The reason it takes so long to boot after wiping via the duress PIN/password is because by wiping the OS data in 3 different ways, the OS attempting to boot and deal with it detects it as completely corrupted. It tries a couple times before giving the rescue menu to wipe. We did it this way because we decided it made more sense than rebooting into recovery to format the device. A factory reset triggered within the OS or by a device admin app will also do a similar wipe-without-reboot since we improved it to use the same approach, but it then reboots into recovery to wipe and then format in the traditional way. We reported the lack of wipe-without-reboot to Google as a vulnerability in the device admin API and they implemented a form of wipe-without-reboot for the June release on Pixels. However, they only wipe the hardware keystores (TrustZone and secure element). We extended it to use 2 additional ways of wiping the OS data by also wiping the encryption metadata and if possible (hardware connection not recently broken, etc.) the secure element too.
Thank you for this video. I'd been wondering about the whole duress pin process. Especially what happens after the phone's been wiped. This video's answered all my questions.
Great to see you. Thanks to you, I'm STILL rocking GrapheneOS on Pixel 6a. I've never even thought about duress PINs! As always, I learn things HERE! Aloha!
@@sideofburritos I look forward to your new content. The way you explain it makes sense not just to me, but judging by the welcome you got, many others too. :)
This feature is amazing, very powerful. It's too much for me, but it's perfect for those who need it and could be forced to unlock their device. Better yet, if it is known that the phone as this feature, logic dictates that whoever is requesting the phone PIN won't even request it for fear of receiving the duress pin.
Glad to see you're back. I was wondering what your current impressions are on the pixel tablet now that it has been a year. I'm considering getting one for digital handwritten notes for school. Any features that are lacking or handy accessories/features worth noting?
Thanks! Hmm, that would be a good update video after a year. TL;DR - I mainly use it for entertainment. UA-cam, checking emails, videos. As far as lacking features, I haven't found any. Everything I do on my phone, I can do on the tablet. I've never tried it for handwriting notes, but if you could find a nice stylus, that could be a great use. The case from Google is top-notch. The dock works with it on, the kickstand on the back works in both vertical and horizontal positions. It has a nice texture to it. Well worth picking up with the table if you get it.
Thanks! No, the encryption key that's used to decrypt your data is forgotten by the device, and it's then powered off. At that point, the data is permanently inaccessible. This post on the forum from GrapheneOS has some more details about how the data is permanently inaccessible - discuss.grapheneos.org/d/13792-duress-reset-phone-not-encrypted-anymore/2
Glad to have you back side of buritos. Does anyone here have any issues with 5g. I only get one bar but if i take sim and install on another phone i get more 5 g bars. Using pixel 7 with Graphone OS. I really like the OS but wish that the 5g would work much better on my pixel 7.
I've been using graphenineos now for a couple of weeks and I like it's approach to privacy and data but it still needs Google services to work.Me my self I still use Google photos because that's how we share photos and videos and I still use messages because of the RCS also the Google dialer and Google drive and Google photos if I want to scan some documents
My daily user profile doesn't rely on Google services, and it works great. I do keep a separate profile with Google services for one app (MySudo) because I need notifications for it. Many new users start with Google services and gradually switch to alternatives that don't require them. Whether you use Google services or not depends entirely on your needs, apps, and use cases.
If you put the duress pin in your phone case then someone who stole the phone could then wipe it and set it up or flash clean and sell it on but without that then they are stuck with a phone they can't do anything with or wipe right?
How awesome would it be if we could have a duress fingerprint?! Though I wonder how that would go legally where you refuse to unlock your phone with your finger but are forced to due to biometric laws...
That's an interesting one. I wonder what the court would say, since you technically provided your fingerprint, but the one you did destroyed evidence. You could also fail with the wrong finger enough times that it requires a PIN code, but I can't imagine that would go over well.
It fully wipes the hardware keystores, secure element and encryption metadata on the SSD. Wiping the hardware keystores or wiping encryption metadata from the SSD prevent recovering any of the OS data since they're needed as part of deriving all the encryption keys. Wiping the secure element also wipes the secure element's hardware keystore again but is mainly done to wipe the Weaver slots to provide another way to prevent deriving the encryption keys. It's 3 different ways of preventing data recovery in case one somehow doesn't work as intended, such as if the connection to the secure element was lost, which won't stop it from from wiping and then shutting down (it has a timeout for the secure element wipe).
