So I have a device running lineage os and I am a little concerned about the potential data breach if my device is stolen.

My first precaution was to setup SMS findmydevice so that I could remotely control my device in case it got lost or stolen. I’m not sure how secure this is but I wanted to have a way to remotely get its location and to wipe it remotely.

The second thing I setup was locker. F-droid says that the upstream code is no longer available which is concerning but I am using it none the less. This should prevent basic attacks on the lock screen.

Is there anything else I need to do?

  • @[email protected]
    link
    fedilink
    English
    21 year ago

    Lock the bootloader again. You can relock it on most phones, especially Pixel phones.

    That way if anybody messes with the bootloader your data gets wiped.

    I don’t know if lineage has this option but some Android ROMs do,. Periodic reboots. Force your phone back into its secure off state. Couple that with a boot password which is longer than your unlock password and you’re in a pretty good position. Graphene OS does this. But I’m sure it’s available in other operating systems

    You might consider setting up a work profile, using shelter. Have your work profile unlock with a different factor. Either fingerprint, or if you use fingerprint for your main unlock, then use a code. Then you’ll need two factors to run apps in your work profile.

    • Possibly linuxOP
      link
      fedilink
      English
      1
      edit-2
      1 year ago

      I use lineage os on Motorola phones so I can’t lock the bootloader. (Lineage os doesn’t support it anyway)

      I never considered rebooting though. That’s not a bad idea. The only problem is that it resets the system uptime. (Uptime can be a tamper indicator)

      • @[email protected]
        link
        fedilink
        English
        21 year ago

        There’s different threat scenarios you need to consider. Somebody taking your phone, somebody tampering with your phone but leaving it with you, somebody remotely accessing your phone.

        I thought we were just talking about the somebody taking your phone scenario. You could set up a task on your phone to check for a Bluetooth device say every 5 to 10 minutes. If it doesn’t see it turn off. Hopefully you’re comfortable with your phones powered off state being secure.