6

I know it's an odd question, but where I live phones get stolen often. My phone doesn't have the option for an eSim, which is a problem because 90% of the time when a thief steals a phone they take out the SIM card immediately, meaning I wouldn't be able to remotely lock or wipe my phone.

Should I consider glueing the SIM tray shut? Or are there alternative less permanent measures I can take to keep my device secure?

all 12 comments
sorted by: hot top controversial new old

If I was stealing phones, I'd probably ditch the SIM first too.
Wouldn't want connectivity that will follow me around.
If removing the SIM fails, they'll either:

  • panic and scrap it on the spot / throw it as far as they can
  • calmly sigh and dump it in a metal can or mesh bag for later

Either way, you're probably never seeing this phone again after it gets stolen.
As such, I'm assuming the main focus is on protecting the data on it, more than the thing itself.

First thing to do is to encrypt it.
Remote lock? Your phone should already be locked if it's not in your hand.
Disable all the features that unlock your phone when at home and other shenanigans.

Encrypted and locked means someone who gets their hands on it is much less likely to log into everything and make your life hell.
A thief probably won't bother breaking encryption.
A lettered gov agency probably maybe might, but that's a whole different topic.
Remote wipe is never guaranteed anyway.
Faraday cages are utterly simple.

A phone thief wants money.
Your saved passwords, accounts, bank app, stuff like that are prime targets.
After that they could sell the phone or its parts.

There's honestly very little advantage to gluing your SIM tray and it's gonna suck for you when you change providers or they issue you a new SIM for some reason.

Don't leave your phone unlocked.
Don't leave your phone unattended.
Encrypt it.
Lock it.
Keep it updated.

I honestly wish traditional SIMs would die already, along with SMS-based and email-based 2FA.
TOTP 2FA is fine the others are mostly smoke and mirror.

[-] phx@lemmy.ca 2 points 1 year ago

Or just... turn it off until they can swap out the sim?

Yea that too.
Aside from phones, there are enough airtags or similar trackers around these days, I'd imagine thieves might use signal blocking bags.

Either way, gluing your SIM slot is mostly useless.

[-] Psiczar@aussie.zone 2 points 1 year ago

No. It’s the Apple or Android account that is logged into the phone and whether it is connected to a mobile or WiFi network that will determine if you are able to remotely wipe it or not. They could remove/replace the sim but the next time it connects to one of those networks and has an internet connection, the remote wipe command will activate.

Your phone should always be locked with a pin, Face ID etc. if it isn’t the person can just log in to it and access all of your data or factory reset it.

[-] rdyoung@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

Newer phones aren't worth stealing anymore (for the most part). New features at the bootloader level (pm android at least) prevent you from simply wiping the phone and using it. When you wipe it, you still need to have the pin that the last owner/user setup or else it's just a paper weight.

I dealt with this myself not long ago. I gave my step daughter my pixel 5a when I upgraded to a 7pro and she still needed my pin to set it up.

[-] darkstar@sh.itjust.works 1 points 1 year ago

See I'm worried they'll keep the device offline and try to access it before it can be wiped remotely with find my.

[-] rdyoung@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

Depending on how old the phone is, this is less of an issue than you or others here think it is. Starting a few years ago, android at least can't simply be wiped and set back up from scratch. Manufacturers/Android did this in response to the increase in phone thefts. Iirc, this had a significant impact on the number of phones being stolen as an opportunity theft. If someone targets you, that's a different story.

As others have said. Make sure encryption is turned on and that it's setup with a pin. If you really are concerned then make sure the time out to lock is set to as low as possible and never have it unlocked if it's not in your hands.

[-] darkstar@sh.itjust.works 1 points 1 year ago

It's a Samsung A34, so not old at all. Thank you for your response!

[-] Psiczar@aussie.zone 1 points 1 year ago

That’s a possibility, but if it’s locked they won’t be able to log into it to access your data or factory reset it, which will make it essentially worthless to them.

Gluing the SIM card tray will add to that worthlessness but will also prevent you from being able to legitimately sell, trade or give away the phone.

A Faraday cage is a pretty low tech and ubiquitous way to keep anything offline regardless.
They come in convenient travel bag formats these days, but an old metal can will do.

[-] rdyoung@lemmy.world 2 points 1 year ago

Chip bags work a treat as well.

this post was submitted on 23 Sep 2023
6 points (71.4% liked)

Cybersecurity

5683 readers
4 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago
MODERATORS