So I have a device running lineage os and I am a little concerned about the potential data breach if my device is stolen.
My first precaution was to setup SMS findmydevice so that I could remotely control my device in case it got lost or stolen. I’m not sure how secure this is but I wanted to have a way to remotely get its location and to wipe it remotely.
The second thing I setup was locker. F-droid says that the upstream code is no longer available which is concerning but I am using it none the less. This should prevent basic attacks on the lock screen.
Is there anything else I need to do?
Lock the bootloader again. You can relock it on most phones, especially Pixel phones.
That way if anybody messes with the bootloader your data gets wiped.
I don’t know if lineage has this option but some Android ROMs do,. Periodic reboots. Force your phone back into its secure off state. Couple that with a boot password which is longer than your unlock password and you’re in a pretty good position. Graphene OS does this. But I’m sure it’s available in other operating systems
You might consider setting up a work profile, using shelter. Have your work profile unlock with a different factor. Either fingerprint, or if you use fingerprint for your main unlock, then use a code. Then you’ll need two factors to run apps in your work profile.
deleted by creator
I use lineage os on Motorola phones so I can’t lock the bootloader. (Lineage os doesn’t support it anyway)
I never considered rebooting though. That’s not a bad idea. The only problem is that it resets the system uptime. (Uptime can be a tamper indicator)
There’s different threat scenarios you need to consider. Somebody taking your phone, somebody tampering with your phone but leaving it with you, somebody remotely accessing your phone.
I thought we were just talking about the somebody taking your phone scenario. You could set up a task on your phone to check for a Bluetooth device say every 5 to 10 minutes. If it doesn’t see it turn off. Hopefully you’re comfortable with your phones powered off state being secure.