It isn't planned currently as a technical threat would be able to figure that out, or would be able to tell if it is a decoy through other means. It's a big reason we don't have a hidden profile feature at all (e.g. FFS would leave signs). The feature would only work best against someone with no knowledge on what GrapheneOS is. Cellebrite and XRY and other industry actors mentioning us in their internal documents or product material would suggest they study our work and read our posts.
Another example is Owner is still required to be authenticated first and there's tons of ways to see if an authenticated profile os the Owner or not.
We believe features involved in tricking someone could lead to someone trusting that feature and underestimating how skilled the person they're trying to trick, which could endanger them or bring even more trouble. While you could also trick someone with our Duress PIN that's not the objective, the device owner should trigger it when the time is right.
final [GrapheneOS] 📱👁️🗨️
npub1c9d…sqfm
2024-06-01 20:47:20
in reply to nevent1q…5rhh
Author Public Key
npub1c9d95evcdeatgy6dacats5j5mfw96jcyu79579kg9qm3jtf42xzs07sqfmPublished at
2024-06-01 20:47:20Event JSON
{
"id": "cc1e5c7193a8819859bb4d29513a31b12b812bb6cfe22074a39607277af4fb30",
"pubkey": "c15a5a65986e7ab4134dee3ab85254da5c5d4b04e78b4f16c82837192d355185",
"created_at": 1717267640,
"kind": 1,
"tags": [
[
"e",
"4e4c5e3e56977a3829de05be52cc37124da169f5cfcea4e019aa97ecb990aa66",
"",
"root"
],
[
"e",
"6f60c53f702b7e9aa4d15ef727213c0fd0d3b8ee017c81f04447e246ecf0d167"
],
[
"e",
"f3352c0159a49703a7b574c1146a18f96df26104db72264a634d2f82c3b842fe",
"",
"reply"
],
[
"p",
"c15a5a65986e7ab4134dee3ab85254da5c5d4b04e78b4f16c82837192d355185"
],
[
"p",
"b7ed68b062de6b4a12e51fd5285c1e1e0ed0e5128cda93ab11b4150b55ed32fc"
]
],
"content": "It isn't planned currently as a technical threat would be able to figure that out, or would be able to tell if it is a decoy through other means. It's a big reason we don't have a hidden profile feature at all (e.g. FFS would leave signs). The feature would only work best against someone with no knowledge on what GrapheneOS is. Cellebrite and XRY and other industry actors mentioning us in their internal documents or product material would suggest they study our work and read our posts.\n\nAnother example is Owner is still required to be authenticated first and there's tons of ways to see if an authenticated profile os the Owner or not.\n\nWe believe features involved in tricking someone could lead to someone trusting that feature and underestimating how skilled the person they're trying to trick, which could endanger them or bring even more trouble. While you could also trick someone with our Duress PIN that's not the objective, the device owner should trigger it when the time is right.",
"sig": "f9a166f5b60e18d18522c12e8db6f65ce6e5eb51d82d539a7ef08295f7acfc8d3a8312a36bdc2f87841f9762aba41095760fd84b1db167465803d4ffdba8708b"
}