Android Security and Countersurveillance With GrapheneOS

Hello everyone. Yeah, I'm Andrew. Uh I have I broke the previous presentation as you heard. Uh hopefully this one doesn't get broken. Uh so among among other things uh I don't just break presentations. I also break like you know web applications and such. I'm a security engineer but a passing interest of mine is in is uh researching surveillance technologies and specifically how people can avoid being surveiled by whatever they might be worried about getting surveiled by. Uh so today I'm going to be talking about graphino uh and giving some practical tips for evading the ponopticon. So a quick outline of our talk today. Uh first I'm going to give some motivation uh for why I'm giving this talk, what

we're going to be talking about, why we should care about any of this. Uh we're going to talk about some of the privacy issues that are inherent to uh Android uh default Android stock Android as I'm going to refer to it. Uh then we're going to talk about Android's security model and how exploits like if you've heard of Pegasus and stuff like that, how those exploits on a on a high level how they work. We're going to talk about Android's disc encryption uh and how that works. We're going to talk about how tools like Celbrite exploits that dis encryption. Uh and then we're going to talk about graphino and how it defends against all these things and

then also what it cannot defend you from. Finally, I'm going to give a little a few tips about practical implications of all this. So if you decide to use graphine OS, how you can use it uh and what it will mean for you. Uh and then at the end I'm going to have citations throughout this talk. You're going to notice that on my slides uh I have little footnotes. Those points to some slides at the end. I'm going to upload all these slides to GitHub uh after this talk. So if you want to fact check me, feel free. Um and also it means that like if don't don't feel pressured to like take pictures of

slides if there's useful information on there. All of that will be accessible after the talk even before the recording goes out. Okay. So, first some motivation. Why should we care about privacy at all? Well, your phone is a federal informant. I uh say this for a number of reasons. I have a quick like sizzle reel of uh news articles here. The Department of Homeland Security recently spent millions of dollars to buy cell phone data uh and use that to track Americans uh both inside and outside of the US. Uh foreign governments as well might be uh spying on your notifications on your phones. Uh, celbrite has been increasingly used by the federal government to crack people's phones. Uh,

it's also used abroad in, for example, Jordan to crack dissident phones. Uh, and ICE, who I'm sure we all have great opinions on, uh, is using uh is using fake cell towers in order to spy on people. Uh, they also, uh, bought a tool that tracks hundreds of millions of phones every day. So, this is obviously pretty bad. Uh I would say who is at risk of this kind of surveillance though uh activists obviously uh lawyers journalists like at risk demographics like queer people, people who are seeking abortions, immigrants etc. Uh some security researchers are also at risk of especially being targeted by foreign governments. Um you probably have loved ones who fall into at least one of these categories.

Let's see if like a show of hands. Who here has a close friend or a loved one who is one of these things? That is the entire room. That is literally everybody. >> We're all security engineers. >> Okay, sure. What if we don't count the last category? Let's get another show of hands. Okay, that is still the exact same entire room. Uh, this is something that I don't think I necessarily have to address, but I'm going to do it anyways. Whenever we talk about privacy, there's always somebody who's like, "Well, why should I care about privacy? I have nothing to hide." Well, you don't have to be a criminal in order to be targeted by a government.

Uh, for example, here's a statistic. 70% of people who were deported by ICE last year had no criminal convictions. Let that sink in for a little bit. Uh, also like journalists and lawyers, even if they're entirely above board, entirely doing everything exactly legally, they are they still have to be extra diligent about OBSSE because it's not just their security that matters. It's the security of their clients or of their uh sources, etc. Uh this talk I'm going to focus on three categories of threats against Android. Uh leakage of private data uh so like kind of standard privacy stuff as you might uh think of it. I'm going to talk about remote compromise of your devices.

So like zero days and such. Uh and local device compromises so like celebrate. Uh with all that let's launch into the first category data privacy. Uh the question that I want to address here is what data leaves your phone before anyone has a chance to seize your phone. Uh obviously we cannot talk about data privacy without talking about data brokers. Data brokers are companies that collect, buy and sell personal data. Uh and for them data from people's mobile phones is extremely valuable. Uh when I talk about extremely valuable here's safe graph uh is uh one data broker. They pay between a dollar and $4 per user per year to app developers uh for access to their location data. So you

can imagine if you are an app developer and you like made some GPS app that has a 100,000 users, you can make a h 100k from selling their location data to this one data broker. Uh Ventel is another massive data broker. They give the feds access to their database for like $20,000 per 12,000 queries or so. Uh many data brokers have contracts which are worth half a million or more. Uh and the the market for data from mobile phones is worth more than 12 billion globally. Moreover, Google is a data broker. Google obviously makes Android. We don't tend to think of them as a data broker. We think of them as a tech company, but

