Privatelock needs the permission as well. I guess there is no other way? Maybe emulation of power button press, but I am unsure if this needs admin rights as well.
Requirements
Device admin permission for locking screen.
https://github.com/wesaphzt/privatelock
wonder75 Correct, my disclaimer was about privatelock, not Tasker or any other app. I don't specifically recommend privatelock. Just providing an alternative approach to think about instead of having to send an SMS.
matchboxbananasynergy
Thanks a lot, I have come across a different app that offered a similar solution, but I'm not sure how reliable the accelerometer on the phone really is especially after a few years of using it. It definitely sounds like a good approach, but I was hoping that another way via SMS or other remote channel to be sure that it will definitely get locked? Or is overcomplicating it?
nsreubkvne If the phone is unlocked when they snatch it and the mugger is a little bit smart, they can simply enable airplane mode, and the SMS will never reach your phone. What happens then? :)
matchboxbananasynergy
ooh that's a good point, I haven't thought of airplane mode. I assumed that the only risk would be if they physically removed a sim card (take would take a bit longer).
Maybe it's possible to disable airplane mode for good in GrapheneOS? I personally don't use it at all, so that wouldn't be a problem :) I couldn't find any such option in the settings or by googling it so far though.
nsreubkvne Maybe it's possible to disable airplane mode for good in GrapheneOS? I personally don't use it at all, so that wouldn't be a problem :)
This might (not sure) be possible to do if you make your own build of GrapheneOS and disable that functionality, but it's not possible otherwise at this time.
Thanks again, as mentioned above it's a good point, but you can remove airplane mode from "the quick menu" (the menu that appears when you swipe down from the top), which I think would give you enough time to react (at least 15-20 seconds I'd imagine) .
That's also why I'm so curious about the second part of this question, that is a device that will signal the SMS - something that is long lived enough not having to recharge it every week and reliable enough to have peace of mind in case of emergency.
nsreubkvne Sure, but that makes it a game of speed. If I thought getting mugged while my phone was unlocked was a likely possibility, I'd want to cover all my bases and not assume that they won't know to do this or that I can do it faster than them. Just food for thought!
nsreubkvne 'm not sure how reliable the accelerometer on the phone really is especially after a few years of using it.
I would personally set my phone up to lock itself and/or reboot when it was no longer in contact with a bluetooth device on my person i.e. at a distance. The on-person device could be a cheap bluetooth earphone (no need to use it; it could be in a pocket) or an even more minimal bluetooth device.
Invoking Airplane mode and thus shutting off bluetooth and breaking the connection will secure the phone.
matchboxbananasynergy
You are right that it's a rather flaky solution, but combined with the privatelock app that you mentioned earlier could be considered as another layer of security. If it also sent back and SMS confirming that the phone was successfully locked it could be useful I think.
Graphite
Thanks, could you please confirm which app is it? I couldn't seem to find "Testify" in Fdroid?
Oh wow that is a brilliant idea! Thanks a lot. Is there an existing app that could provide this? Are there any purpose-made devices that could be paired with? The only problem I could think of right now is if there was some bug that would permanently lock you out of the phone (I imagine there could be a few seconds timeout that would allow you to disable the app in this case).
nsreubkvne No,sorry no specific example. It was more of a concept, which I imagined might be implemented with Tasker, or custom software. I have not explored feasibility at all, hoping someone else might chime in with specifics. lol.
FindMyDevice has the option for remote lock
I prefer to stay away from places where this can happen.
nsreubkvne I couldn't seem to find "Testify" in Fdroid?
Sorry, I was saying testify as in "I do the same, I can attest".
I have not seen Bluetooth-out-of-range auto-lock implemented on a phone before.
I have seen it on Windows Hello for Business. It works reasonably well.
I actually did a pen test on this.
I tested the function of the Multifactor Unlock "trusted signal" credential provider when Bluetooth is nearby, and found serious vulnerabilities.
For speed, Microsoft cannot wait for the full encrypted connection, but rather just uses the beacons.
I have some Ubertooth One dongles that were able to spoof the GATT attributes of a paired Bluetooth device. Windows Hello doesn’t do a full BT authentication during each unlock, there is room to own. Then there are possible vulnerabilities of attacking during registration process. Downgrade attacks and a few others. Microsoft is good with security, but so is Google, and we know what happened to their FIDO Titan Key with Bluetooth.
For auto-locking on an android phone, I can spoof my own signal with your device's GATT signature. So you'd have to design it for actually encrypted data. Possible, but not easy.
Graphite Thanks, that's definitely outside of my skillset, but I'd happily sponsor a project that could build such a tool. It sounds like a perfect solution and I think that implementing it would require a specialist.
I guess if someone is aware of any developer that might be interested in starting it please let me know?
eatinggrumble84 I think FindMyDevice relies on a third-party server? If possible I'd prefer the (encrypted) bluetooth solution due to privacy concerns.
