Before and After First Unlock

If you’ve used a desktop operating system, you may have encountered full-disk encryption. The name is self explanatory. When full-disk encryption is used on a desktop or laptop, the entire contents of the hard drive (minus whatever is needed to properly boot the system far enough to enter the decryption key) are encrypted. The contents are only accessible after the decryption key has been provided during boot up.

iOS and modern versions of Android use a different model called file-based encryption. Rather than encrypt the entire contents of the device, files are encrypted individually per a policy. This is why you can make a call on an iOS or Android phone after is has been booted but before it has been unlocked. But like with full-disk encryption, the encrypted files are only accessible after the device is first unlocked after a boot up.

The states where encrypted data is inaccessible and accessible are referred to as before and after first unlock respectively. Before the first unlock data is considered at rest. The device is unable to decrypt the encrypted data because the necessary decryption key hasn’t been provided by the owner. After the first unlock the device stores the decryption key so it can decrypt and access the encrypted data. How the keys are stored varies. Many devices store the decryption keys in memory, but the more secure method is to store decryption keys in a secure chip such as the Secure Enclave hardware on iPhones or the Titan M chip on Pixel devices (technically the decryption key is usually derived by the secure chip using the provided decryption key and other inputs, but I’ll skip over those details in this post). Using a secure chip adds a barrier between the decryption key and malicious software or hardware able to gain unfettered access to system memory.

When you read stories about law enforcers extracting encrypted data from a device without the owner’s cooperation, they are almost always extracting the data after the first unlock:

The main difference between Complete Protection and AFU relates to how quick and easy it is for applications to access the keys to decrypt data. When data is in the Complete Protection state, the keys to decrypt it are stored deep within the operating system and encrypted themselves. But once you unlock your device the first time after reboot, lots of encryption keys start getting stored in quick access memory, even while the phone is locked. At this point an attacker could find and exploit certain types of security vulnerabilities in iOS to grab encryption keys that are accessible in memory and decrypt big chunks of data from the phone.

Based on available reports about smartphone access tools, like those from the Israeli law enforcement contractor Cellebrite and US-based forensic access firm Grayshift, the researchers realized that this is how almost all smartphone access tools likely work right now. It’s true that you need a specific type of operating system vulnerability to grab the keys—and both Apple and Google patch as many of those flaws as possible—but if you can find it, the keys are available, too.

When law enforcers confiscate a device, it’s common practice to both prevent the device from powering off and to isolate it from any network access. This prevents the device from entering before the first unlock state and from being remotely wiped. Mobile phones have their own batteries, which increases the time law enforcers have between confiscation and connecting it to a secondary power source. Placing the phone into a Faraday bag isolates it from network access. Once a device has been prevented from powering off or being remotely wiped, law enforcers can work to decrypt the contents of the phone at their leisure.

Before continuing I will note that law enforcers aren’t the only individuals interested in gaining unauthorized access to the encrypted contents on a device. I’m highlighting them because they receive the most press coverage. Keep in mind that many unauthorized parties such as abusers and stalkers have the same interest albeit for different reasons.

The safest state for encrypted content is at rest. This is why I always recommend people power down their devices before entering airport checkpoints or border crossings. Those are situations where encounters with law enforcers are guaranteed and the chances of devices being confiscated is higher than average. I also recommend people power down their desktops and especially laptops when not in use. That way if the device is stolen, the contents remain inaccessible to the thief. However, powering down devices isn’t always practical, especially when the device in question is a smartphone. If you’re meeting somebody at an airport, you might need to keep your phone powered on in case the party with whom you’re meeting needs to contact you (although I will argue that proper planning can avoid this scenario and, if not, rebooting the device and leaving it in before the first unlock state will allow you to be accessible while keeping your data at rest). If a mugger demands your smartphone, they probably won’t allow you to power it down before handing it over.

This is why I was happy to discover a feature in GrapheneOS. In the settings application under the Security category there is an option called Auto reboot. By default this is disabled, but if you tap on it, you’ll be greeted with a dialog box offering different lengths of time. If you select one of those options, the phone will automatically reboot if it hasn’t been unlocked in the selected period of time. This ensures that the device will return to before the first unlock state after you haven’t unlocked it for the selected period of time. If you unlock your device frequently and don’t mind entering your password when you wake up in the morning, you can select a short time period. If you don’t want to enter the password every morning, you can select eight hours (or slightly more than however many hours you typically sleep). This feature creates a specific window of time between when a device is confiscated or stolen and when it returns to before the first unlock state.

This is a security feature I would like to see adopted by other operating systems. Knowing my laptop had a finite period of time between when I last unlocked it and when it returns to before the first unlock state would give me the convenience of putting it in sleep mode rather than powering it down completely when transporting it (I fully admit powering down isn’t a huge inconvenience for me since I don’t transport my laptop frequently, but a lot of people transport their laptop between home and work twice a day).

