So I have a device running lineage os and I am a little concerned about the potential data breach if my device is stolen.

My first precaution was to setup SMS findmydevice so that I could remotely control my device in case it got lost or stolen. I’m not sure how secure this is but I wanted to have a way to remotely get its location and to wipe it remotely.

The second thing I setup was locker. F-droid says that the upstream code is no longer available which is concerning but I am using it none the less. This should prevent basic attacks on the lock screen.

Is there anything else I need to do?

  • jetA
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Lock the bootloader again. You can relock it on most phones, especially Pixel phones.

    That way if anybody messes with the bootloader your data gets wiped.

    I don’t know if lineage has this option but some Android ROMs do,. Periodic reboots. Force your phone back into its secure off state. Couple that with a boot password which is longer than your unlock password and you’re in a pretty good position. Graphene OS does this. But I’m sure it’s available in other operating systems

    You might consider setting up a work profile, using shelter. Have your work profile unlock with a different factor. Either fingerprint, or if you use fingerprint for your main unlock, then use a code. Then you’ll need two factors to run apps in your work profile.

    • Possibly linux@lemmy.zipOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      I use lineage os on Motorola phones so I can’t lock the bootloader. (Lineage os doesn’t support it anyway)

      I never considered rebooting though. That’s not a bad idea. The only problem is that it resets the system uptime. (Uptime can be a tamper indicator)

      • jetA
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        There’s different threat scenarios you need to consider. Somebody taking your phone, somebody tampering with your phone but leaving it with you, somebody remotely accessing your phone.

        I thought we were just talking about the somebody taking your phone scenario. You could set up a task on your phone to check for a Bluetooth device say every 5 to 10 minutes. If it doesn’t see it turn off. Hopefully you’re comfortable with your phones powered off state being secure.