I know it’s an odd question, but where I live phones get stolen often. My phone doesn’t have the option for an eSim, which is a problem because 90% of the time when a thief steals a phone they take out the SIM card immediately, meaning I wouldn’t be able to remotely lock or wipe my phone.
Should I consider glueing the SIM tray shut? Or are there alternative less permanent measures I can take to keep my device secure?
SIM cards do sometimes malfunction, so if that happens and you glued it in you’re kinda screwed.
This is also true, maybe there’s another non permanent way of doing this? I only need the SIM card in the device when it’s stolen long enough for me to remotely wipe the device
Well, either you glue it, and if you ever need to switch the SIM, you buy a new phone. Or you buy a new phone with eSIM support now.
I guess the only other option is to have a case that’s hard to get off to buy you some time?
There isn’t really a point to that. The very first thing thieves do is turn off the phone so you can’t track it. They’ll then usually format your phone and sell it. Best you can do is set up a secure password and not show any info on the lock screen so they at least wouldn’t be able to access your stuff.
True, but in my country and in my experience the first thing they do is remove the SIM card so that you can’t track it, if it’s an android which it is in my case.
I’ve got a secure password and no details on the lock screen but I’d just like to try protect myself even more
Samsung devices require the unlock pattern/code to be shut down.
Umm… no they don’t? You need a password to unlock it after restarting it but you absolutely can turn the phone off without a password. I’m on my 3rd Samsung device and have never entered a password to shut any of them off.
Every Samsung device I was handed over the last few years required to enter the unlock code for it to be shut down. Maybe it is a dedicated setting or something?
Pretty sure every single mobile has a key combination to power off and recovery when your display or touch isnt working properly. At least its the case for my samsung m51.
Amd what do they do if the battery runs out? Suspend to disk?
and thiefs will just throw it into a faraday cage to block the signal immediately.
Not in my country lol, they’re not that smart
Not in my country lol, they’re not that smart
The federal government has had difficulty dealing with modern locked phones. The sim isn’t integral to the security of the device, it’s just a pointer for the carrier to route calls to. A modern phone with whole system encryption and a strong password is going to be protected against most everyone including nation state actors.
The only real advisory I like to put out with regards to phones is the same as most other devices, don’t reuse passwords and for two factor ideally use something other than email or SMS which makes it far more difficult to get the second factor.
The other thing that’s kind of a ‘best practice’ is using a password rather than any kind of biometric. The reason there is last I’d read (in the USA) the current legal guidance is that while authorities can compelle someone to put a finger on a screen or look at the device, they cannot compelle them to open the contents of their mind (forced testimony) due to the 5th amendment protections. Of course that kind of thing is more related to legal situations rather than lost/stolen devices.
I might recommend using something like tape. Extra Strong Clear Tape.
You may also want to invest in a phone case; preferably an opaque and waterproof one that is difficult to remove.
There are apps available on F-Droid like PrivateLock which might help too; this will automate locking your phone if it’s snatched from your hands suddenly.
- PluckLockEX: (No longer maintained) https://f-droid.org/packages/xyz.iridiumion.plucklockex
- PrivateLock: https://f-droid.org/packages/com.wesaphzt.privatelock
Last thing I can say is to use a short screen timeout and a strong password to unlock the phone.
Private Lock also hasn’t been updated for four years :(
Do not use privatelock! It has the possibility to permanently lock your phone! For me it had a bug with the sensor and it was very hard to remove
you really shouldn’t be recommending things that adds attack vectors.
Some phones including Samsung are encrypted by default.
Don’t keep data on your device you don’t need and use the encryption.
that doesn’t help with sim removal. sim swaps are stuff are a thing and honestly more of a concern than data exfiltration.
“meaning I wouldn’t be able to remotely lock or wipe my phone”. The original post indicated data was the issue. If they want to get the sim out and wipe it, they will. Need to solve the problem (data loss).