75% of their revenue comes from targeted advertising. For all intents and purposes, their business model is that of a data broker. They don't necessarily sell your data to other people, but they use your data in order to profit and sell advertisements to other people. So, what data do these data brokers collect? Location, very obviously. Uh, in fact, Android is able to collect your location even if you disable your GPS. Uh, they can estimate your location from what nearby Wi-Fi network names uh are. Uh, data brokers love collecting what apps you have installed. This might not seem too sensitive at first, but it turns out 99.4% of users can be uniquely fingerprinted by this uh by the list of

installed apps. When you think about it, like it is very unlikely that anyone out there has the exact same set of apps installed on their phone as you do. People probably have very strong overlaps, but there's almost not almost never going to be anyone who has the exact same list of apps. Uh contacts obviously are extremely valuable. You can use that to profile connections between people, see who's friends with whom. If you're like a government of like trying to surveil activists or something for example, that is going to be extremely useful. uh hardware ids and advertising ids are also going to be great for uh being able to associate data that is aggregated on mass with

like particular devices and you know crash analytics diagnostic info etc etc there are millions of things that uh data brokers love collecting from your uh from your devices here is an image I have Babel Street is a data broker this is a screenshot that a private investigator took of them using their service in order to view all of the unique mobile devices as seen in a mosque in Michigan. Uh I'm I I don't think I have to like spell out too too much about why this is especially creepy and uh dangerous. Uh but each of the red dots, I'm not sure how how visible it is for the audience, but each of those red dots is a unique data point of we saw a

particular device at this location uh at a particular time. And this location data, it's not just for advertising, right? If you have enough location data points, you can see home addresses like where people spend the night. You can see like a target's religion and place of worship as we saw in the previous example. Uh we can see associations between people. So like which devices frequently appear nearby other devices. We can see people's travel history when they cross borders etc. We can see lists of people who visit sensitive locations. So like abortion clinics, embassies, support groups for atrisisk individuals etc. If there's a protest happening uh location data can be used to figure out who went

there. So this isn't just a matter of data brokers using this for advertising. That is like their that is how we think of their business model usually but uh the federal governments can use this data for a whole lot more than just advertising. How's this data collected from phones? Uh obviously it is corrected collected directly through the operating system by you know Google, Samsung, whoever manufactures your particular device. Uh in fact Samsung devices will send analytics both to Google because it's Android and to Samsung because it's Samsung Android. Uh so you kind of get a a two for one special there. Uh Android and iOS both uh send telemetry on average like once every 5 minutes. Even

if your phone is completely idle and you're not using it whatsoever. Uh this happens even if you select like opt out of collection telemetry privacy whatever if you opt out literally everywhere you will still be getting sending telemetry at least once every five minutes. Um moreover app developers uh can directly sell your data to data brokers or on what is called a bidstream auction. So that is where they they there is an auction for people can say hey I want right now to show an ad for someone fitting this demographic info in this location. Uh and then app developers can sell your sell your device basically on this auction house. Uh the the person who's buying that is both able to show

an advertisement to you and is able to immediately know your location. They know like oh someone fitting this demographic info was in this location at this time. uh advertising uh SDKs uh get embedded in apps all the time uh and those are collecting as much data as they possibly can and sending it off to data brokers. In fact, 90% of apps on the Google Play Store have some sort of tracker embedded in them. Uh who buys this data? Well, other data brokers. There is a whole market of selling data from data broker to data broker. Uh in the process of researching this talk, I actually saw uh a a government documents where they were complaining about how one of the data

brokers that they have a contract with was actually just buying data from a different data broker and then selling it for a higher price. Um okay, advertisers, obviously insurance companies love getting data so that they can see exactly like how how high of a premium they should charge you. Uh the cops, the FBI, the DHS, ICE, etc. They love data. Buying location does not require a warrant. Getting your location from like, you know, obviously the feds can go to AT&T and say, "Hey, tell me when this where which cell tower this customer was closest to at this time." That requires a warrant. Buying someone's location data does not. Uh the military also loves buying uh

people's data, but if you are worried about getting air strikes, I cannot help you. I'm sorry. What about data that doesn't get sold? uh a lot of data is collected by Google and Apple or Samsung or whoever. It's not they don't sell it to anybody, but they're still storing it on their servers. Even when they're not using it for targeted advertising, it's still a liability. For example, push notifications. All push notice on Android and iOS have to go through Google or Apple's servers. This is like a concern for like uh battery optimization. If you have every single app on your phone constantly pinging different servers to get push notice, that's going to drain your battery

battery really quickly. So instead, they all reach out to one centralized server and when an app wants to send you a notification, they send it to Apple or Google first and then it forwards it to your phone. Uh the feds routinely subpoena these uh message contents uh and use that for for surveillance. Up until recently, Apple didn't even require a warrants from the feds in order to turn over people's notifications. And with most apps, this means that the cops can just see all of the data in there. Even if you're using like a secure messaging app like Signal or whatever, they still get metadata. So in the case of Signal, uh when they send you a push notification, they just send

a completely like they send null to Apple or Google uh and then that notification gets forwarded to your phone and then that tells the signal app, hey, you should reach out to the signal server to pull a a message. So your message contents aren't in the notification, but uh it still tells uh the cops that this person received a message at this exact time stamp. And that is itself useful. Uh some apps that claim to be end to end encrypted actually inadvertently end up leaking message contents because they just put them into push notifications, send them off to Google and then don't think about it. Uh this is pretty rare. Like I said, Signal doesn't do that. I

think WhatsApp doesn't do that, but they might be leaking some other data. I forget. Um so the bottom line of this section is stock Android does not provide any kind of guarantee of privacy. How about security? Let's talk about Android security model. So Android as you may know is based on Linux. Uh but it has its own additional security model which is layered on top of that. Uh the key components of that are SE Linux uh which has like mandatory deny by default access control for all processes both system and user processes. So if a process tries to uh access something, it needs to be explicitly allowed to access that. Uh and it will be denied by default

