The FBI’s honeypot Pixel 4a gets detailed in new reporthttps://arstechnica.com/gadgets/2021/07/how-the-fbi-weaponized-android-modding-with-anom-devices/
FBI honeypot phones are now public—and showing up on the secondary market.
With the new knowledge that the FBI phones presented themselves as "ArcaneOS" to users, Vice was able to find several other confused users on the internet who apparently ended up with second-hand FBI devices. Here's a forum post from XDA Developers user "mayday175" asking how to fix their recently purchased, second-hand Pixel 4a with a barely functional build of "ArcaneOS" locked in place. Because nobody had ever heard of this bizarre OS, the user posted a treasure trove of screenshots in an attempt to get help. Mayday writes, "The installed OS is ArcaneOS 10. The system updater says that ArcaneOS 11 is available for download (but I don't want to do that in case it makes this thing even harder to fix)." I wonder how good the FBI is at delivering timely Android OS updates?
The FBI's compromised phones definitely show some red flags that a tech-savvy user should be able to spot. When you start up an Android phone, the first check that happens is Verified Boot, which makes sure the operating system is cryptographically signed by your device manufacturer, ensuring it hasn't been tampered with. If a device fails verified boot, either from having an unlocked bootloader or a re-locked bootloader with tampered software, it will show a message during startup. In this case, the FBI devices display a message saying, "Your device is loading a different operating system," complete with a yellow exclamation point icon and a link for a Google support page at g.co/ABH. This message is very important.