Remote Erase If I Lose Graphenos

Sebas33

Hello everyone, I have a question, is there a way to remotely delete a lost cell phone with graphenes?

DeletedUser69

Sebas33 why would you want to delete it if you can't find it and you use strong encryption?

GrapheneOS

Sebas33 You can grant an app the special wipe permission that's part of the device admin feature. Remote wipe doesn't won't work well as a concept because it requires that the device still has network access. Most of these apps also aren't smart enough to implement Direct Boot support to work in the Before First Unlock state which the device will get back to automatically via the auto-reboot feature. Auto-reboot is a very good thing and should not be disabled. It's possible for apps to implement Direct Boot support to work Before First Unlock in a limited way but few do. We can't recommend any apps for this, but they exist.

Sebas33

DeletedUser69

DeletedUser69 to avoid in the worst case that they can enter the device either by a pin unlock etc

DeletedUser69

Sebas33 then you should start using strong encryption, chances are you won't see your phone again. Two kinds of users annoy me, overconfident tinkerers and lazy privacy enthusiasts.

danishgraphene

DeletedUser69 Isn't it a valid question after all when time passes, and the phone isn't updated, a vulnerability can be found? Like CVE-2022-20465 which enabled bypassing lock screen.

BuffaloStance

DeletedUser69 Two kinds of users annoy me, overconfident tinkerers and lazy privacy enthusiasts.

Cool story? I don't feel that @Sebas33 should be painted as either of these "kinds of users that annoy you" for merely suggesting as they did. This is a public forum for users to share, learn and discuss GOS, after all. As such, I appreciate the thoughtful/helpful/official response from GOS on the matter.

Johnnyloans

DeletedUser69 overconfident tinkerers and lazy privacy enthusiasts.

Ironic, you couldn't comprehend OP's simple words or ideas. Your replies were a waste of time.

DeletedUser69

danishgraphene if you asked me what would I rather, danish blue or MitID, without a moment's pause it would be danish blue because that doesn't require Google Play Services. By the way the CVE is over 2 years old so any newer device will have mitigated it.

GrapheneOS

danishgraphene

Isn't it a valid question after all when time passes, and the phone isn't updated, a vulnerability can be found? Like CVE-2022-20465 which enabled bypassing lock screen.

That didn't work in the Before First Unlock state, which the auto-reboot feature gets the device back back to automatically. It was also fixed early in GrapheneOS. If time passes, the device will be in Before First Unlock and data will be at rest. Vulnerabilities in the OS won't provide access to data stored in profiles, only the small amount of device encrypted data. There will be a toggle to make all data credential encrypted with a boot password prompt though.

Remote erase won't work if an attacker doesn't allow the phone to contact cellular via a faraday bag or similar setup. If you have a physical SIM they can simply remove it. You're talking about an attacker exploiting the device but yet not taking basic measures to stop it being remote wiped.

grayway2

GrapheneOS The toggle for device encrypted data is a long awaited feature.

Old-Bean

Hi Everyone,

Started using GrapheneOS about a month ago, been enjoying it so far, still getting to grips with it but I think I almost have it setup the way I want.

I too was looking for something along these lines, I was kinda hoping I could set something up whereby I'm able to send a command to my phone from my laptop to erase all data, but also have the ability to do the same from my phone to my laptop.

Just playing around with the possibilities and trying to build something that suits me, noticed this post was a little old so thought I'd re-pose the question in case any further developments had been made.

Any advice would be much appreciated. Even if I could only do it one way and not the other.

Cheers all

starglider

Google Play Services includes three pretty neat theft protection options: 1) snatch & run lock; 2) offline lock; and 3) remote lock/wipe. If you install it and go to "theft protection" settings, you can configure all of these. Note that you'll need to give "Find Hub" device admin permissions; it'll show up as an option once you've installed GPS.

As the project account mentioned, remote wipe is probably the least valuable of these features, as any remotely competent attacker will quickly try to take the phone offline to prevent exactly that. However, once the phone has been offline for ₁₀ minutes, GMS can lock it if you've configured "offline lock." So even if someone gets the phone in an unlocked state, they only have a few minutes to screw around with it in an offline state before they're kicked out.

That lock is a bit more aggressive than the standard screen lock and is equivalent to the "lockdown" option: primary unlock only (no biometrics); no notifications shown; and all USB connections closed even if active. At that point, the attacker has a pretty narrow window to exploit the phone before GOS's reboot feature kicks in (default is eighteen hours, but I think most people could set it to 12 without much impact on day-to-day use). Once the phone reboots, it's in BFU state, which is extremely secure.

Even though remote lock/wipe isn't super-useful for the above-mentioned reasons, it is an option in GMS, and you can activate it by going to Google Find Hub in any browser, logging in, and then pushing the command out to your phone.

There is yet another option to remotely lock your phone via just the phone number (so you do it using, say, a friend's phone without having to login to your Google account), but that's currently not supported in GOS due to the way GMS automatically verifies phone numbers.