Find My Device is completely useless until the device is unlocked. As long as it is rebooted and not unlocked, there is no way to detect its location. Since most phones (if not all), use an encrypted filesystem. With such, no service can’t start if the device isn’t initially unlocked after reboot, including Find my device.
This isn’t only a issue with Google’s implementation, it’s the same with other implementations to.
As far as I’m aware find my on iPhone can work even when the phone is off, this is because the phone kinda acts like an airtags where enough information can be exchanged securely.
But it should still work in cases when you lost your phone and nobody else rebooted it, shut it down, or even wiped it, which is still a large portion of cases. I wouldn’t call it “completely useless” in that case.
It’s not completely useless, it’s good for when you misplace it in a dumb place in the house or something like that. But all it needs to do in that case is too make a sound, which already works now.
Since most phones (if not all), use an encrypted filesystem. With such, no service can’t start if the device isn’t initially unlocked after reboot, including Find my device.
Android developers can specify that their apps need to run before the pin is entered, via direct boot mode. This is how alarms still work, even if your phone takes an upgrade overnight, and restarts automatically as part of that process.
I can’t say whether Google’s Find My Device currently does this, but there is no technical reason it can’t.
Pretty sure this isn’t true. Afaik, you can exclude files from encryption on Android. This is also why you see your custom wallpaper before unlocking the phone.
Feel free to try it by yourself. Nothing easier than that. Reboot your phone and try to find it via Find My Device or ring it, without to enter your password before. It will not work.
BTW: it doesn’t make sense to exclude security and privacy related things from encryption. Otherwise there would be an unusually high risk to compromise this sort of data.
Interesting.
For me the Google Find My Phone couldn’t find the device (could only show the most recent location) and couldn’t ring it, but the Samsung Find My Phone got the location, battery level and could ring it immediately.
I’m guessing they added their implementation as an exception to the encryption, but not Google’s implementation
Good to know. I’ve been using the Google one and not Samsung because having two of the same app seemed redundant. Guess I’ll set up the Samsung one, thanks
Are you saying it’s specifically an issue after restarting ones phone? Just a few weeks ago I was walking my dog and my phone fell out my pocket. I hadn’t used it so it was locked and I was able to ring it just fine with Find my Device online. Took me a little while to find the sound, but it located it no problem.
That’s not how that works. There’s special access to some apps that get unencrypted right at boot. That’s how your phone can reboot in middle of the night and your alarm will still go off despite you doing the initial unlock. Find my device also has that ability.
Yes that’s how it works, the device needs to be connected to the net and be able to locate itself.
Some phone makers (if not most these days, idk) don’t allow you to even reboot or turn off the phone without unlocking it. So it would need to be placed in a Faraday cage, run out of battery or smashed to not be findable as long as the feature is active.
I didn’t know any phones, Apple or Android or Google, allowed potential thieves to just turn the phone off without any passcode or password. That’s terrible and this really is a huge weakness.
Yes that’s how it works, the device needs to be connected to the net and be able to locate itself.
Some phone makers (if not most these days, idk) don’t allow you to even reboot or turn off the phone without unlocking it. So it would need to be placed in a Faraday cage, run out of battery or smashed to not be findable as long as the feature is active.
Find My Device is completely useless until the device is unlocked. As long as it is rebooted and not unlocked, there is no way to detect its location. Since most phones (if not all), use an encrypted filesystem. With such, no service can’t start if the device isn’t initially unlocked after reboot, including Find my device.
This isn’t only a issue with Google’s implementation, it’s the same with other implementations to.
As far as I’m aware find my on iPhone can work even when the phone is off, this is because the phone kinda acts like an airtags where enough information can be exchanged securely.
But it should still work in cases when you lost your phone and nobody else rebooted it, shut it down, or even wiped it, which is still a large portion of cases. I wouldn’t call it “completely useless” in that case.
It’s not completely useless, it’s good for when you misplace it in a dumb place in the house or something like that. But all it needs to do in that case is too make a sound, which already works now.
Android developers can specify that their apps need to run before the pin is entered, via direct boot mode. This is how alarms still work, even if your phone takes an upgrade overnight, and restarts automatically as part of that process.
I can’t say whether Google’s Find My Device currently does this, but there is no technical reason it can’t.
As far as I remember updates don’t reboot to bfu, but I get what you’re saying
Pretty sure this isn’t true. Afaik, you can exclude files from encryption on Android. This is also why you see your custom wallpaper before unlocking the phone.
Feel free to try it by yourself. Nothing easier than that. Reboot your phone and try to find it via Find My Device or ring it, without to enter your password before. It will not work.
BTW: it doesn’t make sense to exclude security and privacy related things from encryption. Otherwise there would be an unusually high risk to compromise this sort of data.
Interesting.
For me the Google Find My Phone couldn’t find the device (could only show the most recent location) and couldn’t ring it, but the Samsung Find My Phone got the location, battery level and could ring it immediately.
I’m guessing they added their implementation as an exception to the encryption, but not Google’s implementation
Good to know. I’ve been using the Google one and not Samsung because having two of the same app seemed redundant. Guess I’ll set up the Samsung one, thanks
If Android activates bluetooth after booting, it could - in theory - be tracked with the new Find My Device network.
Not sure how it works on other Android OSs but on Samsung’s OneUI the phone won’t shut down or turn off wireless connections without a pincode.
Pretty sure the hard shutdown still works without any code though
Are you saying it’s specifically an issue after restarting ones phone? Just a few weeks ago I was walking my dog and my phone fell out my pocket. I hadn’t used it so it was locked and I was able to ring it just fine with Find my Device online. Took me a little while to find the sound, but it located it no problem.
That’s not how that works. There’s special access to some apps that get unencrypted right at boot. That’s how your phone can reboot in middle of the night and your alarm will still go off despite you doing the initial unlock. Find my device also has that ability.
See the “ACTION_LOCKED_BOOT_COMPLETED” permission for how it works.
This is only true for the very first unlock after booting.
Yes that’s how it works, the device needs to be connected to the net and be able to locate itself.
Some phone makers (if not most these days, idk) don’t allow you to even reboot or turn off the phone without unlocking it. So it would need to be placed in a Faraday cage, run out of battery or smashed to not be findable as long as the feature is active.
Or take out the battery when we’re allowed to do that again.
I didn’t know any phones, Apple or Android or Google, allowed potential thieves to just turn the phone off without any passcode or password. That’s terrible and this really is a huge weakness.
Yes that’s how it works, the device needs to be connected to the net and be able to locate itself.
Some phone makers (if not most these days, idk) don’t allow you to even reboot or turn off the phone without unlocking it. So it would need to be placed in a Faraday cage, run out of battery or smashed to not be findable as long as the feature is active.