I’m running Graphene on a Pixel 6. I lost it and someone opened it somehow and called two of my contacts to give it back.

I’m a bit confused how this even happened. When I got the phone back, they were going through my contacts. I checked app usage stats and they went through a banking app (not missing money), maps, signal, etc.

Is there a way to figure out how they even unlocked my phone?

  • @mulcahey
    link
    541 year ago

    Gonna need to know more. What method do you use to lock your phone? Is it rooted?

    Also: did they return the phone to you, or to your friend? Could it be your friend who went through these apps?

    • @[email protected]OP
      link
      fedilink
      English
      201 year ago

      Fingerprint and pin code. They left the phone at a store nearby and I went to pick it up

      • Otter
        link
        fedilink
        English
        36
        edit-2
        1 year ago

        Odd suggestion, but do you still have their contact info? Could you ask them? 😄

        You could also send them a small thank you gift and ask them with that, so not to make it seem like you’re accusing them of anything

        It’s a reasonable request, you could say that you need to keep your phone secure for work, and while it was great that the stranger was able to get it to you, you’re following up on if there is some bug you need to look into


        Unrelated, it might be good to set up a “If lost, call ____” type message. If you don’t have another number, email also works.

        • @[email protected]OP
          link
          fedilink
          English
          131 year ago

          Yeah. Definitely setting that up now haha. They used my phone to call my contacts, so I don’t have their number

          • Lunch
            link
            10
            edit-2
            1 year ago

            ~But it whoever they called, will have it, so maybe find out which of your contacts got to know about it?~ This is a mystery that we need to solve now!

            Edit: I’m dumb.

            • @YoorWeb
              link
              321 year ago

              They used his phone…

      • @[email protected]
        link
        fedilink
        English
        16
        edit-2
        1 year ago

        Is your pin simple? If you hold your phone up to the light can you see the smudge marks where your pin usually goes?

        Do you have people set up as emergency contacts via the lock screen?

        • @loganb
          link
          71 year ago

          GrapheneOS also has this cool feature called Scramble PIN Layout to try and protect against guessing the pin from fingerprints on the screen.

      • Inductor
        link
        fedilink
        141 year ago

        It might have been the fingerprint sensor. They can be fooled. Mine occasionally thinks the inside of my trouser pocket looks just like my finger.

  • @jacktherippah
    link
    331 year ago

    This person is clearly well-intentioned, so I don’t think an exploit was the cause of your phone being unlocked. If they knew an exploit it’s likely that by now everything about you would’ve been compromised already, like you would’ve lost access to your accounts and all your money would be gone. This person probably unlocked your phone by using your pin code, so either it was a very common pin code, or something suggested here, like smudges on your screen revealing the pin code, or highly unlikely, they guessed your pin code. Anyway, it’s better safe than sorry so check if your OS’ been tampered with using the GrapheneOS auditor app. Even if it hasn’t, you should back up everything and factory reset it just to err on the side of caution. And in the future, use an 8-10 digit pin code with pin scrambling enabled.

    • @[email protected]
      link
      fedilink
      English
      161 year ago

      100%, depending on your threat model, your device has been compromised and out of your control. You have evidence that the device was unlocked. You can no longer trust the device

      Probably should change your PIN too

  • @[email protected]
    link
    fedilink
    English
    301 year ago

    Was it perhaps unlocked when you lost it?

    I know I’ve set my phone down unlocked a few times; particularly at work (in a warehouse).

    • @Caradoc879
      link
      -61 year ago

      Unless you have it set to never lock its not possible. All phones lock automatically after 30-60 seconds by default.

        • @Caradoc879
          link
          -81 year ago

          Do you frequently just leave YouTube running?

          • @[email protected]
            link
            fedilink
            English
            20
            edit-2
            1 year ago

            Yes, watching videos is one of the core uses of my phone. But that’s besides the point, it’s illustrative that there are apps that keep a screen unlocked.

            Prevent phone from sleeping : I believe is the permission name

            • @thrawn
              link
              -41 year ago

              Curious, do you watch videos while out? How do you have the uninterrupted time?

              • @AceBonobo
                link
                21 year ago

                Do you sometimes stand in line at a store?

                • @thrawn
                  link
                  11 year ago

                  Yes but I’ve never seen anyone watch a video in the process. But I was more wondering about the logistics I suppose, like whether the audio is played out loud or in earphones, and how it can be kept playing while set down and lost.

          • @[email protected]
            link
            fedilink
            English
            61 year ago

            Not OP, but a lot of people use YouTube (video) as a music player. Although I would expect these people to notice the sound getting quieter/disconnecting when they moved away from the phone.

          • darkstar
            link
            fedilink
            English
            11 year ago

            Yes that’s how YouTube works? It keeps running, it’s called video, you should check it out sometime

  • @[email protected]
    link
    fedilink
    261 year ago

    Is your pin something like 1234? Do you have emergency contacts set up? Do you have a setting to not lock the phone until very long? Or a smart unlock based on location or any other automation setting? An easy password hint pops up or something? Perhaps your parents forgot to mention you had a twin, who face unlocked it.