Why not show the procedure on the lock screen?! In more than most cases, a phone will be locked at a time when some "authority" figure will demand unlocking. A feature I would like to see on GrapheneOS is to change profiles based on the PIN code entered rather than having to swipe and tap to switch user then tap the user then enter the code.
The reason it takes so long to boot after wiping via the duress PIN/password is because by wiping the OS data in 3 different ways, the OS attempting to boot and deal with it detects it as completely corrupted. It tries a couple times before giving the rescue menu to wipe. We did it this way because we decided it made more sense than rebooting into recovery to format the device. A factory reset triggered within the OS or by a device admin app will also do a similar wipe-without-reboot since we improved it to use the same approach, but it then reboots into recovery to wipe and then format in the traditional way. We reported the lack of wipe-without-reboot to Google as a vulnerability in the device admin API and they implemented a form of wipe-without-reboot for the June release on Pixels. However, they only wipe the hardware keystores (TrustZone and secure element). We extended it to use 2 additional ways of wiping the OS data by also wiping the encryption metadata and if possible (hardware connection not recently broken, etc.) the secure element too.
Brilliant, thanks for sharing the details of the process.
Babe wake up! A new Sides of Burritos video uploaded 🎉
🤣 that's hilarious
bro remembered his password
Hope he doesn't confuse it with his duress password
🤣 should have used a password manager, had to guess way too many times
yep
YOU'R BACK!
I was worried that some three letter agency got to you.
I am! Not yet 🤓
Why KFC be mad at him??
@@masj7786 Thats a three letter company ;)
I am so pleased to see you posting another vid on graphene. been awhile... by the look of alot of other peeps, they feel the same. cheers mate
Glad to be back!
Thank you for this video. I'd been wondering about the whole duress pin process. Especially what happens after the phone's been wiped. This video's answered all my questions.
You're welcome! Glad to hear it helped.
Hey! You're back! Just this weekend I wondered where you had gone. Good to see you again.
I am! Haha, it sounds like perfect timing.
Welcome back!!!!!! Happy to see and ear you again ;)
Happy to be back, thanks!
Welcome back! Was wondering when the videos were coming back.
Thank you! I'm excited to be back.
Hey welcome back :)
Hey, thanks!
Yeah, I think we all missed him. The brain starts playing conspiracy tricks on me. 😊
He is alive 🎉
Finally back 🤓
Good to see you back posting another great video.
Thank you!
Great to see you. Thanks to you, I'm STILL rocking GrapheneOS on Pixel 6a.
I've never even thought about duress PINs! As always, I learn things HERE! Aloha!
Thanks! Glad to hear it's still running great for you! My daily driver is a 6a as well.
hello, welcome back :D
Hey, thank you! :)
Great info as usual. Welcome back.
Thanks!
You are back! I missed your videos.
I am! Hopefully, the new ones are as good/better than the old ones!
@@sideofburritos I look forward to your new content. The way you explain it makes sense not just to me, but judging by the welcome you got, many others too. :)
welcome back! great video, did not know about this feature
Thanks! It's a super cool feature.
Welcome back!
Thanks!
Its late at night here rn and for some reason i just woke up and oh looky! Welcome back to youtubeland Mr Burrito 😊
Ahh, my subliminal notifications sound like they're working. Thanks!
@@sideofburritos 🦩😄
Wow! The GOS team said they would never implement a duress PIN, but that was years ago on their Matrix server. My how times have changed.
Super handy feature to have.
Welcome back!!
Thank you very much!
I had been spreading the gospel of your channel to GrapheneOS-curious folk and wondered where you'd gotten to. Thanks for this
You're welcome, and thank you for the support!
Missed you :)
Miss you too :)
welcome back :)
Thank you!
Long time no see
It's been a few 🌊
new video yay
🤓
@@sideofburritos true true
Long time no see bro😊
Haha, it's been a few!
This feature is amazing, very powerful.
