[nixgeek]

This feels like countering insinuations on the Internet with insinuations on the Internet.

Cellebrite doesn't publicly publish the latest support matrix so we have no real idea what progress if any they've made against recent iPhones and iOS versions, nor any real detail on how something like Lockdown Mode influences outcomes for their software.

Nor does this show anything about Pixel 9 or Pixel 10 and the newest variants of Android OS (which for Pixel 10 makes sense given (2024), but for Pixel 9 does it?).

What we do know as both companies disclose this is that Apple implements particularly with Advanced Data Protection enabled significantly more E2EE than Google, and both companies invest significantly through i.e. Apple's SEAR into the security of their hardware, software and platforms.

That GrapheneOS exists is great but I don't think this post helps much.

[jeroenhd]

Documents have been leaked at the beginning of this year: https://osservatorionessuno.org/blog/2025/03/a-deep-dive-int... which do include the Pixel 9. They show GrapheneOS being pretty secure in comparison to other vendors at the very least, with GrapheneOS being marked as unsupported if patched beyond 2022. They also show GrapheneOS beating the stock Google firmware.

One reason GrapheneOS fights these threads is by doing what Google doesn't want to do out of user friendliness, like disabling USB in AFU mode. Unlike Google, Samsung, or Apple in non-lockdown mode, GrapheneOS doesn't need to deal with upset users when they need to unlock their phone before hooking it up to their car/display/flash drive/3.5mm jack converter/etc.

GrapheneOS also enables security features when compiling the OS that have a performance impact but mitigate security risks. They end up with a slower phone with less battery life that's protected better against extremely uncommon attack vectors.

GrapheneOS explained how these security features would've prevented at least one targeted attack from leading to exploitation: https://grapheneos.social/@GrapheneOS/114081909020398165

We don't know the current state of Celebrite's capabilities, but the fact they struggled for at least three years last time intel leaked out does paint a good picture for GrapheneOS. I'm sure the GRU and NSA have exploits that can hack even GrapheneOS, but at least they're not the type that makes it into commercially available exploit kits as of now.

[other8026]

> GrapheneOS also enables security features when compiling the OS that have a performance impact but mitigate security risks. They end up with a slower phone with less battery life that's protected better against extremely uncommon attack vectors.

Apps may take slightly longer to launch, which was more noticeable on older devices, but not so much on modern supported devices. I understand that some of the other exploit protections mean that apps and processes take up slightly more memory, but that's another thing that people don't seem to be affected by.

As for battery life, not really. Most people report having roughly the same battery life with GrapheneOS as with the stock OS. People who don't install Google Play report much better battery life. Sure, the exploit protections might use a small amount of extra power, but it's negligible as far as I can tell based on my own experiences and what other people report.

[SpaghettiCthulu]

Some devices are listed with both "BFU Yes" and "BF No" under the "... BFU" column (for example, the newer Pixel devices table). What do these mean in combination?

[vqtska]

There is someone who leaks Cellebrite's support matrix to GrapheneOS dev's and it confirms that they are still unable to exploit it.

"Their documentation has explicitly listed GrapheneOS for years due to the high demand from their customers for breaking into it. It shows they were last able to exploit a GrapheneOS release with a 2022 or earlier patch level.

We have their June 2025 documentation and could obtain the newer documentation if we ask for it, but we have much bigger priorities than that right now and we would have been contacted by the main person providing it if anything relevant changed."

https://x.com/GrapheneOS/status/1965464817914831070

[strcat]

This is a post by a user on the GrapheneOS forum not associated with the project in any way from May 2024. Their post referenced April 2024 Cellebrite capabilities rather than the July 2024 data or later where they had fully caught up to recent iPhones and iOS. The post is from May 2024, they didn't have time travel.

GrapheneOS has access to recent Cellebrite Premium documentation from the past couple months which shows the state of things in the previous published documentation from earlier in 2025 along with the 2 snapshots published in 2024 has been carried over.