock method to fetch a necessary token.
@halfredgreenapple If you use a random 6 digit PIN, that's secured based on the secure element having extremely aggressively throttling. On the currently supported devices, it's now more aggressive at ramping up delays than what we have documented there where it took 140 failed attempts to reach 24 hour delays between each attempt. It now ramps up even faster than that. If you use a strong passphrase then you don't depend on hardware-based security but it's still helping anyway.