But, I think you're agreeing with the sentiment that it's ridiculous to attack GrapheneOS since consent-based data abstraction is not an exploit. Am I right? 

 yep 

 We agree it's not an attack, we even said that capability is an expectation at the start.

Unfortunately, some malicious actors, namely people selling proprietary scam phone products have been misinterpreting such claims by Cellebrite, XRY and others about GrapheneOS being supported as GrapheneOS being under attack.

This is our response. This post is meant to highlight how we have got these companies' attention and how they have trouble dealing with us. Earlier this year we found the exploit XRY was using to brute force modern Pixels which lead to us patching it (and got a pretty good bounty from Google for it too). This is more of a post talking about our recent successes and future plans.

We are showing GrapheneOS is not like the other devices with stock or other OSes with exception to some modern iPhones in this post. Consent is the ONLY way for supported GrapheneOS devices at this time. We also wanted to reveal this Cellebrite documentation for clarity as we had discussed it in the past on our forum. 

 I agree with you. Characterizing that your phone is still usable by you (and could be used by attackers through you by forcing you to follow their instructions with your phone) as an 'attack' is nutty, and people attacking GrapheneOS on this point are out to lunch.

I'm also glad to hear that duress passwords and dual unlock (fingerprint + pin) are coming. 

 Gotcha. Yes 💯, but if there's anything consistent... it's nutty people attacking GrapheneOS for one reason or another. 

 FFS I've been attacked in similar fashion multiple times by anon nutcases with ulterior motives for just recommending it :)