    Regarding app usage, my guess is they tried to see whom to contact to give your phone back, or map history, the banking app could be a touch by mistake too.

  • @[email protected]
    link
    fedilink
    201 year ago

    Do those contacts happen to be your ICE? Some phones will allow those from the emergency dialer without unlocking. Don’t know about grapheme.

  • @xarexyouxmadx
    link
    191 year ago

    My guess would be that maybe it wasn’t locked in the first place or they happened to randomly try a few pin combinations & got lucky…

    I think those are most likely scenarios.

    Now if you’re some very important person who could be target then I wouldn’t assume what I stated previously & instead assume the worst.

    • @[email protected]OP
      link
      fedilink
      English
      20
      edit-2
      1 year ago

      My mom says I’m very important … so I’ll assume this was a state actor

      But yeah, this is most likely. I changed my settings to lock faster with a longer pin

  • Skull giver
    link
    fedilink
    14
    edit-2
    1 year ago

    They clearly seemed to mean well. Maybe you can ask?

    I imagine you may have lost your phone while it was still unlocked. It’s possible that there’s a Graphene lock screen bypass out there, but I doubt someone with such knowledge will use it to return your phone to you. Most “hacker” style lock screen bypass I imagine someone wanting to return the phone will do is checking for smudges on the PIN area of the lock screen and determining the code from that.

    To combat someone unlocking your phone through smudges, you can enable PIN scrambling.

  • @[email protected]
    link
    fedilink
    121 year ago

    Perhaps they simply took out the sim card and inserted into another phone, giving them access to contacts (that could have been saved into the chip instead of the original phone)?

      • @[email protected]
        link
        fedilink
        English
        2
        edit-2
        1 year ago

        No, it isn’t. I’ve used many Android phones over the years and none have ever defaulted to storing contacts on the SIM. SIM storage is very rudimentary, and you’d have to go out of your way to make use of it.

        • @[email protected]
          link
          fedilink
          1
          edit-2
          1 year ago

          True , however most people do not use a pin for sim. And if you have the access a lot of info can be gain from a simcard. And even if you ain’t got access to network, any incoming traffic will go to you.

  • @CakeLancelot
    link
    English
    101 year ago

    Does your phone have a physical SIM and if so are there any contacts stored on it?

      • kamiheku
        link
        fedilink
        81 year ago

        They could’ve swapped the SIM to another phone though? Assuming you’re rocking a provider default PIN

  • @YoorWeb
    link
    101 year ago

    Any chance the phone was stolen and not lost? Got anyone in the family working for the government or anything unusual like that. Just a thought.

  • @[email protected]
    link
    fedilink
    91 year ago

    This maybe a strange suggestion. Aside from the banking app, it seems like the maps and contacts app were used with good intentions to return the phone. The person returned the phone to your friend, so clearly had good intentions. Your friend may have the phone number of the person in their call log when they called to return, unless of course they used your phone to call. If possible, have you thought about calling that person and asking about this just out of curiosity?

    • @[email protected]OP
      link
      fedilink
      English
      51 year ago

      Yeah. It was clearly good will. Even the banking, they probably didn’t realize the app was banking (foreign bank). Signal was Molly, so they honestly were personally confused since I run KISS Launcher.

      The problem is that they used my phone to call my contacts.

  • Nix
    link
    fedilink
    English
    8
    edit-2
    1 year ago

    If someone calls you and theres a missed call notification can they just click it to call back without unlocking the phone?

    Oh i didnt notice they went through other apps. Maybe they were watching you and saw you input your pin and then stole it and checked your stuff to see if they can get something useful and then returned it?

    • @[email protected]
      link
      fedilink
      51 year ago

      Wouldn’t a thief just factory reset and sell it, instead of taking the additional risk of returning it?

      • Midnight Wolf
        link
        English
        11 year ago

        You need the pin/password, regardless if the phone was unlocked or you fooled the biometric scanner, to wipe it. If you factory reset it by the recovery method, it will want the Google account that was last signed in before it lets you proceed. it’s been years since I had to do this, but it is a nice attempt to reduce phone thefts. (that is (might be?) nullified on graphene as it can skip the gps package, but for the usual user it’s a nice feature)

      • @[email protected]
        link
        fedilink
        11 year ago

        Unless they installed some spyware to try to steal more passwords, or duplicated the 2fa auth keys, or have some rmeote viewer app running now to steal text 2fa keys, or whatever else. You could steal way more in the long term than the couple of hundred that a used phone would go for.

  • LUHG
    link
    61 year ago

    Maps and signal is like they were trying to contact somebody and see where you lived to return the phone. Banking is weird since you can’t do anything without biometric anyway.

    • @[email protected]
      link
      fedilink
      English
      0
      edit-2
      1 year ago

      I think you got it backwards - OP was checking those apps to see if they had been accessed

      nvm I got it backwards

      • Otter
        link
        fedilink
        English
        91 year ago

        They mentioned checking app usage, so the person who found the phone opened those apps