otherwise. Uh application sandboxing. This the most critical one. Uh each app that you have on your phone runs as a separate Linux user with a different user uh ID. Apps can't access each other's data uh without interprocess communication which requires like kind of both apps starting communication on starting with Android 9. So quite a while now. Uh each app runs in its own separate SE Linux context and starting with Android 10 uh apps have only very very limited direct access to your file system. For the most part they they should not have access to the vast majority of your files. Uh permissions. This is the one that's the most userfacing and obvious. Uh users have to

explicitly grant apps access to like their location, their contacts, etc. Um and uh the final piece of the puzzle is verified boot. So when you are booting up your Android phone, it will be cryptographically verifying every single stage of that boot process starting from a hardware root of trust. Uh we will talk more about those later. Uh usually you also have something called rollback protection. Uh which like if there is a vulnerability in a given version of Android and the user upgrades to a newer one which patches that out, an attacker shouldn't be able to then just downgrade their uh OS back down to the to the to the older version. Uh usually this is

implemented with an efuse. Uh I can't uh yeah whatever. Sandboxing. Let's dive a little bit deeper into that. Uh app sandboxing has two main benefits. Uh installing a malicious app does not immediately compromise your full system. Like if you if you are on a Windows machine, right? Or like just a laptop, right? If you install a malicious app, it is going to immediately start like reading your Discord tokens and trying to mine Bitcoin and trying to scrape like your cash for like whatever whatever cookies it can find, etc. On Android, if you install a malicious app, it should not be able to access other apps data. Uh similarly, if there's a vulnerability in a legitimate app like a buffer

overflow or something, uh it's going to have reduced impact because you need to after exploiting that buffer buffer overflow, you need to also escape from the sandbox that the app is running in. As a result, a typical exploit chain which is used by an attacker is going to look something like one, you get code execution. After that, you have to escape from a sandbox. Then you escalate privileges, you establish persistence, and then you excfiltrate data. Just a second. So, uh the main attack surfaces for that initial code execution uh are going to be stuff like media parsing. So, uh if if there are images getting parsed or PDFs getting rendered, fonts, these are all uh places that require like pretty

complex logic. So there is very often uh vulnerabilities found there. Uh messaging apps and uh VIP services uh in particular a lot of uh Android zero days uh have the initial point of compromise is WhatsApp uh some sort of zero day there and then the uh the attacker pivots from there. Uh browser engines are another big one. Uh Chrome zero days are huge. Uh this one's less common, but it is still an attack surface of like bassband and like the the firmware for the chip on your uh device that actually uh interacts with like Bluetooth and Wi-Fi and uh local USB exploits. So exploits that you can that you can do locally by plugging something into the phone and uh

doing something that way. Uh all of these exploits they are usually deployed uh to deploy spyware for nation states, right? Unlike on like a desktop computer where a lot of the malware that you see is people once again trying to mine crypto or like steal your credentials for something or whatever. In this case, if you have an if you have malware on your Android phone, I would say odds are that is the result of some sort of nation state attack. Um so let's talk about nation state spyware. Uh there is a large market for this just like with location data. Uh as an example uh the NSO group sells Pegasus which you have likely heard of.

Uh, Intellexa sells a competing product called Predator. Uh, Kandiru has Sherlock and so on. These exploits uh, they are sold to governments in order to target journalists, dissidents, politicians, human rights lawyers, just like you know all the cool people basically. uh and can be routinely sold for millions of dollars. Uh in like some of them I I saw one it was a contract for you could have 15 concurrent infections for $15 million and then if you wanted to infect someone else you had to either pay 15 more million dollars or like drop one of your old infections. Exploits uh like these are usually either one-click exploits. So like somebody goes to a page in their browser

and that exploits their browser or they open a file that exploit exploits the like PDF renderer or they might even be zero click. So like you send a message to someone and it instantly compromises them. Uh a quick note about patches. So security patches the Android's ecosystem is very complicated. It's not just like you know just Microsoft rolling out patches or just Apple. Uh you have a whole bunch of OEMs, whole bunch of vendors. Each of them has different Android versions, different hardware and so on. So there is often a very large gap of time between when a patch gets released and when the vendor actually applies the patch and rolls it out to users.

So attackers can often use publicly available end days as zero days where it is already publicly known that this is a vulnerability. People know what the vulnerability is. There is maybe even a patch that has been like publicly released for it but it hasn't been applied to basically anyone. So attack can just use it as a zero day. In fact, uh, in 2022, this is a Google analysis, variants of known vulnerabilities, known zero days, accounted for 40% of in the wild exploited zero days. So even users who have very, very good patch hygiene can be vulnerable. So to summarize uh the state of Android security, you have sandboxing and strict permissioning, which makes remotely exploiting these phones pretty

difficult, but still feasible for nation state attackers. Now, we talked about attackers getting data from your device through data brokers and through spyware. What if they can seize your device? Let's talk about device encryption. So, on Android, you have two types of device encryption. I saw a little dance in the audience when I got to this point. Um, you have full disk encryption, which uh was supported on Android 5 through Android 9. It's no longer supported on modern versions. It would encrypt just all of your user data with a key which would be protected by your PIN and then as a result after you would reboot until you would put in that PIN for the first time your phone calls

your alarms etc they wouldn't work because the data can't be decrypted. So uh later Android rolled out something called file-based encryption uh from starting from Android 7 onwards. So here for each user you have two different storage spaces. Uh credential encrypted CE storage and device encrypted DE storage. Uh data which needs to be accessible before you unlock the phone for the first time is in DE storage. So like data that is necessary for like connecting to Wi-Fi, receiving phone calls, getting alarms, etc. Everything else goes into CE storage. So let's look at exactly what goes into DE storage because obviously it is in a less secure state than CE storage. You have device info, so like your IMEI,

