I’m running Graphene on a Pixel 6. I lost it and someone opened it somehow and called two of my contacts to give it back.

I’m a bit confused how this even happened. When I got the phone back, they were going through my contacts. I checked app usage stats and they went through a banking app (not missing money), maps, signal, etc.

Is there a way to figure out how they even unlocked my phone?

  • Zerush
    link
    fedilink
    arrow-up
    1
    arrow-down
    2
    ·
    11 months ago

    What I said, a smartphone can never be a secure device and this is why it is crazy to have sensitive data stored in these gadgets. It is certainly unlikely that this person gained access by trying the pins, because the cell phone would be blocked after the third failed attempt, but even so, a computer expert needs seconds to access, bypassing this little protection that cell phones have. You can be happy that your Secure Banking app is better protected, probably with 2FA, coordinate card, ID card or similar. In any case, this mobile phone is already compromised, which makes it necessary to change at least the credentials, better even your phone number (ask your ISP). Also be attentive, since this person may have been honest, but he returned it may also be because he was not interested in the cell phone, but in the address where you live.

    • ShortN0te
      link
      fedilink
      arrow-up
      4
      ·
      11 months ago

      A smartphone has better protection and actual disk encryption than probably 90% of all Computers or Laptops since its enabled by default.

          • Zerush
            link
            fedilink
            arrow-up
            1
            arrow-down
            2
            ·
            11 months ago

            The own OS and preinstalled app in a Mobile are extracting your data. This you can only avoid to root it to be able to desinstalar them, but this cause that you must made the security updates by yourself, in rooted phones it isn’t automatic. Than use only apps from F-Droid and not from the Store, install an paid AV and use VPN. Only in this way it is somewhat more secure. Better if you use some Linux Mobile.

            • ShortN0te
              link
              fedilink
              arrow-up
              2
              ·
              11 months ago

              The own OS and preinstalled app in a Mobile are extracting your data. This you can only avoid to root it to be able to desinstalar them, but this cause that you must made the security updates by yourself, in rooted phones it isn’t automatic. Than use only apps from F-Droid and not from the Store, install an paid AV and use VPN. Only in this way it is somewhat more secure. Better if you use some Linux Mobile.

              How is this different from Windows?

              • Zerush
                link
                fedilink
                arrow-up
                1
                arrow-down
                2
                ·
                edit-2
                11 months ago

                Certainly not much in a Windows as is, but in Windows you can avoid it in Android or iOS you can’t, apart in PC are infinity of more tools to avoid acceses than in your phone. I think that in the story of this Thread it is proven that it is easy for an specialist to access a phone, as seen by the author of this thread.

                As said, don’t store important data in your phone, I don’t even connect to my home WiFi when I don’t need it, nor Bluetooth, apps only from F-Droid as much as possible, check the permissions of all your Apps and let only the permissions really needed, delete or at least desactivate the preinstalled and default apps which you don’t need. Check your apps with Exodus Privacy, use an good AV (BitDefender is one of the best), because the Play Protect from Google is a better Placebo.

                • ShortN0te
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  11 months ago

                  I think that in the story of this Thread it is proven that it is easy for an specialist to access a phone, as seen by the author of this thread.

                  There is no proof at all in this thread. The question is unanswered. It is much more likely that OP fucked up and left his phone unlocked than anything else.

                  There is a reason why companies pay hundreds of thousands of dollars for those kinds of exploits/bypasses. Cause they are not trivial.

          • Gabu
            link
            fedilink
            arrow-up
            1
            arrow-down
            2
            ·
            11 months ago

            Sure, but how often do you take your desktop on a walk?

            • ShortN0te
              link
              fedilink
              arrow-up
              2
              arrow-down
              1
              ·
              11 months ago

              I wrote Laptop also. Pls do not try to misdirect.