It's too much for me, but it's perfect for those who need it and could be forced to unlock their device.
Better yet, if it is known that the phone as this feature, logic dictates that whoever is requesting the phone PIN won't even request it for fear of receiving the duress pin.
Absolutely, it's a very useful feature. Good point, it could deter malicious actors even further if a device is running GrapheneOS.
Glad to see you're back. I was wondering what your current impressions are on the pixel tablet now that it has been a year. I'm considering getting one for digital handwritten notes for school. Any features that are lacking or handy accessories/features worth noting?
Thanks! Hmm, that would be a good update video after a year. TL;DR - I mainly use it for entertainment. UA-cam, checking emails, videos. As far as lacking features, I haven't found any. Everything I do on my phone, I can do on the tablet. I've never tried it for handwriting notes, but if you could find a nice stylus, that could be a great use. The case from Google is top-notch. The dock works with it on, the kickstand on the back works in both vertical and horizontal positions. It has a nice texture to it. Well worth picking up with the table if you get it.
Good to have you back! Without the phone being encrypted prior to a reset, would it still be possible to recover data?
Thanks! No, the encryption key that's used to decrypt your data is forgotten by the device, and it's then powered off. At that point, the data is permanently inaccessible.
This post on the forum from GrapheneOS has some more details about how the data is permanently inaccessible - discuss.grapheneos.org/d/13792-duress-reset-phone-not-encrypted-anymore/2
Glad to have you back side of buritos. Does anyone here have any issues with 5g. I only get one bar but if i take sim and install on another phone i get more 5 g bars. Using pixel 7 with Graphone OS. I really like the OS but wish that the 5g would work much better on my pixel 7.
Thanks! I haven't had any issues with it where I live.
I've been using graphenineos now for a couple of weeks and I like it's approach to privacy and data but it still needs Google services to work.Me my self I still use Google photos because that's how we share photos and videos and I still use messages because of the RCS also the Google dialer and Google drive and Google photos if I want to scan some documents
Many people do use it without Google services.
My daily user profile doesn't rely on Google services, and it works great. I do keep a separate profile with Google services for one app (MySudo) because I need notifications for it. Many new users start with Google services and gradually switch to alternatives that don't require them. Whether you use Google services or not depends entirely on your needs, apps, and use cases.
If you put the duress pin in your phone case then someone who stole the phone could then wipe it and set it up or flash clean and sell it on but without that then they are stuck with a phone they can't do anything with or wipe right?
No, they can still do a factory reset in fastboot mode and wipe the device manually.
@@sideofburritos surely not with a locked bootloader though
@@bidoa That has no effect on whether someone can enter fastboot mode to wipe the device.
When your friend grabs your phone and tries unlocking it by punching in random passcodes: 💀💀💀
⚰️📱
How awesome would it be if we could have a duress fingerprint?!
Though I wonder how that would go legally where you refuse to unlock your phone with your finger but are forced to due to biometric laws...
That's an interesting one. I wonder what the court would say, since you technically provided your fingerprint, but the one you did destroyed evidence. You could also fail with the wrong finger enough times that it requires a PIN code, but I can't imagine that would go over well.
Am I correct in assuming that if the duress pin is entered it will wipe all profiles in the device, not just the owner?
You are correct.
It fully wipes the hardware keystores, secure element and encryption metadata on the SSD. Wiping the hardware keystores or wiping encryption metadata from the SSD prevent recovering any of the OS data since they're needed as part of deriving all the encryption keys. Wiping the secure element also wipes the secure element's hardware keystore again but is mainly done to wipe the Weaver slots to provide another way to prevent deriving the encryption keys. It's 3 different ways of preventing data recovery in case one somehow doesn't work as intended, such as if the connection to the secure element was lost, which won't stop it from from wiping and then shutting down (it has a timeout for the secure element wipe).
Why not show the procedure on the lock screen?! In more than most cases, a phone will be locked at a time when some "authority" figure will demand unlocking. A feature I would like to see on GrapheneOS is to change profiles based on the PIN code entered rather than having to swipe and tap to switch user then tap the user then enter the code.
Because entering it on the lock screen is pretty straightforward. It's easier to explain a less common scenario in a demonstration.