your MAC addresses, what patch version you're running on, etc. You have SIM card data. Uh you have what accounts are in use on the device. If you have like Google account, uh Google accounts that are signed in, uh that's going to be necessary. You have saved Wi-Fi networks and their passwords. Uh it makes sense that this needs to be accessible because your phone should be able to connect to Wi-Fi after you reboot, right? And it needs those Wi-Fi passwords in order to do that. a list of installed apps which uh in this case if if someone has physical control of your device you might be thinking like okay it's not too bad if they know what apps I have

installed but if you're in like a extremely authoritarian regime the mere fact that you have like tour installed on your phone is already just going to send you to prison so like this is a non-negligible threat for people with some threat models uh and connected Bluetooth devices uh are also in there um all of this info that I'm sharing here comes from an excellent write up that I have linked uh by Matia Epipani. Uh so shout out to him. So uh most Android users use a PIN which is like four to six digits long, right? That's obviously not secure for encrypting your data directly. It's going to be brute forced very trivially. So instead, what Android does is it

encrypts f credential encrypted files with a key that is stored in a secure element. And then the secure element when you put in your PIN, it verifies that PIN. If it's correct, then it will decrypt your files for you. Uh and the the security comes from the fact that the SE is supposed to throttle uh like brute force attacks. Like if you if somebody if an attacker tries to just put in a million pins, uh the secure element is supposed to throttle that very quickly. If implemented well, uh this should defeat like a brute force attack. Uh we'll see later that it isn't always implemented well. Uh secure elements are manufacturer specific. So on modern Pixels, you have

a chip called the Tyson M2. Uh you have on flagship Samsung, so like the Samsung S 24 or whatever, like the the S series, those have something called the Nox Vault. Uh on mid-range Samsung, so like an A55 or whatever it's called, you have a a trusted execution environment, which isn't a separate chip. It is like it is on the same SoC as as everything else. Um and Qualcomm based phones use also a trusted execution environment. So notably, only the Titan M2 and the Knox are actually discrete chips. And the reason you want a discrete chip is because trusted execution environments are going to be more susceptible to like side channel attacks etc. Uh you can

still have an insecure uh dedicated security chip as my friend Max will will tell you. Um but in general it is is a it is going to be more secure if implemented correctly. Uh if you're interested in learning more about the Titan M2, there was a good talk about it at CCC last year. Uh so let's put it all together. Uh an Android device can be in one of three states. There is before first unlock or BFU. This is when the device is locked. Uh you have not put in your PIN yet since the last reboot. So the OS can access device encrypted data. It cannot access uh credential encrypted data until you put your PIN in. There's after unlock uh

which is where your device is locked but you have put in your PIN since the last time you rebooted. So you put in a PIN, you lock the device again but you haven't rebooted again. Uh, in this case, the OS can access all data. And finally, unlocked. Obviously, if you put your PIN in and then you don't relock the device, it's going to be unlocked. There are companies on the market who offer tools for dumping data from all three of these states. That brings us to Celebrite and others. So, these companies forensic extraction companies, uh, they offer tools for cracking mobile phones. Uh, Celbrite is the most widespread. You've probably heard of them in a ton of cases. Uh MSAB

is like a Swedish company if I remember correctly. They offer something called XRY. I don't think it stands for anything. They just want to sound cool. Uh Oxygen offers Oxygen Forensic Detective. There's Gray Key by Gray Shift, which has since been purchased by Magnet Forensics. Whatever the point is, all of these tools are actively used by cops in the US and abroad. The real world capabilities of these are a bit murky. It's kind of hard to tell exactly what they can and cannot do. Uh but um so the reason for this is that which devices and OS versions they support is constantly changing as they find new zero days, zero days get patched etc. uh I my best estimate of

what they can and cannot do based on like leaked slide decks from the companies uh like marketing materials that are publicly available some really really good reporting from 404 media. Everyone please subscribe to 404 media. They are really good journalists. Um my best estimate is that full file system extraction, so like uh when a device is unlocked, uh extracting basically all data from it is pretty much always going to be possible. This makes sense, right? If you give someone your unlocked phone, they're going to be able to access all the data that you would be able to access if you have that phone. Uh brute forcing a PIN is impossible uh starting from Pixel 6 onwards because the Titan

M2 does uh successfully throttle those brute force attacks on iPhones. So, iPhone 12 Plus, they also successfully uh throttle those brute force attacks. Max, do you have a lower than 12 iPhone? >> 11. >> 11. Okay, that's terrible. >> Uh, and as far as I can tell, brute force attacks are possible on all other Android and iOS phones. So, if you have an iPhone older than iPhone 12 or you have any Android phone that's not Pixel 6 or newer, uh that is your PIN is brute forceable by CBRE or someone else. Uh AFU unlock. So, this is where you give someone the feds sees your phone and you have unlocked it since the last time

that you've rebooted. Uh this is possible on most or all phones. It's kind of hazy about the latest generation of iPhones, but it's coming for those anyways if it's not already possible. and extracting data uh before first unlock is once again also possible on most or all phones. In summary, uh you're screwed. The Fed's going to crack your phone. I have a bunch of sources here because this is I think a pretty important slide to have sourcing for. There is one exception to what I'm saying here, which is that uh according to leaked celebrate slides, graphine OS running on a Pixel 6 or newer is immune to BFU, AFU, and brute force attacks. So that brings us finally to Graphin OS.

