They can likely still get in. There's leaked slides from Cellebrite showing everything they can crack and under what circumstances. From what I remember GrapheneOS is really the only version of Android they actually can't get into.
this post was submitted on 01 Feb 2026
20 points (100.0% liked)
Privacy
3616 readers
125 users here now
Icon base by Lorc under CC BY 3.0 with modifications to add a gradient
founded 2 years ago
MODERATORS
The moment the cops get physical access to the device it should be considered compromised, regardless of you have Graphene, Bismuth, Borophene or whatever. Since if they (the cops) are any well-equipped, they'll just disassemble the phone and proceed to make a copy of the raw memory as-is, then take all the time they have in the world to work on breaking through the copy rather than directly on the phone (and risk eg.: a duress key activation). Rinse, wench, repeat.
(I do get that Lineage requires having a bootloader unlocked which is usually non-relockable. But that's just the breaks. Neither Graphene nor relockable phones are common enough to account for the amount of people who would or might have to protest)
If you're comparing stock OS vs Lineage, the password length doesn't really matter. The issue would be vulnerabilities introduced by having an unlocked bootloader, or security updates that haven't been applied to Lineage OS.
Also its hard to answer what 'police' can do because that varies widely depending on which LE you're dealing with. Basically any data can be retrieved given enough time and resources. So the this all depends on what your threat landscape looks like.
So here are the senarios I've come up with:
- Phone is on latest security updates
- Latest security update for LineageOS itself but outdated firmware (like the firmware code that only the manufacturer can patch)
- Outdated Lineage OS, but the phone is in "Before First Unlock" mode (and assuming they didn't manage to send you a Pegasus beforehand)
I am no expert on lineage, so take this all with a grain of salt. You being fully updated on lineage doesn't necessarily mean you have all security updates. The OS maintainers will take time to implement fixes after vulnerabilities are reported, and there may be a delay even if google has patched core android. Manufacturers have that same issue however, so this isn't unique to Lineage.
The bootloader being unlocked will always be a weak point, and last I looked into it most phones don't allow for the bootloader to be locked after unlocking.
Having your software and firmware up to date is always going to be a good idea. And if you're expecting to go somewhere that you might be detained (protests/demonstrations) then it might be a good idea to just not bring the phone at all. Physical access to a device offers significantly more options for pulling data from the device.
Not bringing a phone to a protest is a govts wet dream. Bring a burner phone. The real issue, assuming signal jamming, is how to propagate video chunks thru a mesh network until node(s) find working Internet connection(s) and the video chunks can be distributed out to multiple servers.
Also would be nice to be connected to coordinators to break up mob into cells with distributed specific targets.
Why do we have to suck at what we do?
Seeing police with riot gear in a phalanx, and crowds pushed against them. Looks like failure to me; lost opportunity. Where in da f are the coordinators?
I can remember back from my more experimental days, the moment your bootloader is unlocked, your phone is wide open to a lot of mischief and attacks. Meaning if you have to leave your bootloader unlocked to use a custom ROM, it's probably not ideal.
On the other hand, your manufacturers OS might have some intentional backdoors, or just insecurities in some of the OEM apps, that make it easier to exploit, but that's obviously hard to say/check.
From my quick search, it looks like it might be possible to re-lock your bootloader with certain manufacturers of you have the right signing keys, but that's definitely some advanced level fingerling at that point: https://www.reddit.com/r/LineageOS/comments/n7yo7u/a_discussion_about_bootloader_lockingunlocking/
I would personally argue Lineageos is significantly less safe and private than the OEM rom. If you're using a phone with LineageOS and an unlocked bootloader (which is basically needed for lineageos) it would bearly even be an inconvenience for them to bypass the OS entirely and just get all your data. Comparatively most stock rims are also pretty easy to hack into for any law enforcement with resources.
Tldr: Use grapheneos
Okay but suppose you managed to turn off the phone before they seize it, how does the unlocked bootloader matter? LineageOS use encryption
Isn't most people running linux with secure-boot off anyways? But a turned-off fde encrypted linux computer is still considered secure?
A lot of people wont like this but Linux isn't secure either
My take would be using grapheneos and give the duress pin when asked for it, that way if they put the pin the entire phone gets wiped.
I know I'm not answering your question directly but if you use lineageos with an unlocked bootloader the best you can do is deny to give the passcode but eventually depending on their resources they will get in.
That may not be the best advice. It might get you charged with destroying evidence. If you have graphene and its locked down, then your best bet is probably just to hope you and your device are out before they can pull anything from it.
If you have something highly illegal in your device I think it is better to be charged for destroying evidence than something worse or even if the police find something that can get you in trouble with someone worse than them.
Totally fair. So I guess make the judgment based on the lesser of two evils there.
Maybe. But be careful about putting in that PIN or connecting it to your network when you get home, in case you get it back after...
There is no security using LineageOS. Next!