DO NOT USE FINGERPRINT unless you absolutely have to for, say, disability reasons.
if you use facial recognition, don’t. Same as above.
If you find yourselves in a situation with the police, tap the lock button 5 times. This forces a passcode to open the phone and they cannot (yet) force you to enter a passcode.
Anytime I am filming a protest or anywhere near police, I just tap the lock button a bunch of times in my pocket and I can rest easy.
Samsung users (not sure if it also applies to other android flavors):
Go to settings>lock screen>secure lock>show lockdown option and turn it on.
Now if you hold the power button for over a second, a menu pops up withban option to turn on lockdown mode. This disables all biometric unlock methods until the next time you unlock it.
Anytime I am filming a protest or anywhere near police, I just tap the lock button a bunch of times in my pocket and I can rest easy.
How does that help if the police are the ones that alert you to their presence? I highly recommend against quickly shoving your hand in your pocket to tap a button 5 times.
I do it in anticipation. It’s not like they sneak up on you like a ninja. They are very clearly around.
Plus it takes like 2 seconds. Unless they got you at gunpoint you’re probably going to have an opportunity to accomplish this. Most people interact with police in the US being pulled over - you’re telling me you can’t lock your phone before they come to your window?
I learned something from my (quite activists) daughters recently: they delete the Signal app each time they cross a border.
It's the main coordination and information tool in their circles, and the recommended behavior is just to not have the app when at risk.
Good luck finding incriminating evidence stifling through zillions of Pouting Selfies and Gossip-Sharing Screenshots of Idiot Boyfriend' text messages.
Holy crap this is a great tip I did not know! I haven't had a run in with the police in like a decade, but better safe than sorry. Hopefully I never need to use it, but I just tried it on my iphone and works like a charm, so thanks mate!
It's not, technically, but if I have sensitive documents on my phone and a law officer is trying to get me to unlock my phone, I will be entering and/or putting the duress code into my phone. GrapheneOS has 'lockdown' button by 'restart' and 'shutdown' all of which will require a passphrase to unlock, even if you normally have fingerprint enabled for X hours each time of use.
So it's semi-related in that GrapheneOS protects against this type of attack.
if you press volume up, then volume down, then hold the power button until the power slider comes on, then it will disable biometrics until next unlock
I just tested it... it's the same combination for a fast shutdown. Up > Down > Hold Power (1 second hold), then you're introduced to the option of sliding to power off. If you exit from that prompt or just leave the screen idle for about 10-15 seconds (I didn't count it) you'll be forced to enter passcode.
For GrapheneOS (custom android), there is Lockdown button next to power off and restart which does the same thing. I think it may be on other Android phones as well but not sure.
Yes, and it may be a good idea to have it just in case. But the courts in the US so far mostly ruled that police forcing you to give biometrics to unlock is fine, as it is the same as fingerprinting you when you are arrested. But forcing you to give pin/password is the same as testifying against yourself, which is against the 5th amendment. So they usually can't make you to give them a pin/password. At least in theory. Still better to have it in practice.
I wish there was a way to require both biometrics and PIN. They're both insecure on their own, but together they're better. Like instant MFA for your unlock. I would enable that immediately, if it was available.
Edit: then a password / passphrase in case one of the other two stops working (as an emergency unlock).
Maybe. I don't biometrics on my computers. Only phone. I don't unlock my computer a thousand times a day using a crappy touch kb. Actually, if the phone had a physical kb, maybe it wouldn't have been so bad. Not sure.
i wouldnt really want to use biometrics on my computer either, i'd rather use a physical security key, but then i'd probably also want to use it with my phone also. So there's that i guess.
The only issues I have with a yubi on a phone, is the general fragility of USB-C ports (and that there is only one). On a PC or laptop, you've generally got several, so if one breaks and the yubi can't be used in that port, you're not locked out.
Wow, a generic "Linux good, anything else dogshit" comment.
This is in no way relevant to the topic.
