My phone has GraphineOS so if somebody snaches it than itll just lock and once it locks then the chance of somebody breaking in is extremely slim.
this post was submitted on 02 Jun 2025
58 points (95.3% liked)
Ask Lemmy
32096 readers
1826 users here now
A Fediverse community for open-ended, thought provoking questions
Rules: (interactive)
1) Be nice and; have fun
Doxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them
2) All posts must end with a '?'
This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?
3) No spam
Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.
4) NSFW is okay, within reason
Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com.
NSFW comments should be restricted to posts tagged [NSFW].
5) This is not a support community.
It is not a place for 'how do I?', type questions.
If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.
6) No US Politics.
Please don't post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online
Reminder: The terms of service apply here too.
Partnered Communities:
Logo design credit goes to: tubbadu
founded 2 years ago
MODERATORS
Set a tasty duress PIN on it
I did :3
My phone/Android is supposed to have theft protection, meaning it will lock itself if it detects a fast movement like it being snatched out of my hand. If that doesn't work, I'd have to get home to lock it I guess.
Somewhat fucked, but not to a terminal degree.
Privacy: The thief would gain access to graphic material of my girlfriend and I doing naked things that would confuse grandparents and excite therapists.
Security: My phone is logged into my emails l, so I'd have to react quickly to cut it off.
2fa: No issues, as I can easily migrate to a different device.
Billing: No issue. It takes 5 seconds to block the SIM.
My main concern is the short-lived email access they would gain. While the inbox does not contain anything horrible, they would be able to reset some passwords, so if my phone was stolen my number one priorities would be to get it my PC to lock out and erase the phone, change mail password, and check All of my user accounts whether they'd been compromised.
2fa: No issues, as I can easily migrate to a different device.
How exactly? This ability would seem to negate any benefit or security of multi-factor authentication.
I don't know if you are on Android or Ios, but on Ios you can require face ID to access certain apps. My mail application also requires face ID to open.
Annoyed as all hell, but not fucked at all. The phone locks itself if snatched away. A phone call, and a brief access to android lock later and now the thief has a worthless paperweight. This can happen in a matter of seconds if theft protection works, or a couple of minutes while I find someone who would lend me their phone, faster if I have my smartwatch with me. Carriers on my country also disable IMEIs across all carriers and on the whole territory when phones are reported stolen. Everything on my phone is backed up elsewhere, so I won't actually lose much, and my data would be fairly protected. They could disassemble it and try to decrypt the storage, but good luck with that if they are not law enforcement or doesn't have the fancy forensic toys.
If they somehow managed to get it to not auto lock after 60 sec then I'd have to change passwords on 3 different emails.
Worst thing they would have is my browser history.
They can't transfer any money without my fingerprint or password to the app.
I use Private Lock. It uses gyro to detect sudden movements and lock the phone based on that.
My screen timeout is a minute, so they likely can't get very far before bumping the side button or just not babysitting it for 60 seconds and needing a long password or fingerprint. Any app worth looking at needs a fingerprint as well, so even if unlocked, not super valuable short of a highly coordinated, personally targeted attack. In which case Pegasus would be easier and faster.
Plus, I always "pull over" and hold my phone with two hands when in a busy public place.
I run my own NAS and Nextcloud server. Most of the data on my phone is synced there.
So I am somewhat prepared for the loss of my phone, but not really for the possibility of someone else using it (accounts etc).
This is such an important distinction to make. Being able to wipe the phone would require a second device, so unless you are with someone who has access to that phone, you have to wait until you get home to initiate it.
Iirc my pixel has a "in case your phone is stolen from you" automation. Though I don't know the mechanics of how it works.
Yeah, I couldn't get into my account on someone else's phone to wipe/trace down my phone. As I believe I'd need 2 factor authentication. Which while mobile I can't do without my phone. I'd have to wait till I got home and a device id previously been logged into.
For Android, it looks like you can go to https://android.com/lock and use your phone number to lock your phone.
No MFA required. But this has to be enabled on your phone in order for it to work.
Interesting, that's good to know. I immediately tried to lock the woman's phone next to me by using her number, she didn't have it turned on either. I have an odd feeling someone is going to write a script that locks someone's phone screen at random intervals throughout the day. Schedule it as a task whenever they log into their work computer so you can watch them struggle with it throughout the day then end the task when they lock their screen/log off.
I actually had the same reaction and so I looked into it. The threat is pretty low.
Worst case scenario is that you're working on something critical and your phone gets locked. You unlock it with PIN and move on. According to the docs, this can only be done a few times a day (iirc twice. I'm too lazy to look it up again. It's 2am and I should be sleeping 😅)
If it gets annoying, you could turn it off until the attacker moves on.
More realistically, you're on Lemmy while in the bathroom and you just have to unlock your phone.
If it happens with some level of regularity, I'm sure Google would either rate-limit the attacker or the phone number.
Not a data target, but my wife was pick pocketed in Paris a few months ago. We were boarding a train to the airport and somebody yanked it from her pocket as she boarded with her hands full.
We both have iPhones. Within five minutes while sitting on the train I remotely locked her phone then wiped it. Never saw any fallout that could be attributed to somebody having access to it.
Not a data target
Someone managed to obtained a fradulent copy of my mother's ID. We're practically just "normies". People think "I'm not important enough to be targeted" then identity theft happens.
This was not even from a stolen phone, it was probably from some data breach. But imagine the damage that can be done from a stolen phone.
So, the identity thief convinced the banks to add their phone number (probably a burner), but somehow they failed to do any money transfers. Then they did a sim swap by just walking into a store, but the other lines got notified and within an hour, my mother got a new sim and removed her name from the authorized account holders leaving only my dad's name in there.
