Xperia 10 III stolen

hi all, i had my xperia 10 III stolen this friday, i had just updated to the new 4.6 release, i was just wandering if sailfish os 4.6 now uses encryption by default ?

yes, it does. And it has always been encrypted. The only difference is since 4.5 user has the possibility to change his password to use a passphrase. More details: Encryption of User Data | Sailfish OS Documentation

I got the same problem this year, my advice is to reset all password you saved on your phone (nextcloud, mail, saved password on your browser etc.). Some services like nextcloud or telegram allows to disconnect specific sessions. Do it.
It’s very helpful to set a list with all private data your stolen phone has.
And don’t forget, you can ask Jolla to send you the IMEI associate with your phone.

4 Likes

thankyou i feel a bit more happy knowing it does encrypt, i also think i will look into a cloud for my photos etc in future, i already managed to change the passwords and log out my chat apps, but it still stresses me out as the mobile is now a very essential part of our lives, and when its gone it makes things a lot more difficult.

1 Like

Left my XA2 on a Parisian tram. It would ring and no-one answered. No-one handed it in so obviously someone was trying to steal it. Thought it was pretty unlikely they’d crack it.

Thought I was being responsible and told my bank (Revolut) to put a hgher level of checks on any transactions. Against my strict orders, they blocked my card and all access to my money. Luckily, I had a friend who could lend me money and I didn’t need to pay rent any time soon. [They wanted me get a new SIM and new phone before I could access my money. But eventually settled for changing my number and installing the app on my friend’s phone – how secure is that?!? I complained to the UK and EU banking authorities as well as my UK MP].

Lost a ton of photos, music etc as well. So yeah I know how you feel and mine was just an XA2.

Luckily, backup was working a whlie ago so could rescue most of my contacts (it’s impossible to register a Dropbox account now).

Is the SD card encrypted too? Is there any MDM including a remote wipe operation?

Remote wipe? That would mean somebody could do that to you to if s/he would hack it… I am pretty sure no.

Dropbox works for me…

i actually have no idea if the encryption works for the sdcard as well, i don’t think i had anything important on it, i hope.

i wish i had made a selfhosted nextcloud or similar service, but i alas i was lazy

That’s a decision the user makes when they format the SDCard.

So, if you’re unaware of ever encrypting it, then probably no.

Nextcloud on a vServer or something like that is pretty nice. I do use it and like it.
Any “big” cloud (Google, Amazon, Microsoft, etc.) is pretty bad regarding data protection.

Best regards
Fuchur

You don’t have to selfhost. There are paid nextcloud services for hosting.

I’ve asked the question before here back in 2021.
There are APIs for MDM in place, but we need to write our own apps and servers to do so.
I tried reading a bit about it and testing a few things but wasn’t successful back then.
Though, there are others who tried too here, and I once saw a GitHub repo with an MDM example (not specifically to wipe/locate).

However, I’m not quite sure if we can trust any random MDM app. The API is in place mostly for corporate users to build their own systems, but Jolla doesn’t provide one for end-user customers.

I have read this and my spontaneous thought:
An MDM application with a backend in Nextcloud would be great. In Nextcloud the admin can configure default settings and many information are already available to be provisioned:

  • Nextcloud account for files / gallery
  • Nextcloud account for calender
  • Nextcloud account for contacts
  • Nextcloud as backup target of SFOS
  • Nextcloud account data for mail (if mail is configured in Nextcloud)
  • May be some default apps etc. used by the organisation, running nextcloud

and the user can on top of the admin settings May be manage some individual settings as well.

This is an approach suitable for privat individuals hosting Nextcloud instances by themself, but also larger organisations using Nextcloud. Since this organisations are May be more cautious about privacy, also Sailfish might be interesting for them.

What areyoure opinions/thoughts/ideas?

Not sure, how to realise it and with what capacity, but for me it sounds like a perfect fit.