I mean on average theyll just turn it off and then try to factory reset it later which will remove your data if there isnt an exploit. What i do since I have the same problem, is just not keep any data on my phone the same goes for accounts but I see that might not be for everyone. Assuming your phone is fully updated a long passphrase, think stock android limits to 17 characters, should be enough to keep out the average drug addict. Be mindful of your surroundings, dont fight back unless they try kidnapping you and use lockdown mode or fully restart your device when you go to a shady area. Curious what device do you have?
Thanks for the response. I have a Samsung A34. I don’t think keeping accounts off of my phone would work for me, it’s my most central place for everything which I know is risky, but it’s better than having everything on my work computer which could get searched or taken at any point
Alright so did a quick search and couldnt find a way to bypass the lockscreen so that should be alright assuming they dont take it when its unlocked but do more research. Go ahead and set a short timeout, and get a privacy screen protector so shoulder surfing can be ruled out. Yeah that is risky but life is life you have the decision on that. The dummy phone is also a good idea if you leave behind the personal one imo
deleted by creator
Uhm, I don’t care about the device or the SIM card?.. I care about my data, and I care about remotely wiping the device before they can try access the device if they are even trying to access it in the first place?
Sure they can turn it off, but if I activate the command to wipe the device the command will execute as soon as the device is powered on.
This is not the case if they remove the SIM. If they remove the SIM the connect is lost and the device can remain on and be tampered with, with my data still entact.
I don’t “keep asking for proof” I literally asked in one comment? You seem very angry about people asking questions online, maybe you should do some introspection or something idk
deleted by creator
This is unfortunately how a lot of online privacy communities feel. Like it’s mostly performative privacy fan service. Often with a weird martyrdom thread running through it, almost as if people are mixing up the ideas of privacy, with simple rebellion against modern technology.
I can’t speak to any particular communities, but to me it’s about putting extra steps between me/my data/whatever and thieves. (I have a personal tinge of rebellion against social media and perma connectedness but I generally see them as separate)
If my password is “password” anyone can and will pop it
If my password is “P@$sw0Rd60&4” alot of people could and probably would
If my password is ^ and I use 2FA, sure that can be spoofed but the number of able hackers is much lower and it’s much more work, quite frankly I’m just not that interesting 😂
Etc etc, adjusted for situation
Hot glue can be undone with heat
It would give me enough time to remotely wipe the device before they can remove the SIM would it not?
No, they can do it with the phone turned off.
Have you thought about using a strong unlock method, so they can not gain access to your data in the first place (if all yo want to do is wipe it)?
I’m on a Samsung A34 using a passphrase to unlock, I’m not sure it gets stronger than that? Unless there’s something I’m missing
having proper hardware security like is present on pixels would help a lot. if you can, look into a pixel and put grapheneos on it. I know it doesn’t solve your sim removal issue but the documentation can walk you through a lot of that.
I’m on a Samsung A34 using a passphrase to unlock, I’m not sure it gets stronger than that? Unless there’s something I’m missing
If I really had such a concern I’d use a Linux phone, e.g PinePhone or PinePhone Pro, and I would program it so that unless a certain command has been ran, if it boots or stay too long (e.g 1s) without a SIM then it deletes sensitive data.
Thiefs just throw phones into faraday cages to block all access immediately, then they fiddle with it at home. You’re pretty much screwed either way.
Do you have any sources for this? Or is this something people in the suburbs tell each other over a campfire.
Source? Because I have many videos as evidence showing thieves throw SIM cards out of the window of their escape vehicle, so that seems to be the common one here
Phones have a unique equipment identifier number (IMEI) that they share with towers. Changing SIM changes the subscriber ID (IMSI) but not the IMEI (manufacturers don’t make it easy to change the IMEI). So thieves (and anyone else) with the phone could be tracked by the IMEI anyway even if they do that, while leaving the phone on.
In practice, the bigger reason they don’t get caught every time if they have inadequate opsec practices is that in places where phone thefts are common, solving them is probably not a big priority for local police. Discarding the SIM probably doesn’t make much difference to whether they get caught.
Source? Because I have seen many videos showing thieves throw SIM cards out of the window of their escape vehicle, so that seems to be the common one here
You could just set a Sim pin
I have a SIM pin… how does having a SIM pin stop them from taking the device offline by removing the SIM?..
It keeps them from making calls as you