My Thoughts on the Pixel 4a Running GrapheneOS

As I noted in my last post covering the fiasco that is today’s Apple, I ordered a Pixel 4a with the intention of flashing GrapheneOS on it. For those of you who are unfamiliar with GrapheneOS, it is an Android Open Source Project (AOSP) operating system that focuses on security. The list of security features included in GrapheneOS is quite long so instead of trying to summarize it, I’ll point you to the project’s feature list.

GrapheneOS only runs on Pixel devices. This is because Pixel devices implement several hardware security features including the Titan M security chip (a similar idea to Apple’s Secure Enclave). Pixel devices also support Android Verified Boot (AVB) 2.0 with third-party signing keys. AVB 2.0 cryptographically verifies that the operating system you’re booting hasn’t been altered. When properly setup, this allows non-Google firmware to boot from a locked boot loader. GrapheneOS supports AVB 2.0 and relocking the boot loader is actually part of the installation process. This is a GrapheneOS advantage since most AOSP operating systems can only boot from an unlocked boot loader. An unlocked boot loader is a majority security weakness.

Installing GrapheneOS is about as easy as installing a third-party operating system on a phone can be. There are two supported methods: a web based installer and a command line based installer. I chose the latter. Both are made straight forward by the step-by-step guides. When you boot GrapheneOS the first time, you’re greeted with a bare bones installation. I prefer minimal operating system installations so I consider the bare bones nature of the default GrapheneOS is a plus.

I installed the same applications on this device as I installed on my Teracube 2e. GrapheneOS doesn’t include a calendar application so I installed Etar, which is the calendar application included in LineageOS.

One of the notable features of the Pixel 4a is the camera. However, you probably won’t be terribly impressed by pictures taken with the camera application included with GrapheneOS. This is because the high quality pictures you see in Pixel 4a reviews requires a combination of hardware and software. The software is Google Camera. Google Camera applies software enhancements to improve the quality of pictures taken with Pixel hardware. Not surprisingly it requires Google Play Services. A recent addition to GrapheneOS is support for fully sandboxed Google Play Services. This allows you to install Google Play Services without granting permissions greater than any other app (normally Google Play Services enjoys additional privileges). If you need Google Play Services, I believe this is a better solution than microG, an alternative used by a number of AOSP operating systems.

I wanted Google Camera without all the additional Google cruft so instead of installing Google Play Services I installed Gcam Services Provider. Gcam Services Provider is a shim that implements just enough of Google Play Services to run Google Camera. GrapheneOS with Gcam Services Provider isn’t enough to run Google Camera though. Launching Google Camera with this configuration will only result in a black screen (information about this behavior can be found here. I resorted to installing a modded versions of Google Camera of which there are quite a few. I settled on this version because it works with Gcam Services Provider and allows me to use a gallery application other than Google Photos (the official Google Camera application is hard coded to display recently taken pictures with Google Photos and I have no interest in installing that).

The installation process for Google Camera that I just described is the only thing on my setup that feels hacky. GrapheneOS is polished. It actually feels like a first-party operating system on the Pixel 4a. It is a major improvement over the user experience of LineageOS on a Teracube 2e (because the version of LineageOS for the Teracube 2e is still unofficial, I didn’t expect a polished user experience, I’m just noting the comparison here because it’s the only baseline I have). I will go so far as to say that GrapheneOS offers a user experience comparable to iOS on an iPhone (and probably the stock firmware on the Pixel 4a, but I didn’t spend any time using that) with the caveat that applications that rely on Google Play Services may not work if you don’t install Google Play Services (thanks to sandboxing doing so isn’t as dangerous on GrapheneOS as it is on other AOSP operating systems). The user experience is so good that my wife, who is not a technical user, is happy with it.

GrapheneOS is a great option for iOS users wanting to flee the panopticon that Apple is dead set on inflicting on iOS users (and probably macOS users).

In Case It Was Unclear, This Is Fascism

Fascism has a number of defining characteristics including dictatorial powers, oppression of opposition, strict governmental control over the populace, and strong governmental control of the economy. All four characteristics were present in the executive ordered issued by Joe Biden this afternoon:

In an address made from the White House on Thursday, Mr Biden directed the Department of Labor to require all private businesses with 100 or more workers to mandate the jab or require proof of a negative Covid test from employees at least once a week. The order will affect around 80m workers.

Dictatorial powers? Biden issued this order by himself through an executive order. Oppression of opposition? This order is a direct attack on individuals who haven’t received one of the available COVID vaccines. Strict governmental control over the populace? If order every person who works for an arbitrarily large company isn’t strict government control over the populace, I don’t know what is. And finally strong governmental control of the economy? Biden just ordered every business with more than 100 employees to either force their employees to get a COVID vaccination or subject them to weekly testing.