This is like if someone posted that they couldn't get their car with the color they wanted and you saying "fuck you and your car, I can paint my living room in any color I want, right now it is striped burgundy and mint, aren't living rooms way better than cars?"
It's literally linux phone. It runs regular linux. Regular linux uses PAM modules. There is no difference between configuring it on desktop and on phone. If comprehending ability to use same OS on desktop and phone is beyond your intellectual ability, I will guide you with this logical chain: linux on desktop -> linux on ARM computer like raspberry pi -> linux on ARM computer based on Allwinner A64 -> PinePhone is based on Allwinner A64.
If you still don't grasp it, I'll try once more. This can be installed on regular linux. Single Board Computers can run regular linux. This includes Pine64, which uses A64 chip. A64 devices can run it from sd card. And if you can't imagine how Pine64 that works on A64 and PinePhone that works on A64 are connected, here's neat trick: insert bootable sd card into Pine64, load linux, configure math captcha module, shut it down, insert same sd card into powered off PinePhone, power it on, it will load exact same OS your Pine64 have been using and where math captcha is configured.
You still have not shown me a Phone configured as you bragged it could.
You don't grasp that I am not interested in theory, I am interested in practical demonstrations.
My point is that it doesn't matter if Linux xan do this, the discussion was about a mobile phone that could do both biometrics and pin at the same time.
Show me a Linux phone that is actually configured to unlock with both biometrics and pin, then you have proven that Linux is relevant.
I don't care about what is technically possible, I care about it actually being done.
I am not even asking if it is easy to setup or simple to use, I am just asking you to prove that it can be done on a Linux phone.
I am just asking for a proof of concept running on a Linux phone.
I am giving Linux the best possible chance here, the bare minimum.
The tasks I want to see done on a Linux phone is the following:
Prompt for a fingerprint, face scan, or any quick biometric.
Once passed the biometric prompt successfully, the phone should prompt for a pin.
once passed both prompts the phone should unlock.
I love Linux, I have been a Linux sysadmin for almost a decade and used Linux on and off for almost twenty years. I daily drive Windows due to work and gaming, but am considering switching to Linux at home when Win10 goes EOL.
But unless you can show me a Linux phone configured as described above then Linux is not the answer.
Linux is fucking dying on phones. UBport, etc all they can do is a cat and mouse game. Voip? Catch the mouse. And all the while it's running om proprietary cellular modem chips, something that will never change
My point is that it doesn’t matter if Linux xan do this, the discussion was about a mobile phone that could do both biometrics and pin at the same time.
if you lack basic cognitive reasoning to the point that someone can configure PAM in a specific way on desktop linux, and that presumably, a phone running the exact same software suite, with no differences aside from graphical environment, somehow couldn't do this is actually just kind of sad.
Wait until you find out how monitors display color. They have three different colors, red green and blue, and somehow, that manages to make all the funny colors on your screen. But since you can't see the individual pixels with your naked eye, i guess that must be untrue now huh?
i wasn't talking about phones, but the pinephone, and the pinephone64, and a handful of other phones that are supposedly running linux, that are either not out yet, or really expensive.
and the original comment is entirely irrelevant to the original thread? You can't be serious.
Am i not allowed to enjoy the flexibility of linux, ever? I agree with the original poster, i think android and IOS should objectively support these features, they have no reason not to. I've never said otherwise, i just think they're dogshit OS's because they don't support basic security features you would otherwise expect to any level of consistency.
No, it's more like ford only producing cars in black, and people complaining about the fact that they don't come in any other color, and then me mentioning that actually, you can just paint your own car a different color, it's not really that hard. But regardless of that ford only selling cars in black is a rather shitty business practice to do especially when customers want cars in other colors, because black is, rather boring.
You claim so and yet have no example article, video, blog post, or any form of proof of it ever being done. Everything is possible in theory, even on iOS (with a jailbreak).
although realistically, there are better ways of doing this than using biometrics, physical security keys for example.