Uh I know I'm like halfway through this talk and I just started talking about it, but don't worry about that. What is Graphino? Uh it's a free and open source fork of Android made by this nonprofit. Uh it's focused on ensuring both privacy and security. Uh it ships without any Google services installed whatsoever. uh and it has an option to have like sandboxed Google Play services uh as a compatibility layer uh if you need that in order to make certain apps work. For now, it only supports Google Pixel devices uh because of the like they have a whole bunch of requirements for the security of the chipset and so on. The Titan M2 uh is resistant to

brute force attacks which is why they they chose Pixels in particular to support. Uh they have a partnership with an unnamed OEM for sometime 2027 I think. Uh but that hasn't happened yet. They are frequently on the cutting edge of Android security. So in fact uh security features from graphine OS sometimes get merged into upstream Android. Uh and overall they are very well regarded within the security community. Uh let's talk about their defenses against specifically Celbrite. You have this option uh of a configurable autoreboot. So if your device is by default for 12 hours, if your device is inactive for 12 hours, nobody unlocks it for 12 hours, it will automatically reboot, which will reset your device to

a BFU state, which is much harder to crack. Uh you can configure that. On my phone, I have it to two hours just because I don't know, might as well. Um uh they their page allocator uh zeros out all memory after it is freed. As soon as you free any memory, it instantly gets zeroed out, which is uh which defends against uh uh key leakage. So if you have a key stored in memory somewhere, uh as soon as it is no longer being used, it is immediately uh zeroed out. And then also this makes use after freeze significantly harder to exploit. You can also on the hardware level disable USB. Uh what this means is that

uh by default when your when your device is locked it will block any new USB connections and then once you have no active USB connections it will literally turn off the data lines in your USB port so that the only thing that can happen with that port is providing power to your device. Uh and you are actually able to turn it on such that this is always the case like no matter if you have no use for using your USB port for data transfer you can just make it so that it is the data lines are always turned off. Uh this means that you can uh use the NSA charging station securely which I know is something that we have

always wanted. It says you know you want to try it at the bottom there. Uh it also has uh so we talked about defense against celebrate let's talk about their defenses against like privacy focused uh issues. uh you have non-persistent Wi-Fi MAC address randomization uh on by default. Uh every single other major operating system that I have looked at has an insecure default uh for MAC address randomization. If you're if you're not familiar, basically whenever you're scanning for Wi-Fi networks, uh your your phone is broadcasting a MAC address that you are using for for that device. So an advanced adversary can uh set up a bunch of sniffer sniffers across a city and then like correlate, oh, we saw this MAC

address at this location at this time. Uh I gave a talk on this last year if you want more details. Uh you can automatically disable Bluetooth uh if you haven't used it for like you know 10 minutes or an hour or however long. This is very useful because first of all Bluetooth MAC addresses are never randomized on like any device that I have ever seen. Uh and furthermore also this just like reduces your attack surface. Um, by default, the the feature of like being able to triangulate your position in addition to GPS, like uh getting more accurate estimates by looking at nearby network names, that feature is turned off by default, you have an option to

actually proxy to Apple's servers um and uh estimate that way. And for stuff like captive gateway detections, etc. Uh basically anywhere that normal Android would use graphine servers it or would use Google servers rather it will instead use graphine servers. Uh this is kind of a mixed bag. Uh in particular for captive gateways uh this means that anytime you connect to like an open Wi-Fi network they will see that you are a graphine user because you're pinging a graphine server. Uh and this is this this is happening before you can get the chance to turn on a VPN because when this is when you're first trying to connect to the network. Uh so there is an option to actually just use

Google servers instead. uh kind of depending on your threat model, this might or might not be uh worth it. Uh let's talk more about Google Play services. So on standard Android devices, uh Google Play services run as a system application. Uh there is no way to disable them uh without like rooting your phone. Uh and as we saw earlier, Google's uh uh service for push notifications is a major privacy risk. So Graphine ships without Google Play services by default. Uh, and it has an optional compatibility layer for having a sandboxed user mode Google Play Services. It doesn't run as a system user. Uh, you can also, and this is really important, you can limit Google Play

Services to just specific user profiles, uh, which we will talk about shortly. Uh, which means that you don't have to have all of your uh, apps uh, running in the same kind of like uh, in the same area as Google stuff and proxying all of your notifications through Google. One issue though is that with that Google Play Services, basically no app will show notifications. You just won't receive notifications for anything except on my phone, I receive signal notifications. They have their own custom custom thing. But anything else that's not like a a system app just won't give you notifications. That is a potential problem. Uh there is this uh software called Unified Push. They claim to have like

some decentralized privacy focused uh replacement for Google Play notifications. I can't personally vouch for I haven't looked into it very much, but it is an option. So, user profiles, I just mentioned them. Let's talk about more. Um, this is a default uh Android feature, but it is expanded greatly on on graphine. On default Android, I think you can only have three or four. On graphine, you can have 32. Um, and the way they work is these are isolated workspaces. So, if you have like a work profile on your phone, this is the exact same thing, but you don't have to have like your company manage it. Um, they have separate apps, they have separate profile data, so

contacts, images, etc. uh they have separate credential encrypted storage. So you can have different pins for different users and they will have different encryption keys. Um this also means that you will be able to if you press the end session button on a profile it will return to a before first unlock state. So you can have the rest of your phone operating normally but any data in that uh specific uh profile will be in a BFU state. Uh optionally you can like forward notifications across profiles if you want to. And you can uh disable the ability to install apps in a specific profile. Uh a good setup that I recommend for most people if you're trying to set up a

