About a month ago the police took my phone and laptop from my place in New Zealand during a search warrant. I have had them returned, turned on the phone, turned dev mode on and then some apps popped up that werent there before, one of them is called ADUI from cellebrite and it looks like its trying to do a brute force scan, not sure of what yet. Another is a T-USIM app, XAPK installer, and an app called OneWorld, its some Korean thing. From quickly looking at the cellebrite manual, it looks like one of the way they get the image/data from the phone is to downgrade the firmware or software version, that could explain the Korean app maybe? As for the brute force scanner trying to run, which is in full admin mode with full permissions, would that have been a fuck up by them? I am going to analyze it myself, whats the best tool(s) to check the phone with? I was going to start with android studio.
That device is radioactive or atleast treat it as such. Do not trust or use it for anything if your privacy or security is even remotely important to you.
I recommend getting only the most important info/data off it manually (do not transfer from it to anything else) to a new device you purchase. And it’s best to use a brand new one you personally buy in the store. Grab a new Pixel of your choice and install GrapehenOS on it. The best and “free” option for the best privacy and security out there.
I think your question is likely beyond the scope of what this forum can offer but that’s the best advice I can give or think of.
Ok, wow, pretty serious then I take it. I will take your advice on the Pixel and GraphenOS, thank you for that. With the comprimsied phone I was going to plug it into a laptop running a bootable docker image and have a poke around, then just zero out the image.
Had a look at the laptop, its running windows 11, I can see it being booted up and the normal services etc starting in event viewer, then it went flat about 15 minutes later, then nothing. The drive has bitlocker so they would have struggled with it if they took the drive out. Either way I am going to shred the drive to be safe.
Yeah, sorry to say but your devices are toast. You’ll have to let it go. Copy any contacts or any any other info you can manually by viewing it but that’s pretty much it. Don’t bother too much with it.
And yes, Pixel with GrapheneOS is the best option indeed.
The problem is that there may be spyware on your devices. This is hard to determine if you’re not a security researcher. It’s just easier to start fresh with new devices. You can find more information in our guide about device integrity.
Remember that the police may have login information that’s stored on your devices as well. You have two options in this case:
Delete/abandon old accounts on old devices, start fresh with new accounts on new devices.
Otherwise, change the passwords on new devices.
You should operate on the assumption that your old devices have spyware just to be safe.
I completely agree with everyone else that you should no longer use the devices, but would you consider contacting the Citizen Lab at the University of Toronto to get them to analyze your devices, if they are interested? I think they would be very interested… they are sort of the “good guys” in the tech activism sphere and they have done analyses of spyware installed by governments on Italian activists etc.
Apart from that… I have heard of activists who store their compromised devices in microwaves because it apparently acts as a Faraday cage. But I am not sure if that is successful.
The phone I don’t want anymore, so many ways to get into them I don’t know about. The laptop will be ok once the drive is replaced, my network security is tight, traffic is monitored and behind mullvad vpn so if anything was happening I would see it. I am in New Zealand, I would have to post it to them.
Yeah, I understand that you may not want to pay for postage fees as the sender.
Maybe you might want to use cheap burner phones in the future, because what if the police comes and takes away your new device(s) again and again? I mean, considering they took it away once, you’re probably on some sort of list they watch and they might take your new devices away once they suspect you of doing something they don’t like , again.
The Citizen Lab is fantastic, they may be willing to pay to have it shipped at the very least since it would aid them in their research. No harm in contacting them about to see what they say first.
I don’t mind posting it, might take a couple of weeks, whos the contact etc? Also, just reading some more about Cellebrite and I think this screenshot is what they should have done, hence why there is still software left on the phone. Also, the google pixel is not sold in NZ by Google, very strange, I wonder if our government are behind that, they are super invasive over here, covid was a massive spying exercise. I can get a Pixel sent over from Australia though, so I will do that.
Yeah, I was just going to say. AU is right there so might as well. Also, not every country sells Pixels, it’s not uncommon. Don’t think NZ government is behind it though.
But whatever is left on your device, I’m sure The Citizen Lab will handle it with care and confidence if you do decide to sent it to Canada. It might actually help us all once they look into what’s what and release a report. You could ask them to do that too (again, no harm).
Also, if you can manage, get your new device delivered from AU (if this is indeed the route you are going) in someone else’s name, for you/on your behalf. An extra layer of potentially unneeded protection but seeing how you were scrutinized, you may want to take this precaution nonetheless.
