this post was submitted on 04 Nov 2025
125 points (100.0% liked)

Android

20589 readers
314 users here now

The new home of /r/Android on Lemmy and the Fediverse!

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

πŸ”—Universal Link: !android@lemdro.id

πŸ’‘Content Philosophy:

Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.

Support, technical, or app related questions belong in: !askandroid@lemdro.id

For fresh communities, lemmy apps, and instance updates: !lemdroid@lemdro.id

πŸ’¬Matrix Chat

πŸ’¬Telegram channels / chats

πŸ“°Our communities below

Rules

  1. Stay on topic: All posts should be related to the Android OS or ecosystem.

  2. No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to !askandroid@lemdro.id.

  3. Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to !androidmemes@lemdro.id.

  4. No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.

  5. No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.

  6. No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.

  7. No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.

  8. No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.

  9. No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!

  10. No affiliate links: Posting affiliate links is not allowed.

Quick Links

Our Communities

Lemmy App List

Chat and More

founded 2 years ago
MODERATORS
ijeff@lemdro.id
ladfrombrad@lemdro.id
Paradox@lemdro.id
multimoon@lemdro.id
mikestevens@lemdro.id
Devgard@lemmy.world
limerod@reddthat.com
Netrunner@lemdro.id
125
Leaker reveals which Pixels are vulnerable to Cellebrite phone hacking (arstechnica.com)
submitted 1 week ago by schizoidman@lemmy.zip to c/android@lemdro.id
11 comments fedilink hide all child comments
top 11 comments
sorted by: hot top controversial new old
[–] Mikina@programming.dev 67 points 1 week ago

unless they’re running GrapheneOS.

Nice, this is good to know.

[–] GeneralDingus@lemmy.cafe 33 points 1 week ago (1 children)

To answer the question at the end of the piece: google doesn't give a fuck.

[–] RedGreenBlue@lemmy.zip 9 points 1 week ago (1 children)

It's likely that holes are left intentionally.

[–] frongt@lemmy.zip 5 points 1 week ago

I guarantee that on at least one occasion, the US government has blocked the release of a patch because they were actively exploiting a vulnerability and not done yet.

[–] Lojcs@piefed.social 17 points 1 week ago* (last edited 1 week ago) (1 children)

In the bfu columns it says bfu: yes bf: no. And in the other columns it says ffs: yes bf: no. So they can't access the full file system from bfu, they can only access.. bfu? What does that mean? They can clone the encrypted storage? 'Unlock' the system partition?

[–] Truscape@lemmy.blahaj.zone 16 points 1 week ago* (last edited 1 week ago) (1 children)

Before First Unlock, After First Unlock: when you first reboot your device, storage is completely encrypted with no background processes unless you enter your password for the first time.

"BFU" exploits are processes that work before first unlock, and can access the full contents of the phone's storage, communications, account data, etc...

After first unlock refers to the phone after that stage (even if you lock your phone afterwards, it's AFU. Restart is needed for complete security).

FFS presumably stands for "Full File System [access]".

BF is Brute Force (cracking the security password without fear of being locked out/data wiped).

[–] Lojcs@piefed.social 1 points 1 week ago (1 children)

I wasn't asking about the acronyms...

In the afu columns they specify that their tool can get full file system access. But in the bfu columns they only specify if they can or cannot access bfu. They can't access the full contents of the phone as in that case those would also read ffs: yes. So that means there's a hack they can do on bfu that doesn't allow access to the file system but is still useful enough to advertise.

[–] Truscape@lemmy.blahaj.zone 2 points 1 week ago

Ah, good catch. In the BFU state the device is fully encrypted, so maybe that indicates that they can't access encrypted data inside the device without brute forcing the decryption key (which may not be possible). In comparison, AFU should have lower barriers to data access.

(This is why GrapheneOS has a setting that lets you auto reboot after a set amount of time without unlocking the device.)

[–] Lowleekun@hexbear.net 6 points 1 week ago

" ...can extract data from most Pixel phones if they don't run GrapheneOS" Stopped right there because it means I am fine 😎

[–] voytrekk@sopuli.xyz 2 points 1 week ago (1 children)

Would these exploits work even if you had the USB port set to charging only?

[–] possiblylinux127@lemmy.zip 0 points 1 week ago

Maybe? If they were targeting the boot process it wouldn't matter