I am looking into the new protocols being used by the latest Knox advances (Matrix) in the S25 flagship series of Android. I have read through the last 4-6 pages of posts here and I don't see anything related being discussed. Since this forum is about mobile device security this would be the place in this forum to launch an inquiry, so here goes: Feel free to pick any counter measure software you are familiar with -- Cellebrite, etc.... Specifically I am trying to work through a BFU (before first unlock) scenario. Namely a device is fully OFF and then subjected to analysis. The subject device uses a VERY complicated and long passphrase leaving brute force out of the question. Obviously known vulnerabilities are likely to be kept private as long as possible but maybe a few here might have run across some links or ideas that may facilitate my project. I can set you up with a GPG key if you want to go dark. Just saying......
According to Android Encryption pdf published in 2020 https://cellebrite.com/wp-content/uploads/2020/06/Android-Encryption_FollowUp-PP_Q22020.pdf most modern Android devices use FBE, which is usually good though even in BFU you have: So first question is about threat model: do you mind if any data will be available to adversary like last (text?) messages that popped up before restart? If you only care about files then this article seems pretty nice: A deep dive into Cellebrite: Android support as of February 2025. https://osservatorionessuno.org/blog/2025/03/a-deep-dive-into-cellebrite-android-support-as-of-february-2025/ According to this Pixel, especially with Graphene OS, seems like a better secured than Samsung. However I would say that I have less trust to smartphones and tablets than to PCs (including laptops).
