You are viewing a single thread.
View all comments
10 points

Find My Device is completely useless until the device is unlocked. As long as it is rebooted and not unlocked, there is no way to detect its location. Since most phones (if not all), use an encrypted filesystem. With such, no service can’t start if the device isn’t initially unlocked after reboot, including Find my device.

This isn’t only a issue with Google’s implementation, it’s the same with other implementations to.

permalink
report
reply
28 points

As far as I’m aware find my on iPhone can work even when the phone is off, this is because the phone kinda acts like an airtags where enough information can be exchanged securely.

permalink
report
parent
reply
19 points

Since most phones (if not all), use an encrypted filesystem. With such, no service can’t start if the device isn’t initially unlocked after reboot, including Find my device.

Android developers can specify that their apps need to run before the pin is entered, via direct boot mode. This is how alarms still work, even if your phone takes an upgrade overnight, and restarts automatically as part of that process.

I can’t say whether Google’s Find My Device currently does this, but there is no technical reason it can’t.

permalink
report
parent
reply
2 points

even if your phone takes an upgrade overnight

As far as I remember updates don’t reboot to bfu, but I get what you’re saying

permalink
report
parent
reply
19 points
*

But it should still work in cases when you lost your phone and nobody else rebooted it, shut it down, or even wiped it, which is still a large portion of cases. I wouldn’t call it “completely useless” in that case.

permalink
report
parent
reply
7 points

It’s not completely useless, it’s good for when you misplace it in a dumb place in the house or something like that. But all it needs to do in that case is too make a sound, which already works now.

permalink
report
parent
reply
15 points

Pretty sure this isn’t true. Afaik, you can exclude files from encryption on Android. This is also why you see your custom wallpaper before unlocking the phone.

permalink
report
parent
reply
4 points

Feel free to try it by yourself. Nothing easier than that. Reboot your phone and try to find it via Find My Device or ring it, without to enter your password before. It will not work.

BTW: it doesn’t make sense to exclude security and privacy related things from encryption. Otherwise there would be an unusually high risk to compromise this sort of data.

permalink
report
parent
reply
9 points

Interesting.
For me the Google Find My Phone couldn’t find the device (could only show the most recent location) and couldn’t ring it, but the Samsung Find My Phone got the location, battery level and could ring it immediately.
I’m guessing they added their implementation as an exception to the encryption, but not Google’s implementation

permalink
report
parent
reply
6 points

Not sure how it works on other Android OSs but on Samsung’s OneUI the phone won’t shut down or turn off wireless connections without a pincode.

permalink
report
parent
reply
3 points

Pretty sure the hard shutdown still works without any code though

permalink
report
parent
reply
6 points

If Android activates bluetooth after booting, it could - in theory - be tracked with the new Find My Device network.

permalink
report
parent
reply
5 points

Are you saying it’s specifically an issue after restarting ones phone? Just a few weeks ago I was walking my dog and my phone fell out my pocket. I hadn’t used it so it was locked and I was able to ring it just fine with Find my Device online. Took me a little while to find the sound, but it located it no problem.

permalink
report
parent
reply
5 points
*

That’s not how that works. There’s special access to some apps that get unencrypted right at boot. That’s how your phone can reboot in middle of the night and your alarm will still go off despite you doing the initial unlock. Find my device also has that ability.

See the “ACTION_LOCKED_BOOT_COMPLETED” permission for how it works.

permalink
report
parent
reply
4 points

This is only true for the very first unlock after booting.

permalink
report
parent
reply
2 points

Yes that’s how it works, the device needs to be connected to the net and be able to locate itself.

Some phone makers (if not most these days, idk) don’t allow you to even reboot or turn off the phone without unlocking it. So it would need to be placed in a Faraday cage, run out of battery or smashed to not be findable as long as the feature is active.

permalink
report
parent
reply
2 points

Yes that’s how it works, the device needs to be connected to the net and be able to locate itself.

Some phone makers (if not most these days, idk) don’t allow you to even reboot or turn off the phone without unlocking it. So it would need to be placed in a Faraday cage, run out of battery or smashed to not be findable as long as the feature is active.

permalink
report
parent
reply
2 points

Or take out the battery when we’re allowed to do that again.

permalink
report
parent
reply
2 points

I didn’t know any phones, Apple or Android or Google, allowed potential thieves to just turn the phone off without any passcode or password. That’s terrible and this really is a huge weakness.

permalink
report
parent
reply

Android

!android@lemmy.world

Create post

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It’s fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

!android@lemmy.ml


Community stats

  • 2.9K

    Monthly active users

  • 1.6K

    Posts

  • 33K

    Comments