graph OS, a good profile setup is having one owner profile which is just an app store and nothing else. Uh and then from there you uh have one profile which has like trusted and sensitive apps. So like your signal, your whatever else you might trust and like really care about data from. Uh you have a profile for untrusted apps, whatever you want to install. and then you have a profile for apps that specifically require Google Play services and then you install Google Play only in that profile. Uh there is a known issue where apps and websites can actually communicate across profiles through the like local host loop back address. Uh this is actually actively exploited in the wild by meta

and Yandex. So uh so if you are installing meta and Yandex apps for whatever reason to be honest um don't give them network permissions. This is another thing you can do on graphine is you can like fully disable network. Uh by default every app will not have access to network. You have to explicitly grant it access to the network. Um one more feature that I really like is storage scopes. Uh this is those of you who are on iOS, I think you have an equivalent to this. Um so whenever an app asks for access to your storage or your images or whatever, uh you can limit its access to just see specific files or specific images. And this is

invisible to the app. So as far as the app is aware, it is seeing the whole file system and it's just mostly empty for whatever reason. Uh you can do this like I said with storage, with photos, and with contacts. So we've talked about uh now defenses against like the celebrate attacks with defenses against regular privacy leaks. Let's talk about our third category which is remote exploits like Pegasus etc. Uh graphine ships with a number of exploit mitigations. Uh first of all the attack surface on graphine is very strongly reduced compared to normal Android because it like removes most unnecessary features and services. Uh another big one is they have a hardened memory allocator. Uh this has

like a million changes from the regular uh Android malo. I'm going to go into just a few of the most important ones. Uh I mentioned earlier zero on free. So whenever you free memory it instantly gets zeroed out. Uh you have a whole bunch of stack canaries just by default regardless of whether the application is introducing them or not. Uh you have guard regions whenever you allocate any memory like a region to the right and to the left of it will be uh like allocated as a guard region. Uh and starting from pixel 8 onwards there is uh ARM memory tagging which is like a hardware level whenever um every 16 byt chunk of memory

uh is going to get its own 4-bit little tag and then whenever a pointer tries to access memory that pointer's tag has to match with that memory's tag in order for that uh me uh memory read to succeed. Uh this means that if there's like a buffer overflow, the attacker needs to find some way to leak this tag uh and then corrupt the memory with both both their payload and then also that tag. Um also just in time compilation for JavaScript and such is disabled by default. Uh this defends against what is called a JIT spraying attack. Uh the TLDDR on this is basically in modern browsers when you have JavaScript it gets compiled just in time uh to have in

improved performance. Uh the issue with this is that that means that at runtime there will be times when pages of memory are at the same time both writable and executable. Uh and this obviously makes it so that it is uh your attack surface is strongly increased. Uh yeah and in a similar vein uh there is an option on graphine to disable dynamic code loading for user apps. None of these medications are bulletproof obviously like all of these can be bypassed in some way or another but combined they make it so that exploiting uh your your phone is significantly harder. Uh let's revisit what I mentioned earlier with the patch gap. Uh like how long does it take patches to roll out on

graphine? Well uh there is an option to install security patches while they are still under embargo. uh something that happens in the Android ecosystem is like Google wants to release a patch for a vulnerability uh but they don't want to have it such that the source code for the patch is available to the public and attackers can reverse engineer the patch and see what the actual original zero day was and then exploit that. So they will release the patch to vendors under embargo uh and say hey you can release this patch but you can't release the source code for this. Uh I strongly recommend enabling this uh because it lets you get patches earlier. Uh,

Graphine actually consistently deploys patches significantly quicker than all other Android OEMs that I know of. Uh, my friend actually published the CVE. Uh, they they published the results of their of their CVE. They published a full paper on how to exploit it, etc. Uh, Graphine had it patched within a week and it took several months later for Samsung and Google to roll out their patches for us. um they actually had to when they were testing the the patch they literally had to download Graphine because that was the only place they could find the patch. It was the only operating system that had rolled it out. Uh the only downside of this is you can't see the source code of the patch

uh until the embargo ends. But I think that the the risk of getting supply chain attacked by graphine is lower than the risk of getting zero day but an active uh zero day. Uh what will graphine not protect you from though? First of all, app layer data collection. So, if you install a malicious like GPS app and give it location permissions, like there's no helping you. Graphine can't save you from that. Uh cellular tracking. So, those of you who have heard of stuff like stingrays, etc. Uh and geof fencing, so when the feds go to AT&T and say, "Hey, when was this device in this location?" Graphine can't can't save you from that either. You can turn off your cellular data. Uh

and they have one other feature to only ever use LTE. So, only use 4G. Uh it turns off 2G, 3G, and 5G. Um this defends against downgrade attacks. You might be thinking, why are they disabling 5G? The reason is because uh 5G is a newer technology and it's using a lot of cutting edge code that hasn't been audited as many times. Uh but even with this feature enabled, you're still not safe. Uh Stingrays can still track you on 4G networks. Um I have a little there's a paper links there if you want to read more about that. And sending unencrypted data over cellular is just never going to be secure. Uh and moreover like graphine can't