Proponents of democracy should be appalled by this. Congress didn’t propose this. It didn’t debate this. It didn’t pass this. It didn’t get to say a goddamn word about this. It was a single man using a tool that I and every sane person has been warning about for ages: executive orders. An executive order is the antithesis of democracy. It creates dictatorships.

Those who claim to fight for the poor and downtrodden should be appalled by this. As Glenn Greenwald noted, this order is going to hurt the poor and downtrodden much more than the well off. And before somebody brings up the fact that COVID vaccines are free (and by free I mean paid for by the federal government with tax money and printed dollars), everybody knows that. The individuals in lower income brackets who haven’t received a COVID vaccine know that. They haven’t chosen to forego the vaccine because they’re ignorant of the cost. But they have chosen to forego it and that makes this order a direct attack against their autonomy.

Advocates of body autonomy should be especially appalled by this for obvious reasons.

In fact anybody who isn’t appalled by this is a fascist. They might not realize they’re a fascist, but they are one.

That ends my rant.

In case my feelings on the matter are unclear, I will close by giving my opinion on the COVID vaccines. If you want one, get one. If you don’t want one, don’t get one. It’s your body. You should be the only person who decides what to put in it.

Apple Gives Users More Time to Migrate

After doubling and tripling down on its decision to integrate spyware into iOS, Apple has announced a delay:

Apple provided this statement to Ars and other news organizations today:

Last month we announced plans for features intended to help protect children from predators who use communication tools to recruit and exploit them, and limit the spread of Child Sexual Abuse Material [CSAM]. Based on feedback from customers, advocacy groups, researchers and others, we have decided to take additional time over the coming months to collect input and make improvements before releasing these critically important child safety features.

As the Electronic Frontier Foundation explains, a delay isn’t good enough. However, the delay grants iOS users more time to plan their migration. I’m happy to say that my migration has gone well. I received my Pixel 4a and flashed it with GrapheneOS. My initial impressions are very good. I’ll post a detailed initial impression after a few more days of usage. With that said, there are a handful of options available to those wishing to flee Apple’s new surveillance obsession.

I opted for a Google-free Android Open Source Project (AOSP) ROM. Android is a mature and widely support mobile operating system. It offers near feature parity with iOS since the two platforms have been copying from each other since their early days (both also copied a lot of the best ideas offered by Palm WebOS). The biggest flaw in Android is Google. Google-free AOSP ROMs such as LineageOS, /e/OS, GrapheneOS, and CalyxOS keep the good features offered by Android while removing the Google taint.

Another option is a mainline Linux phone like the PinePhone or Librem 5. Neither platform is mature enough to meet my current daily needs, but they might be mature enough to meet your daily needs. They’re worth investigating and I hope to eventually migrate from Google-free Android to a mainline Linux phone.

If you’re one of those odd ducks who uses their cellphone solely as a phone, an old-school dumbphone is worth considering. Because of how simple they are, dumbphones offer a limited attack surface (keep in mind that security updates on dumbphones are rare so if a major flaw exists, the only solution may be to buy a different phone) and aren’t capable of store even a faction of the personal information that smartphones can. They’re also dirt cheap and frequently more durable than smartphones. The tradeoff is they don’t offer any means of secure communications. You can’t install Element, Signal, or any other secure messaging application on them. But if you don’t use those, that’s probably not a deal breaker.

My suggestion to iOS users (and every other computing platform user) is to develop a migration plan if you haven’t already. I try to have at least one migration plan at hand for any computing platform I use. For example, when I was using a Mac, I had a migration plan for moving to Linux. It didn’t end up being an urgent need, but when I finally decided to upgrade from my 2012 MacBook Pro and Apple didn’t offer anything acceptable to me, I already had a plan. Now I use Fedora running on a ThinkPad and have a plan to migrate from that if needed.

When I ran iOS I also had a migration plan. My plan was to migrate to a mainline Linux phone. I knew this plan was a gamble because it would be a few years until such devices were mature enough for my daily use. Because of that I kept a list of Google-free AOSP ROMs and phones capable of running them. When Apple announced its surveillance plan, my migration plan to a mainline Linux phone wasn’t yet feasible. I had to bring myself more up to speed on AOSP ROMs and phones, but I was able to migrate away from iOS within a week of Apple’s announcement.

Apple didn’t provide a time frame for when it will introduce spyware to iOS. It could be months or years before Apple introduces it or the company could spring it on users with no warning. If you have a migration plan ready, you can react even if Apple gives no advanced warning. If Apple pushes back its surveillance plan indefinitely, you can continue using iOS (if you still trust Apple, which I don’t) knowing you’re ready to move if needed.