Also you say this like the OP actually verified that this was a thing that was impossible and couldn't be done. You're also acting like i claimed that this was explicitly the case, which i did not.
bro i use linux, i have literally configured a fingerprint scanner to work before
So did I, can confirm it's easy, and it doesn't matter because we are not talking about configuring a fingerprint scanner to work, we are talking about having a phone lock screen that asks for both a fingerprint and a password, something that would require, at the very least, UI that I don't think exists in any Linux phone project. That there is underlying functionality in PAM to make it happen is irrelevant, because that's only part of such a solution.
do you think i’m just making up PAM?
No, why? I'm saying that there is no Linux phone where "you can just do this out of the box" like you say.
If you are saying you started an offtopic conversation about Linux that had nothing to do with phones, and then, unrelated to your own comment, complained about Android and iOS even though your comment had nothing to do with phones, then... that sure is interesting.
no, we were talking about basic cybersecurity, or i suppose physical device security, which just happens to be relevant to phones because it turns out phones are dogshit at physical security. So i left a comment about how this is basically a solved problem on linux, because it's not actually that hard to just implement proper security.
I was complaining about android, because both me and the commenter i was responding to were talking about how awful security is on these devices, for no reason other than utter incompetence or forced inaction.
This isn't interesting, it's a basic conversational pattern, if you haven't spoken with enough people to realize that conversations just, shift sometimes, i feel bad for you.
It’s sort of there, but maybe more to protect from criminals than abuses of authorities. All of my bank apps require a second authentication to launch or even to switch back to them.
Granted I could turn it that off or set it to biometrics, but I leave it on PINs. A criminal wanting to steal from my bank account will need both my biometrics to unlock my phone and a different PIN per bank.
This even provides some protection from the $5 wrench they’d use. Sure, I’ll unlock my phone at the threat of real violence. But you won’t know ahead of time what banking app I have or even how many, so you may not get them all. Pay by phone may use the same biometric but I can likely dispute those charges after the fact
In the abuse of authority scenario, that may keep them out of my bank records but there are established paths to get that from the bank so they’re less likely to be interested. I’m sure they’re more interested in violating the privacy of my friends and family
Section 49 of the Regulation of Investigatory Powers Act 2000 gives the police the power to issue a notice which requires the suspect to disclose their PIN or password if necessary. You are not compelled to provide your password to the police in any instance.
However, section 53 of RIPA makes it a criminal offence not to comply with the terms of a s.49 notice which is punishable by up to two years imprisonment and up to 5 years imprisonment in cases involving national security and child indecency.
So you have to hand over your password if they claim you wont give over your password cause you are hiding CSM?
also the guy I am thinking of is American.. which I cant find, because there are too many stories about Americans being put in jail/prison for ridiculouslylong amounts of time for not giving over passwords
If the police and/or Crown Prosecution Service claim you're hiding Material behind a password, you can either hand over the password or get thrown in jail under RIPA §53.
I don't know what section of the US Code would apply for the same, but a generic "Obstructing Justice" wouldn't surprise me.
Hey, I'm from the other thread, and I'm using Thunder on mobile... seeing as I ended up blocking MindTraveller to keep my blood pressure at a reasonable level, thus preventing me from seeing that whole comment chain and replying to you in that thread... and ... I don't seem to be able to initiate a dm on Thunder? Maybe because your account is based in another instance?
Just wanted to reply to you here.
Thank you. I'm 35, queer autistic man, and I somehow seem to be the most left leaning person I know IRL at nearly all times of my life, and I actually put my... boots where my ideology is, worked at non profits, volunteered, actually do the mutual aid thing.
But somehow, online, theres always somebody who in their mind is the perfect embodiment of the progressive advocate, the perfect member of society who... fairly obviously is either extremely privileged, or terminally online to the point of delusion, and they will have no problem telling you that actually you're a pos because they have a whole fun world view that answers every question even though it bears little resemblance to reality, and your reality informed views do not align with this.
