Additional exploit protection suggestion (WiFi)

ProfessorMonks

Hello

I would like to suggest for an additional exploit protection which is fairly straight forward which no other OS/ROM/OEM has implemented AFAIK.

tl;dr - implement a toggle to force the input of passcode in order to add or remove a saved WiFi network.

Body

Imagine a scenario where your phone has been stolen in an unlocked state (realistic example: phone snatching). What can the thief do in order to steal your information and how can you limit the damage?
Data exfiltration can happen in two ways; via internet or using a cable to transfer onto another device. Let's see how you can protect yourself in that scenario, assuming you do not have some MDM or some other remote wiping capabilities.

Via internet:

The thief can transfer your personal data on your device using the internet with your SIM / mobile network data you already pay for. This can be mitigated by contacting your network provider and cancelling the SIM as soon as possible. This will disable the SIM card in your phone stopping this attack surface.
Another way it can be transferred is using Wifi. The chances that an opportunitistic thief knows where you live to get close enough to connect to your home WiFi network in order to extract your data is incredibly slim. Likelihood is that they will use a new WiFi network which your phone will have never connected to before to try and upload your data over the internet.
My suggestion: what if GOS implemented a toggle which meant that an attacker must provide the passcode used to unlock the phone to add a new WiFi network? This could be disabled by default and enabled by those who have a higher threat model. Google and Apple have already implemented features to detect whether a phone has been snatched by using sensors/accelerometer.
A third method would be to swap SIM cards with one that an attacker owns in order to bypass the WiFi exploit protections and a disabled SIM card. I am not sure what options there are available for this, happy for a discussion on this below. Maybe it could be a similar approach which involves requiring authentication before adding a new SIM for those with that requirement.

Via cable transfer:

If you have the exploit protection enabled, you could enable USB-C port (Charging-only) and nobody would be able to transfer data using a cable unless they knew your passcode. This is good hardening by GOS and I think the same concept could be extended to the wireless functions.

Thank you for reading