this post was submitted on 15 Dec 2023
119 points (98.4% liked)

Privacy

32173 readers
478 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I'm running Graphene on a Pixel 6. I lost it and someone opened it somehow and called two of my contacts to give it back.

I'm a bit confused how this even happened. When I got the phone back, they were going through my contacts. I checked app usage stats and they went through a banking app (not missing money), maps, signal, etc.

Is there a way to figure out how they even unlocked my phone?

(page 2) 29 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 11 months ago (1 children)

If they were able to guess your pin, you should probably switch to a longer pin or a password. It seems insane at first to type a long password, but if you pick two long scientific words, its secure with only letters.

[–] wreckedcarzz 1 points 11 months ago

I use a password longer than the android limit (16 characters) since graphene allows longer; I use letters numbers and symbols. But I also use biometrics, because fuck typing that every time I need to open my phone. Allows for a very secure fresh (re)boot state, and with decent security when it has been unlocked at least once. I also use Locker, which (assuming it works, it's a few years old now, luckily never had to see) lets you set a max number of unlock attempts before using admin privileges to wipe. And graphene lets you set a 'time since last unlock' auto-restart, to get that initial secure state back.

Probably overkill, but I have leos in the family and I have been harassed before several times over the years (often without any cause or merit), as a teenager and beyond, and I don't trust anyone wearing a badge anymore. So 'plan for the worst, hope for the best' is my strategy.

[–] [email protected] -1 points 11 months ago (1 children)

What I said, a smartphone can never be a secure device and this is why it is crazy to have sensitive data stored in these gadgets. It is certainly unlikely that this person gained access by trying the pins, because the cell phone would be blocked after the third failed attempt, but even so, a computer expert needs seconds to access, bypassing this little protection that cell phones have. You can be happy that your Secure Banking app is better protected, probably with 2FA, coordinate card, ID card or similar. In any case, this mobile phone is already compromised, which makes it necessary to change at least the credentials, better even your phone number (ask your ISP). Also be attentive, since this person may have been honest, but he returned it may also be because he was not interested in the cell phone, but in the address where you live.

[–] [email protected] 1 points 11 months ago (1 children)

A smartphone has better protection and actual disk encryption than probably 90% of all Computers or Laptops since its enabled by default.

[–] [email protected] -1 points 11 months ago* (last edited 11 months ago) (1 children)
[–] [email protected] 1 points 11 months ago (2 children)

No, it isn't, independent of that it's easier to get lost or robbed.

https://www.techradar.com/news/8-reasons-why-smartphones-are-privacy-nightmare

Thats not what i said.

Modern Smartphones offer a much better protection against data extraction than regular Computers/Laptops.

[–] [email protected] 0 points 11 months ago (1 children)

The own OS and preinstalled app in a Mobile are extracting your data. This you can only avoid to root it to be able to desinstalar them, but this cause that you must made the security updates by yourself, in rooted phones it isn't automatic. Than use only apps from F-Droid and not from the Store, install an paid AV and use VPN. Only in this way it is somewhat more secure. Better if you use some Linux Mobile.

[–] [email protected] 1 points 11 months ago

The own OS and preinstalled app in a Mobile are extracting your data. This you can only avoid to root it to be able to desinstalar them, but this cause that you must made the security updates by yourself, in rooted phones it isn't automatic. Than use only apps from F-Droid and not from the Store, install an paid AV and use VPN. Only in this way it is somewhat more secure. Better if you use some Linux Mobile.

How is this different from Windows?

[–] [email protected] -1 points 11 months ago (1 children)

Sure, but how often do you take your desktop on a walk?

[–] [email protected] 1 points 11 months ago

I wrote Laptop also. Pls do not try to misdirect.

load more comments
view more: ‹ prev next ›