The Third Update on My Experiment Running LineageOS on a Teracube 2e

After two weeks with the Teracube 2e I decided that it’s not a good daily driver for me. Teracube has a 30-day return policy, but I’m going to keep the phone because I really like what the company is doing and having a sacrificial phone for experimenting with new Android ROMs appeals to me. However, there were a number of issues that made the phone unsuitable for me as a daily driver.

The first issue is the potato quality camera. I previously stated that I don’t need a very good camera, but I do need a camera that is at least good enough for me to document things. I decided to do more thorough testing with the Teracube 2e cameras during the week. I found two major issues. The first is that the autofocus is inconsistent. Sometimes I can get properly focused photographs, but other times the photographs turn out blurry even after the camera app shows that the camera is properly focused. It’s a crap shoot whether a photograph will be clear or blurry. The second camera issue is the flash. Since the cameras have such poor low light (really any light other than outside daylight) performance, using the flash is a requirement. But when the flash is used the resulting photograph is heavily blue tinted. This issue isn’t caused by the beta build of LineageOS. A number of users on the Teracube forum reported the same camera issues with stock firmware.

The second overall issue I have with the phone is the size. I’m an oddity because I like phones that are small enough to operate with one hand. The 2020 iPhone SE is acceptable although slightly larger than I like. The Teracube 2e is larger than the 2020 iPhone SE. When stacked on top of each other, the Teracube 2e doesn’t look much larger than the 2020 iPhone SE. But when you have the devices in your hand the size difference feels significant. The included case also adds some additional bulk. Moreover, the case has raised corners that like to catch on my pockets whenever I stow or take out the phone.

The third issue is the Wi-Fi and Bluetooth connectivity. Although rare the phone will periodically disconnect from my Wi-Fi network and Bluetooth devices for a brief second. It’s hardly noticeable. If you’re streaming a video, the issue manifests as a brief moment of buffering. If you’re listening to music through Bluetooth headphones, the music will stop and your headphones will indicate that they disconnected and connected again. This problem is most likely being caused by the unofficial beta of LineageOS that I’m using. Unfortunately, all of the Google-free ROMs I’ve found for the Teracube 2e are based on the LineageOS build and therefore exhibit all of the same bugs. I’m confident that this issue will be fixed if the problem is being caused by the ROM. But this does roll into my fourth issue.

The fourth issue is that this setup is a hack. What I mean by this is that the overall experience isn’t polished. This isn’t a surprise. I’m running beta firmware on a relatively new phone. I didn’t expect it to feel polished. And if I only had to worry about myself, I could run this setup without much trouble. But I’m also the technical advisor and support for my wife. I can’t hand her a buggy device and expect her to be happy with it. Especially because she’ll be comparing it to her iPhone (she wants to get off of iOS because she, like me, doesn’t like spyware running on her devices, but she’s less tolerant of bugs than I am). I could get her a nicer device and continue using the Teracube 2e myself, but I also don’t want to have a drastically different setup than her. If we have the same or very similar setups, we will likely run into the same problems. That simplifies debugging for me and means that when I figure out how to fix a bug on my setup, I also figure out how to fix it on her setup.

With all of that said, I really like the Teracube 2e. It has a lot of great features such as a removable battery, four year warranty, and flat rate charge for repairs. For the price the hardware is a good deal (minus the cameras). The device comes with a case and a screen protector, which are nice bonuses at that price range. I also like how transparent the company has been. I’ve dug through the Teracube forums and the company representatives who post on there open and honest. For example, Teracube released a tempered glass screen protector for the 2e. A lot of people who bought it reported issues with the edges of the screen protector not adhering to the screen. A company representative both acknowledged the issue and warned a few users inquiring about a better (than the included) screen protector about the issue. There is a thread about the camera issues. Rather than disappearing the thread, company representatives have been using it to collect information that may allow the issues to be fixed (or at least mitigated to some extent).

As I said at the beginning of this post, I’m going to keep the Teracube 2e. Both because I like the device and because I want to fund Teracube’s efforts. I will continue to experiment with it and test new builds of LineageOS as they are release (and maybe /e/OS as well). But it won’t be the replacement for my iPhone.

That brings me to the big question, what’s next? Will I stick with iOS knowing that Apple intends to install spyware on it? Not a chance. I ordered a Google Pixel 4a (actually two). Although the 128 GB of storage will be tight for me, it checks every other box. It’s affordable, about the same size as my iPhone, and has a good rear camera. Besides the lack of storage the other major downside is Google just discontinued it (which is why I bought two, one for me and one for my wife). So it’s not a device that I will be able to recommend to people in the future. Unfortunately the replacement, the Pixel 5a, is significantly larger and $100 more expensive.

My intention is to try GrapheneOS since it’s the most security focused Android ROM. If that doesn’t work out, the Pixel devices are officially supported by a number of other Google-free ROMs including LineageOS, /e/OS, and CalyxOS. I will report on my findings just as I have been reporting on my findings with the Teracube 2e.