I’m running Graphene on a Pixel 6. I lost it and someone opened it somehow and called two of my contacts to give it back.
I’m a bit confused how this even happened. When I got the phone back, they were going through my contacts. I checked app usage stats and they went through a banking app (not missing money), maps, signal, etc.
Is there a way to figure out how they even unlocked my phone?
Maps and signal is like they were trying to contact somebody and see where you lived to return the phone. Banking is weird since you can’t do anything without biometric anyway.
I think you got it backwards - OP was checking those apps to see if they had been accessednvm I got it backwards
They mentioned checking app usage, so the person who found the phone opened those apps
Yeah. They were accessed while the phone was lost
Do those contacts happen to be your ICE? Some phones will allow those from the emergency dialer without unlocking. Don’t know about grapheme.
Graphene has and emergency dialer, but you can’t call my contacts from it.
Does your phone have a physical SIM and if so are there any contacts stored on it?
Yeah, but the calls were from my phone, so I think they would have to open it
Unrelated. Have you considered using a work profile?
That way you can have two factor authentication when unlocking your phone. You could use a PIN code for the main unlock, and a biometric for apps in the work profile. That way you would have to have both something you are, and something you know.
How do you lock your work profile?
Settings, security, more security settings:
Under work profile and security:
Disable - use one lock for work profile and device screen
Configure - work profile lock, use a different code, only needed at boot time.
Enroll finger prints for biometric unlock.
Thanks, I use Workprofile for crap apps, but if I wouldnt need those this would be a good idea!
You could put the crap apps in the main profile, and then the important apps in the work profile. Then the important apps would have two factor
I am not really leaving my device locked haha, or if, then I would also always have the work profile locked. Also I dont trust Androids init system, apps just randomly run in the background and there still is no way to completely prevent that. So I keep them in the work profile
On Grapheneos I’ve been using the disable app option aggressively, to have installed apps that only run when I need them. I do have to enable them from the app settings, which is a little annoying but the hotel booking app doesn’t need to be running all the time.
They disappear from launchers which is very bad UX
My guess would be that maybe it wasn’t locked in the first place or they happened to randomly try a few pin combinations & got lucky…
I think those are most likely scenarios.
Now if you’re some very important person who could be target then I wouldn’t assume what I stated previously & instead assume the worst.
My mom says I’m very important … so I’ll assume this was a state actor
But yeah, this is most likely. I changed my settings to lock faster with a longer pin
Gonna need to know more. What method do you use to lock your phone? Is it rooted?
Also: did they return the phone to you, or to your friend? Could it be your friend who went through these apps?
Fingerprint and pin code. They left the phone at a store nearby and I went to pick it up
Odd suggestion, but do you still have their contact info? Could you ask them? 😄
You could also send them a small thank you gift and ask them with that, so not to make it seem like you’re accusing them of anything
It’s a reasonable request, you could say that you need to keep your phone secure for work, and while it was great that the stranger was able to get it to you, you’re following up on if there is some bug you need to look into
Unrelated, it might be good to set up a “If lost, call ____” type message. If you don’t have another number, email also works.
Yeah. Definitely setting that up now haha. They used my phone to call my contacts, so I don’t have their number
It might have been the fingerprint sensor. They can be fooled. Mine occasionally thinks the inside of my trouser pocket looks just like my finger.
This maybe a strange suggestion. Aside from the banking app, it seems like the maps and contacts app were used with good intentions to return the phone. The person returned the phone to your friend, so clearly had good intentions. Your friend may have the phone number of the person in their call log when they called to return, unless of course they used your phone to call. If possible, have you thought about calling that person and asking about this just out of curiosity?
Yeah. It was clearly good will. Even the banking, they probably didn’t realize the app was banking (foreign bank). Signal was Molly, so they honestly were personally confused since I run KISS Launcher.
The problem is that they used my phone to call my contacts.