Cest la vie, thats just how things go.
Thanks again for your kind words, and I guess apologies to the mods, if someone could explain to me how to dm another user on Thunder, I'd appreciate it.
Odd, I can't either on Sync or Web, but was able to in Voyager(Whether you will receive it or not, remains to be seen). Gay guy, 37, probably queer but the definition changes so much I never know when it is OK to use it and when it is not, but I agree.
And I am not as hardcore as you are, I wish I could afford it though. Third world living in a capitalistic hellscape can be tough. And today I am dealing with mortality again as my oldest cat is very ill, so I haven't slept in a while.
I am very scientific, critical of everything, and try to fight for what I believe in, which is hard, especially when I have 3 cats who depend on me.
And from what I said earlier, you deserve every word. You are a beacon, my boy.
No matter how desperate companies want you to.... Apple , looking at you
Are you implying there is some ulterior motive in phone manufacturers including fingerprint scanners? That Apple has them because they secretly want to make it easier for police to conduct phone searches? Because that's a very bold claim, and "because customers like the convenience" seems to me like a much simpler explanation.
From experience, with facial scan or fingerprint scan available on Apple, 3rd party app require it. E.g. okta MFA login, for those with apple phones, using face scan can be forced. I know you are free to decline and free to quit the company requiring it, but just like any new data set, you soon won't be able to live without providing it.
Remember when a social security number was introduced, gov promised it wouldn't be used as a identification number for any other purpose . Forward 50 years and now you can't do anything without it.
On iOS hold vol up (or down) and power at the same time. It starts SOS but you can cancel. At this point Face ID is disabled and you must enter your pin to reenable it.
So yeah. As soon as you see lights, hit that cop button.
Just make sure you have all your docs on paper so you don’t have to open your phone.
Wasn't there a court ruling that forcing someone to unlock their phone was unconstitutional? The fourth amendment seems to indicate a warrent at least is required to search someone's papers, in the modern era that should apply to phones, obviously the constitution is meaningless if they want to do whatever but still.
Edit: in Riley v. California (2014) the Supreme Court unanimously decided that warrentless search of a cellphone during an arrest was unconstitutional.
The laws vary from state to state, and I am not a lawyer. But in general, I think it works like this. Things like your fingerprints, face, retina, etc, identify you. In many states, if the cops ask for your identification you are required to give it to them, and they are allowed to force the issue. Things like passwords, access to the interior of your home or vehicle, access to your business files, and things like that are not your identity and normally require a judge to sign a warrant (unless there are "extenuating circumstances").
Personally, I think the forcing you to unlock your phone without a warrant is bullshit, especially since they have the upper hand anyway. And the phone isn't going anywhere and neither are you. In most cases they have plenty of time to get a warrant.
My house key identifies me almost as well as my license. Seems like if they can use my thumb to unlock and enter my phone they could use my house key to unlock and enter my house.
I guess the distinction might be: your fingerprints are physical attributes of your physical person. Your house & house key are objects / property owned by you.
There are two related but distinct issues, and I hope to keep them separate otherwise the conversation goes in circles:
1 - Can police under the circumstances look at the contents of the phone at all? This is to say, if the phone is completely unlocked, can they look through it?
2 - If the police are allowed to look at the contents, but the phone is locked, in what ways can the police unlock it?
Subject 1: This is by far the more important question, and the one that seems to get ignored in discussions of phone searches like this. I would argue that under most circumstances there is no probable cause to search a phone- the phone can not contain drugs or weapons or other contraband, so to me this is the larger hurdle for police. Police should have to justify what illegal thing they think is on the phone that gives them probable cause, and I don't think that pictures of illegal things are the same as the illegal things themselves. Lawyers would have to hash this out, because I do notice the suspect here was on parole so perhaps there is a clause of parole for this or something. But this is the bigger, much bigger issue- can police even look at the contents? There is an argument from the pro-search side that constants of an unlocked phone are in plain view, and so that right there is a big nexus for the issue.
