Nostr Web Client

#grapheneos help me out...

I set up a new user profile with a new PIN. I was thinking this could work better than using the duress PIN, because I'd prefer a decoy to a total wipe, and because state thugs can say you're obstructing something if you do a wipe.

The problem is, I don't see a way to simply input the alternate PIN and load into the other profile seemlessly. It wants me to end the session to go back to owner profile, at which point the only way back to the decoy is to unlock the device and re-enable it. This wouldn't even work very well if I actually had multiple users on this device. I want to have one unlock screen, which loads different profiles if I enter different PINs, with no indication that its doing anything differently.

Is there a way?

Final 1y ago

We don't have this feature as a priority because it would be detectable with forensic analysis. People would just trust the feature too much thinking its existence would be hidden when it would only trick a bystander. GrapheneOS is well known, they'd just treat any device installed as likely to have a hidden profile.

We suggest keeping things in a separate profile and deleting it when things get heated. No data is worth keeping if you're being targeted over it. If you were someone like a whistleblower you'd ideally provide copies to others or make encrypted backups to a trusted cloud they aren't aware of should the device be taken.

Reply to this note

Please Login to reply.

Discussion

Comte de Sats Germain 1y ago

Okay, makes sense. Thanks

WestleBittle 1y ago

Yes, I am aware Cellebrite specifically publishes their ability to (or lack theorof really) to access GrapheneOS devices, which is a bit of a unique honour.

A different set of security practices is required for sophisticated adverseries. For instance a duress pin that immediately restarts the device and disables the USB port or resets the secure element.

I had this more in mind as a defense against unsophisticated physical threat actors, the proverbial $5 wrench attacks, thugs, unsophisticated or informal law enforcement etc.

Final 1y ago

GrapheneOS has a duress password that erases the phone instantly and wipes secure element when triggered, the USB controls feature can disable data lines or the port entirely in hardware when booted to the OS and can be configured separately to it.