I’m running Graphene on a Pixel 6. I lost it and someone opened it somehow and called two of my contacts to give it back.

I’m a bit confused how this even happened. When I got the phone back, they were going through my contacts. I checked app usage stats and they went through a banking app (not missing money), maps, signal, etc.

Is there a way to figure out how they even unlocked my phone?

  • Darkassassin07@lemmy.ca
    link
    fedilink
    English
    arrow-up
    31
    ·
    11 months ago

    Was it perhaps unlocked when you lost it?

    I know I’ve set my phone down unlocked a few times; particularly at work (in a warehouse).

  • dutchkimble@lemy.lol
    link
    fedilink
    arrow-up
    28
    ·
    11 months ago

    Is your pin something like 1234? Do you have emergency contacts set up? Do you have a setting to not lock the phone until very long? Or a smart unlock based on location or any other automation setting? An easy password hint pops up or something? Perhaps your parents forgot to mention you had a twin, who face unlocked it.

    Regarding app usage, my guess is they tried to see whom to contact to give your phone back, or map history, the banking app could be a touch by mistake too.

  • XTL@sopuli.xyz
    link
    fedilink
    arrow-up
    23
    arrow-down
    1
    ·
    11 months ago

    Do those contacts happen to be your ICE? Some phones will allow those from the emergency dialer without unlocking. Don’t know about grapheme.

  • Skull giver@popplesburger.hilciferous.nl
    link
    fedilink
    arrow-up
    16
    ·
    edit-2
    11 months ago

    They clearly seemed to mean well. Maybe you can ask?

    I imagine you may have lost your phone while it was still unlocked. It’s possible that there’s a Graphene lock screen bypass out there, but I doubt someone with such knowledge will use it to return your phone to you. Most “hacker” style lock screen bypass I imagine someone wanting to return the phone will do is checking for smudges on the PIN area of the lock screen and determining the code from that.

    To combat someone unlocking your phone through smudges, you can enable PIN scrambling.

  • neutron@thelemmy.club
    link
    fedilink
    arrow-up
    12
    ·
    11 months ago

    Perhaps they simply took out the sim card and inserted into another phone, giving them access to contacts (that could have been saved into the chip instead of the original phone)?

  • Sensitivezombie@lemmy.zip
    link
    fedilink
    arrow-up
    10
    ·
    11 months ago

    This maybe a strange suggestion. Aside from the banking app, it seems like the maps and contacts app were used with good intentions to return the phone. The person returned the phone to your friend, so clearly had good intentions. Your friend may have the phone number of the person in their call log when they called to return, unless of course they used your phone to call. If possible, have you thought about calling that person and asking about this just out of curiosity?

    • Dislodge3233@feddit.deOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      11 months ago

      Yeah. It was clearly good will. Even the banking, they probably didn’t realize the app was banking (foreign bank). Signal was Molly, so they honestly were personally confused since I run KISS Launcher.

      The problem is that they used my phone to call my contacts.

      • Cwilliams@beehaw.org
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        11 months ago

        they honestly were personally confused because I run KISS launcher

        This is what I think would happen if someone stole my laptop. Even if they got my password, they would need to figure out how to start sway, and then launch any useful application. I know there’s no security in obscurity, but I think it would be pretty funny to see someone try

  • Nix@merv.news
    link
    fedilink
    English
    arrow-up
    7
    ·
    edit-2
    11 months ago

    If someone calls you and theres a missed call notification can they just click it to call back without unlocking the phone?

    Oh i didnt notice they went through other apps. Maybe they were watching you and saw you input your pin and then stole it and checked your stuff to see if they can get something useful and then returned it?

    • SomeBoyo@feddit.de
      link
      fedilink
      arrow-up
      4
      ·
      11 months ago

      Wouldn’t a thief just factory reset and sell it, instead of taking the additional risk of returning it?

  • MxM111@kbin.social
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    11 months ago

    Is it possible that something else was installed to the phone? If they manage to hack it open, then potential reason to return it to you is to spy on you.