I have no idea how they didn't manage to steal any money, I guess they didn't think their victims would react this quickly?
Edit: And also the law enforcement is fucking useless. They said they'll "investigate", but haven't heard a word back in a year. The only reason to ever file a repprt is for the police report, don't expect the perpetrators to ever get caught.
I've wiped my phone more than a few times. Hurts bad.
Little macro running on my phone, that as soon as my smartwatch gets out of range, it locks the screen. Add the ability to format via wasted remotely, and we are set. The only way to disable internet/ actvate airplane mode is to insert the password if the screen is locked. Also I've never checked, but if graphene has a dead man's switch, not even poweing off would keep the data intact.
Little macro running on my phone, that as soon as my smartwatch gets out of range, it locks the screen.
How do you do that?
Not the parent commentor, but I do something very similar with Tasker. Whenever my phone disconnects from one of a list of Bluetooth connections (like my watch or my car) or even if it just gets a solid jolt to the accelerometers, it goes into lockdown mode. This means the screen gets locked and biometrics can no longer be used to unlock it, requiring the entering of a PIN code to unlock.
I remember doing something weird with automate to make it work, but i don't exactly remember what i did. Since it' been so long.
Pretty much anything sensitive on my phone (email, finances, 2fa, passwords) is protected by Face ID. It also helps that I don’t really go to large gatherings, so the odds of my phone being swiped, while unlocked, are very slim. In public, I use my Apple Watch to view notifications, so again my phone is really not out that often. I’m not worried.
100% fucked.
Depend if it was stolen when i was doing banking or not. I use différents user with differents password for diffenret type of activities. Banking is isolated from my daily usages.
I just need to appreciate the different spellings of different in your comment. It almost makes the word perfect in meaning.
... Didn't notice, now I don't know if I need to correct anything or not XD
Anything worth protecting uses 2FA and they wouldn't have my Yubikey so ... yeah, I'd be fine. Annoyed, but fine.
Depends on how you look at it. By and large screwed until I get it remotely locked maybe. On the other hand I only have a smarthphone for work reasons and it mostly stays at home and if I have it out its for its phone function and a thief would be hard pressed to find a point where I had it unlocked.
They would have to turn on airplane mode quick while they were running because as soon as it has data, I'd have their location and my phone would've already been marked lost / stolen by my watch and queued for factory reset.
While in airplane mode there really wouldn't be much they could do. Anything useful is locked by Face ID. They could see my calendar and my most boring emails. They would have no passwords.
The phone itself would be useless as a phone as it couldn't be used in another carrier.
I mean, that's kinda the point of this question: How quickly can you issue a wipe command to your phone?
If you only have one phone no backup phones, now quickly can you access a internet device to issue a wipe command? And will you even remember the google/apple account password quickly enough in such a stressful moment?
Real phone in my bag hotspotting for a burner I pull out in public is how I did things when I was paranoid.
The only thing on my phone that could do anything like that would be the SIM itself, and luckily that'd a single call I'd do right away.
Is this a thing, like are most thiefs not interested in selling the hardware?
To answer the question: Id be pretty fckd i guess. Passwords are gated behind a password manager but my E-Mail would be exposed.
May be overthinking it a bit, the typical opportunistic thief that would try to snatch a phone and run is just looking to see what bank apps you have installed. Usually they are looking to see if you have something like Venmo installed so they can go into your app and send themselves your money. Venmo of course will say that money was transferred from your phone so it was clearly you and there's nothing to dispute, hence you're fucked.
These type of thieves already know to try to keep the screen unlocked long enough to do that, afterwards they usually just toss the phone somewhere. The phone hardware itself isn't that useful while it's still locked down and tied to someone's Google/Apple account, most phones are firmware locked in that fashion. Sure they could wait it out until you finally remove the phone from your Google/Apple account but every time they check it'll keep giving out their location, not really worth it.
Nowadays current Android phones do have theft protection to prevent loss in a snatch attempt e.g. my Android has settings to auto lock it if it detects fast movement while unlocked, and it also auto locks if the entire phone itself has been set offline/airplane mode for a while.
Hardware is good, but why not have both?
Imei Blacklisting makes them not very valuable anyways. Data worth a lot more.
Btw someone got a fradulent copy of my mother's ID somehow. Like not a "fake id", an actual real government issued ID, but fraudulently obtained mailed to some random address. They started trying to access money in banks, then tried sim swapping [edit: The sim swapping actually worked. Calls from my mother's phone stopped working and other lines in the same family plan got a notification, so my parents went to the phone company and removed my mother's name from the account and replaced the sim. As for the bank accounts, they closed and reopened the accounts with new account numbers and they had a note in there to double check the picture (which is still of my mother's) and address on there (which the fradulent ID had a different address). They never managed to take any money. But it wasted a lot of time.]
So like, its a thing that happens. People think "identity theft won't happen to me, I'm not important enough", then someone steals your identity. These things never gets investigated. They said "we'll investigate" but like a year later, not a word from those "investigators".Only if you steal from the rich do any investigation gets done. They don't care about the average person.
TLDR: Protect your data. Identity theft is actually common.
Nice try Mr. Thief !
I never unlock my phone if anyone is nearby. Yes, I look around first before unlocking.
I'm so done.
It auto-locks in 15 seconds.
I don't have a smartphone. I don't often go out with my phone. Nobody want to steal my phone. But it has no security features, it's a really bad phone. It's not linked to an account, there are just some messages and numbers and that's all. That's not good but not that bad, and I'm ok 3 months without phone.