Thank you for the post. I’ve heard for a long time that Cellebrite is easily stopped by those who know what they are doing, but the details can be hard to find.
Forensic examiners currently acquire Google account data via Takeout requests (lol). If you want to see what potential data would be turned over, do a takeout request.
Do you have any details on how to prevent forensic acquisition of a Fedora laptop with LUKS2? If the laptop is turned on, but the decryption keys have been entered, how could the decryption keys be acquired? I guess you could do a ram dump via a DMA port, but you can turn that off in settings.
On windows, you can set it up to require TPM + Pin on hibernation, meaning you can’t sniff the TPM or anything.
How can I harden a linux computer in a similar way (require LUKS keys on screen unlock)?