    • jackpot@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      11 months ago

      theyd have to be important, unlikely. even if this is cia shit tjey wouldnt make it obvious someone got in

      • Gabu@lemmy.ml
        link
        fedilink
        arrow-up
        0
        arrow-down
        1
        ·
        11 months ago

        Why not? Most people ITT clearly don’t seem security minded enough to even think of that as a possibility.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    11 months ago

    Unrelated. Have you considered using a work profile?

    That way you can have two factor authentication when unlocking your phone. You could use a PIN code for the main unlock, and a biometric for apps in the work profile. That way you would have to have both something you are, and something you know.

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        3
        ·
        11 months ago

        Settings, security, more security settings:

        Under work profile and security:

        Disable - use one lock for work profile and device screen

        Configure - work profile lock, use a different code, only needed at boot time.

        Enroll finger prints for biometric unlock.

        • Pantherina@feddit.de
          link
          fedilink
          arrow-up
          1
          ·
          11 months ago

          Thanks, I use Workprofile for crap apps, but if I wouldnt need those this would be a good idea!

          • jet@hackertalks.com
            link
            fedilink
            English
            arrow-up
            0
            ·
            edit-2
            11 months ago

            You could put the crap apps in the main profile, and then the important apps in the work profile. Then the important apps would have two factor

            • Pantherina@feddit.de
              link
              fedilink
              arrow-up
              1
              ·
              11 months ago

              I am not really leaving my device locked haha, or if, then I would also always have the work profile locked. Also I dont trust Androids init system, apps just randomly run in the background and there still is no way to completely prevent that. So I keep them in the work profile

              • jet@hackertalks.com
                link
                fedilink
                English
                arrow-up
                0
                ·
                11 months ago

                On Grapheneos I’ve been using the disable app option aggressively, to have installed apps that only run when I need them. I do have to enable them from the app settings, which is a little annoying but the hotel booking app doesn’t need to be running all the time.

  • Euphoma@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    11 months ago

    If they were able to guess your pin, you should probably switch to a longer pin or a password. It seems insane at first to type a long password, but if you pick two long scientific words, its secure with only letters.

  • mulcahey@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    11 months ago

    Gonna need to know more. What method do you use to lock your phone? Is it rooted?

    Also: did they return the phone to you, or to your friend? Could it be your friend who went through these apps?

  • Zerush@lemmy.ml
    link
    fedilink
    arrow-up
    0
    arrow-down
    1
    ·
    11 months ago

    What I said, a smartphone can never be a secure device and this is why it is crazy to have sensitive data stored in these gadgets. It is certainly unlikely that this person gained access by trying the pins, because the cell phone would be blocked after the third failed attempt, but even so, a computer expert needs seconds to access, bypassing this little protection that cell phones have. You can be happy that your Secure Banking app is better protected, probably with 2FA, coordinate card, ID card or similar. In any case, this mobile phone is already compromised, which makes it necessary to change at least the credentials, better even your phone number (ask your ISP). Also be attentive, since this person may have been honest, but he returned it may also be because he was not interested in the cell phone, but in the address where you live.

    • ShortN0te@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      11 months ago

      A smartphone has better protection and actual disk encryption than probably 90% of all Computers or Laptops since its enabled by default.

          • Zerush@lemmy.ml
            link
            fedilink
            arrow-up
            0
            ·
            11 months ago

            The own OS and preinstalled app in a Mobile are extracting your data. This you can only avoid to root it to be able to desinstalar them, but this cause that you must made the security updates by yourself, in rooted phones it isn’t automatic. Than use only apps from F-Droid and not from the Store, install an paid AV and use VPN. Only in this way it is somewhat more secure. Better if you use some Linux Mobile.

            • ShortN0te@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              11 months ago

              The own OS and preinstalled app in a Mobile are extracting your data. This you can only avoid to root it to be able to desinstalar them, but this cause that you must made the security updates by yourself, in rooted phones it isn’t automatic. Than use only apps from F-Droid and not from the Store, install an paid AV and use VPN. Only in this way it is somewhat more secure. Better if you use some Linux Mobile.

              How is this different from Windows?

          • Gabu@lemmy.ml
            link
            fedilink
            arrow-up
            0
            arrow-down
            1
            ·
            11 months ago

            Sure, but how often do you take your desktop on a walk?