Subject 2: If we assume yes, only then does subject 2 become an issue. How much can police compel? Well, they can't compel speech. A passcode would count as protected speech, so they can't compel that. Biometrics however, from what I have seen of court reasoning, tend to be viewed as something a person has rather than something they know. This would be analogue to a locked container with a combination lock compared to a key. The police can not compel the combo, but if they find they key in your pocket they can take it and use it.
If you are up in arms about privacy, my view is not to fall into the trap of focusing on 2 and the finer mechanics of where the line for what kinds of ways to lock a phone are, and focus on subject 1. Reduce the circumstances in which searching a phone is acceptable, even if the phone is unlocked to begin with.
Things like passwords, access to the interior of your home or vehicle, access to your business files, and things like that are not your identity and normally require a judge to sign a warrant
This is exactly it. If I get arrested and they confiscate my house keys as part of entering jail, they don't have automatic implicit permission to search my house.
And I don’t understand how this is not a better analogy for phones. Why doesn’t the contents of my phone have the same legal protection as the contents of my house? You may confiscate my key but I do not permit. If you have good reason and sufficient reason, do the damn paperwork and get a judge to sign off
This is why everyone should go into their phone settings and enable the lockdown mode option if it's avaialbe. When I get pulled over I hold the power button and choose lockdown mode and then the only thing that will unlock the phone is my password. But my camera still works.
If your phone doesn't have the option, just restart your phone. There's a reason phones require the password and not biometrics on startup.
The appeals courts are always willing to test SCOTUS decisions. Now it's up to SCOTUS to defend it or not. It was a unanimous decision, specifically based on data privacy rights. So there's actually hope for it.
This is really about how to ensure they can't unlock your phone even if they have a warrant. They can't physically force you to give them the right code. SO they have to buy expensive software to clone the phone and try various passwords on the clones.
Completely agree. There are a surprising number of folks who should know better who will swear up and down how safe they are. If they like the convenience and the "cool factor" of using them....that's fine, whatever, none of my business. Just don't try to gaslight me that they are safe.
For people who don't want to do that: turn off your phone if there's the likelihood that your phone will be confiscated soon (crossing a state border or getting a perquisition). This will
And this only makes it more expensive and time consuming to unlock. So if you're small fry, they won't waste the resources. But if you are a "person of interest" don't be dumb, bring a burner phone.
I wonder though, if you had that set up and the cops ask you for the code to unlock and you told them the code to wipe and they end up wiping the phone. Would they be able to charge you with evidence tampering?
"Sorry, my distress pin is 1 digit off of my unlock pin, you probably fat fingered it by mistake. I guess we'll never know. You really need to be more careful."
I’d expect so. You have the right to remain silent. You do not have the right to destroy evidence. How is wiping your phone any different from running around your house flushing things?
Bending over backwards to find logic that lets cops ignore the Constitution.
If it's a search violation without biometrics then it's a search violation with biometrics. Next up they're going to rule that no matter how much you get recorded telling them you don't consent to a search, a search is legal as long as they can smash their way into your car.
I think this would be different for someone not on parole. So like if you're just speeding and get pulled over I believe they would be violating the law/Constitution if they forced your thumb against your phone.
But they probably do it anyway so good idea to follow the lock down above in this thread.
This isn't new. This can also be compelled by the courts. If you want your phone secure, don't have one. If you want it to be expensive to open, use a long passcode, do NOT use fingerprint or face unlock.
There’s a reason they keep you focused on the first two amendments. Don’t want you realizing how comfortable they are with unregulated search and seizure.
Honestly idk how the civil forfeiture can possibly be considered constitutional
His attorney probably should have raised that objection in the first place. He should have objected based on the phone not being material to the search of the car. But if he didn't raise the objection correctly during the initial trial, then he can't raise the objection on the appeal either.
reason.com
Active