protect you against hardware vulnerabilities. Obviously it's software is running on the operating system level. If somebody is able to compromise the actual hardware of your phone if they're able to compromise the Titan M2, Graphine is not going to help you. Uh similarly, it can't help you against cops seizing your device and then just keeping it in storage for like 5 years until Celebrate finds a zero day that works on your device. There is one feature graphine has which can help against this which is the duress pin. The way the duress pin works is is basically optionally you can configure a fake pin uh which if you put it in on your lock screen it will wipe

your phone. Uh the way this is implemented is basically uh when you put it in the phone goes black for after 45 seconds it finishes like deleting all encryption keys from anywhere on the on the phone. It wipes your SIM card etc and then just reboots. uh it is most likely impossible to interrupt the the wiping process at least without like significant effort. Certainly like a cop isn't going to be able to do this in 45 seconds. Um however uh in 2025 an activist actually used this when they were pulled uh like when they were stopped by CBP I think uh and they were charged with destruction or removal of property to prevent seizure. Uh so

basically uh although this case is still pending, it's still like up in the air whether they actually violated any law by wiping their device. Un unless you are operating under very extreme circumstances like you are in some extremely authoritarian regime and you will literally be killed if like if the the data on your phone is decrypted. I would not recommend using the duress pin in most cases. Uh unless he wants to become like really good friends with lawyers at the EFF.

Um okay, graphine. Uh we talked a lot about how it's great and awesome. It's not for everyone though. Uh most people they just want privacy from Google or I mean most people don't care at all to be honest. But uh the people that do care, they just want privacy from Google. I imagine most of you probably aren't too scared about nation state hackers targeting you. Uh and the fact that graphine OS is only available on pixels means that most of you probably cannot install it on your phone. Uh so this is where other privacy focused uh Android forks come in. Uh you might have heard of Lineage OS uh EOS which is a fork of Lineage and Kix OS.

Long story short, if you don't have a Pixel and you can't install Graphine, use EOS. Uh the reason for this is that Klex OS recently paused their updates like it's no longer actively maintained and Lineage OS does not support verified boot. So it offers like Lineage OS has worse security than just stock Android. It has better privacy but worse security. Uh so EOS is going to be good for ensuring privacy from Google. It does not implement the vast majority of graphino as security hardening. It's better than stock Android for privacy. It doesn't do very much for security. So uh let's talk about using graphine in practice. Uh some common issues that you might run into uh if you install graphine. So I'm

going to mention them before you install it. A small number of apps just don't work on graphine. They rely on Google Play's integrity API uh which just isn't supported. Uh if you rely on a banking app dayto-day, double check whether it works. I have I personally do not like my credit card apps, my banking apps, whatever, they all work on my phone. Yours might not. So double check that on the line first. Uh there's like a list here. It's it's a very short list of apps with known issues, but there are some. Uh this is a bigger one for the vast majority of people. Google Pay does not work. It cannot work because it relies on a key which is stored in the

Titan M2 and is only accessible to Google. Uh this is part of their like agreement as far as I understand with like payment processors. Like they payment processors don't want the Google Pay system to be too open because they're scared of security. Um, so if either of these is a dealbreaker to you, you're going to be stuck with stock Android or iOS. But assuming that neither of them is a dealbreaker, here's a little quick start guide. Uh, installing graphine is actually extremely easy. You might think that this is like some crazy like Arch thing where you're going to spend two hours running commands on a completely black screen. No, it's really easy. Uh, there is a web installer. You navigate

to this on your desktop. You plug your phone into your desktop. you uh change one setting on your phone and you just click buttons on the installer. It's very easy. You don't have to use a command line for anything. It's accessible to nontechnical users. Um a little uh checklist of things that you should absolutely make sure to do after you install is make sure that your bootloadader is locked. You have to unlock it to install obviously and then you lock it again afterwards uh to ensure that you have a secure operating system. Uh you want to create the distinct user profiles that I mentioned earlier. uh any apps that are open source that you want, you can install

them from foid, which you might have heard of. And then if you want to install an app like, I don't know, Discord, for example, which is only available on the Play Store, you can use what is called the Aurora Store, which is a a a store that will proxy your traffic to Google servers, basically. So this way you can install Play Store apps without actually needing the Play Store services. uh uh download a VPN obviously uh and make sure you enable those embargoed security updates and enable LTE only mode. This won't, like I mentioned earlier, it won't protect you against all cellular attacks, but it will make you moderately more secure because it prevents those stingray downgrade

attacks. And set your USBC port to charging only, assuming that you don't need it for like Android Auto or whatever else you might be using it for. Uh under a normal threat model, you can leave most settings at at their default. it will be fine enough for you. If you are extremely paranoid, you have like a more advanced threat model. There is a uh a page here which has some recommendations for settings that you should toggle from the defaults. Uh conclusion, let's do a quick summary of what I've talked about so far. Uh stock Android has significant privacy and security issues. Data brokers and nation states both routinely target Android users by exploiting these issues. And graphine OS

significantly reduces your risk but does not completely protect you from everything. And now uh I'm going to leave you off with a little call to action. Uh most of you are security professionals and as security professionals our job isn't just to keep companies safe. Our job is to keep ourselves, our loved ones, our communities safe. Uh so if we think back to at the start of this talk I had all of you raise your hand if you knew someone who is potentially uh uh potentially at risk of for surveillance. Everyone raise their hands. I want all of you to think of those people those loved ones who are potentially at risk and think of how you can potentially

help them understand the risks and mitigate those risks. Uh if that means trying to recruit someone to use Graphine OS, hell yeah. Uh if that means like getting someone to install a VPN, go for that. uh whatever you can do to make sure that people in your life that you care about are more informed about what threats they are facing. That is a really good way to uh make the world a better place. Here are my citations. Uh I'm going to skip through them because you can see them online. Uh like I said, so this talk I'm going to upload it to my GitHub. I have a QR code to it here. So I'm going to leave

it up for a little bit. It's not on there yet. The GitHub is currently like blank, but I promise I will upload it by the end of today. >> Oh my gosh. Is that a Rick rule? It is not a Rick roll. I All right. And don't put your phones away. I have another QR code for you after this. You might be thinking that it's the the talk feedback QR code. No, it is actually I am looking for a job.

