KrisprCas9 They're going to be able to wipe your device and use it as a fresh device. There's nothing you can do about it. GrapheneOS doesn't provide an anti-theft feature for making it a brick. If you didn't have SIM PINs configured, they can use your SIMs, so you should deal with that.
I was using an eSIM (plus a nano-SIM that came with the phone), but I can’t track it via Google Find My Device—it shows as “Not available.” My guess is they’re using a Faraday bag or forced a shutdown (power + volume up). I thought the eSIM would allow offline tracking, but it hasn’t worked. Does anyone know if the eSIM on a Pixel 6 should enable tracking in this scenario? Or is this a hardware/software limitation?
There's no offline tracking via cellular. If they're in airplane mode or powered off, cellular is off. The only way to do that is via a stock OS feature for setting up a Bluetooth beacon which is kept active when otherwise powered off.
Crazy idea: Would it be possible to have remote SSH access in GrapheneOS to send commands to the device (e.g., force a sound, lock it, or wipe data) from my PC? I know it sounds sci-fi, but given how robust GrapheneOS is, is there anything like this or plans for it?
People can set up apps for remote access but it's a significant attack vector especially without end-to-end encryption. We don't recommend using remote management apps in the form they currently exist. It's often not going to accomplish anything since the phone can be off from networks by turning it off. It can also be wiped, and we don't tie devices to an account stored in the FRP data area to require logging into an account before the setup wizard can be completed. Apple and Google rely on account recovery including via customer support to avoid this bricking devices.
What to do with the stolen Pixel 6: I’ve already reported it to the police with clear footage of the thief (face visible) and blocked the IMEI with my carrier. Any extra tips to secure data or track it if it’s powered on? Are there GrapheneOS features I can leverage here?
Your data is safe unless you set a horrible lock method someone can guess in a small number of attempts. Beyond that, you didn't set up anything you could use to find it and it likely wouldn't help since it's probably turned off and potentially wiped already. The only feature which could help is the Bluetooth beacon one which can work when powered off, although wiping the device might stop that working anyway, and even if it doesn't that would depend on having account-based anti-theft integrated.
Next device recommendations: I want to stick with GrapheneOS for its privacy and security. I’m eyeing the Pixel 9a (seems compact and efficient), but I’m open to suggestions. What’s the best device for GrapheneOS in 2025? Any thoughts on the “conflict” between Google and GrapheneOS (Google pushing control vs Graphene’s open-source philosophy)?
The flagship 9th gen Pixels are currently the best devices. 8th gen Pixels or the Pixel 9a are close behind. It's worth noting the Pixel 9a has a similar cellular radio to 8th gen Pixels which is a lot less efficient. The larger battery in the Pixel 9a likely still results in worse battery life than a Pixel 9, although likely still significantly better than 8th gen due to the much more efficient SoC.
Post-theft cybersecurity: No unauthorized access so far, but what else should I check to be 100% sure?
If you have at least a random 6 digit PIN, this is really not an issue. They're not going to get any of your data. GrapheneOS has very strong security and the 18 hour default locked device auto-reboot timer will kick in and get data at rest. The secure element throttling prevents and OS exploit from being used to brute force a PIN/password.