So yeah, if you are looking for someone with like years of pentesting experience, I have a Defcon black badge. If that's of any interest to you, uh, hire me. I'm looking for offensive security roles. Uh, so thank you very much everyone. This was a very fun talk. Uh, giving it was very fun giving the talk. Uh, I think we actually have time for questions which I was not expecting. Uh, so yes. >> Can I install Arch Linux on my Android phone? So I believe there are ways of installing like there are Linux phones and so I'm sure that there is I know that there is an ARM version of of Arch you can probably make it work but I I

don't recommend it. So the question was whether I'm aware of any uh like malware vendors like Pegasus or whatever uh which are specifically targeting graphine OS. I'm not aware of any of them specifically targeting graphine. I'm sure that they are all very actively researching uh how to make their exploits work on graphine and it's unclear which of them do work, which of them do not work because they're very secretive. But so the question was uh I mentioned that the Titan M2 and the uh Apple's the modern iPhones security chips are are seemingly secure. Uh so how long would I expect uh it would take for a zero date to show up in those? It's hard to say. I the Titan M2, I will

say, has been out since whatever the Pixel 6 launched, which I think was 2021, if that sounds about right. So, roughly 5 years. And uh if there were a way to like brute force uh pins on that, Celebrate would definitely already have that. Uh or at the very least I if somebody out there has one of those ways, most likely Celebrate uh would have it by now. Maybe the NSA has something, I don't know. But um yeah, the question was if there's a longitudinal study of the security lifetime of of a device compared to its cost. I don't know of any um I guess like a a related thought which doesn't quite answer your question is that uh

Graphine does commit to supporting all of its devices for at least seven years at the moment. Uh so in this case or I think that maybe the way they phrase it is they support it for as long as there are security updates from the vendor officially and then possibly longer. Uh so in the case of like pixels, modern pixels have a a Google commits to providing security patches for them for at least seven years and graphine commits to the same thing. >> This is related to how long the police have to keep a device for. >> Right. Yes. Yeah. So that is an excellent point where yeah like the security lifetime of a device means

that like if if a device is likely to be secure for you know 7 10 year whatever years that means that the police if they seize your device they're going to have to keep it in storage for however much time it takes for someone to find a zero day uh in order to be able to crack it. So the the question is whether graphine works with Android Auto and like specifically because I mentioned that in the uh part about uh disabling the USB port for data. Uh yes graph you can set up Android auto on graphine. There is a part on their website which talks about it. I personally don't use Android Auto so I can't tell you details about how it

works or how well it works but I'm pretty I'm pretty I'm seeing a skeptical look from one person in the audience. >> Okay, one person is confirmed to have Android Auto working on Graphine. So Uh the question was is it possible for a malicious app to get uh information from other apps just by you opening it? Uh the answer is like multi multi-layered. First of all if two if you have two apps that agree to communicate with each other. So in the case of uh like meta apps for example and Yandex as I mentioned what they are doing is the app uh like sends data and listens on localhost on a specific port and then

when you navigate when you open another meta app or when you navigate to like facebook.com or whatever else uh that website will then make connections to localhost uh which I believe still works on browsers. I watched a talk last year at Bides actually about how they're trying to get that changed. But uh what that means is yes, so if both processes agree to communicate, they can either use that or like just regular interprocess communication as long as they're on the same profile. Uh but then also in general like you might be able to do like uh a side channel attack where you might be able to like look at timings for certain computations to leak

what is displayed on a screen or what computations are made by other apps etc. Uh so the question was about uh age verification requirements for operating systems and how graphine is responding to that. I don't know. So I actually I haven't seen are are states now requiring requiring it on an OS level. I remember there was >> really a bunch of other states are are have active bills. >> Okay. Interesting. I So I learned something new today. Yeah. I I don't know how graphine is responding to that. I don't know if they're going to be subject to that or if they have some like legal because they they aren't a US-based organization. They're they're incorporate like the foundation is in

Canada and up until recently they were hosting their servers in France but actually France became hostile towards them so they've moved them to I think Toronto. Why user IDs rather than namespaces? Elaborate. >> Yeah, I'm I'm not sure what the reasoning is behind that specific design decision. It would I mean it would go back to when Android was being designed in what 2004 or 2005. So like you you could ask whoever designed it. So the question was on stock Android I mentioned how it can still get your location from nearby Wi-Fi networks even if your GPS is turned off. Uh and the question is whether uh that will still apply basically if you have airplane

mode turned on. I believe that airplane mode should turn off wi-i Wi-Fi probing. Uh so it should defend against that. Um I I can't say with complete confidence that that will actually protect you on on stock Android but I I think it should. Appreciate the clarification. Okay. So, the correction airplane mode actually won't stop Wi-Fi scanning, it turns out. Uh, how are we doing on time? >> We're cut off. >> Last talk of the day. >> All right. I'm being told that we should cut off. Uh, thank you everyone.