Last week, the 9th Circuit Court of Appeals in California released a ruling that concluded state highway police were acting lawfully when they forcibly unlocked a suspect’s phone using their fingerprint.
You can turn that and Face ID off on iOS by mashing the power button 5 times- it locks everything down.
I’ve always wanted a setting to create a lockdown key and an unlock key. So something like middle-finger to unlock but index-finger to force it into PIN/password only mode. So you can have some convenience of a quick unlock but if an authority figure asks or forces you to unlock it you can one-tap lock it down.
That would be awesome.
In GrapheneOS, a single wrong fingerprint disables fingerprint unlock until the password is entered.
That’s not correct. It just says not recognized, and let’s you try again. I just tested it. Do you have documentation that it should work the way you said and mine is faulty?
Sorry, I misremembered, it’s 5 times instead of 20: more secure fingerprint unlock
Android has a similar feature. It’s called “Lockdown mode” on the shutdown menu. Locks the phone and turns off any biometric unlocks.
In a getting pulled over situation, this works. But do it before you go protest anything. Or better yet, leave your phone at home. You don’t want to be reaching for something while a cop is pointing a gun at you and saying “Hands up!”
Not to mention it’s pretty regular to track who is participating by checking the towers in the zone all the people are participating.
Or get a geofence warrant
That’s terrifying. So once we have tech to forcibly see inside the brain, that will be legal too?
“You shouldn’t be worried if you have nothing to hide” 🤷♂️
Tap for spoiler
/s
You think it wouldn’t xD?
Do you have to mash it? Or will pressing it normally work?
NO
Pretty sure Apple would replace the buttons with pressure sensors – not for user comfort but so that they are no longer replaceable with OEM parts and can be serialized. They did literally this with Macbook sleep sensors.
You can also just long press a volume button with the lock button (with a FaceID phone). I find this harder to mess up under stress.
Assuming you have the access to do this, e.g. awake, conscious, not handcuffed, etc. It’s safer to just always use a PIN in the first place.
Came here to say that! Glad it’s getting around.
Further advice regarding civil disobedience:
LEAVE YOUR PHONES AT HOME. Write down some numbers in case you get arrested—or better yet, memorize them. There are journalists there for documenting. And there will be plenty of other people that don’t follow this advice. Leave anything they could use as leverage over you and your cohorts away. Don’t bring ID. Don’t bring anything except what you need for the action. It’s not worth the risk.
ETA: also, any of you with a new car? DONT DRIVE THAT SHIT TO ANY MEETING OR PROTEST. They’re spying on you. Don’t post about it. Don’t use any unencrypted messaging service to coordinate it—WhatsApp is not safe. Signal and probably some other less common ones are the only ones safe enough. Ride a bike there, stash it in a conveniently hidden spot. Bring a change of clothes, plan escape routes, plant the change of clothes either hidden on your escape route or wear them under your plain clothes. Cover tattoos. Leftist activists are not safe. And literally the rest of your life could depend upon how well protected you have made yourself.
https://www.theguardian.com/us-news/2022/feb/10/felony-charges-pipeline-protesters-line-3
So many states have pretty quietly passed laws to make you a felon for protesting. Even peacefully. And to make you a fuckin corpse. In the south especially, a few states were writing “go ahead, run over any protester in the road” laws.
Be smart. Be safe. Have a plan. Have a contingency plan. This isn’t “fuck around with the blunt end of the justice system and find out” territory, in 2024 US, it’s time to be as safe as you can while doing what’s right. Because doing what’s right is criminalized. Heavily.
If you’re going somewhere where you think you might be at risk, IMHO, it’s probably just easier to turn your phone off. Android and iOS both require a non-biometric passcode after boot.
Or, if you want to keep your phone on, enable lockdown mode on Android, or tap power 5 times on iOS to require a non-biometric password at the next unlock.
It’s never a good idea to bring your phone with you. It can be used, even while powered off, to track and surveil you. The BLM protests were just the tip of the iceberg. The apps you have on your phone track you. The government is buying that tracking data. Your phone is a massive privacy weak point. It’s basically a bug you carry on you willingly. It’s not safe. Period.
https://www.vox.com/recode/22565926/police-law-enforcement-data-warrant
Leave your phone at home. It’s not worth it. It may not bite you in the ass the day of, but could very easily come back to haunt you after they investigate, in case anything goes “wrong” in their eyes. It’s just not worth it.
IMHO, as someone that works in security / privacy, I tend not to view it as a binary thing. It depends on where you live, what you’re protesting, what you look like, who you are, etc.
Are you in Russia or China and are protesting the government? Yeah, I might leave that thing at home. Are you a white lady in San Francisco marching with a pink knit cat hat during brunch hours, then you’re probably well on the other side of the risk spectrum. You might actually be introducing more risk by having less immediate access to communication or a camera.
IMHO, it’s nuanced.
The problem is that the people doing the surveillance are hardly going around honestly telling people what’s their surveillance profile.
For example in the UK that “pink knit cat hat white lady” would very likely be under surveillance if she was a member of the Green Party and participated in demonstrations. In fact, recently a number of cases came out where in the 80s and 90s the police had infiltrated Ecologist groups and even left some of the women in those groups pregnant with the children of men they late found out were undercover agents.
Further, the lower the barrier to entry to surveillance the lower the “threat profile” needed to end up under surveillance: if the authorities have already have well established and commonly used processes backed by ultra-broad surveillance court (or whatever those courts are called in your country) orders to just get from the mobile network providers all the phone numbers that connect to specific cell towers during a specific time period (such as the ones nearer a demonstration during that demonstratiom), pink knit cat lady is going to end up in the list just as easilly as baclava-wearing hard-core anarchist looking to break stuff.
They might not hack the pink knit cat hat lady’s mobile to install eavesdropping software, but she’s still in the list for every demonstration she attended carrying her phone and for the authorities finding out those who were at multiple demonstration and cross-searching with other databases to resolve those numbers to actual identities is pretty easy unless those people jumped through hops to keep those things disconnected (which, funny enough, smart anarchists are more likely to have done than your average pink knit cat hat lady)
I agree with your point, but balaclava is the hat, baclava is the delicious Greek pastry.
We take on risk every time we decide to wake up and start the day.
I live in a place where I’m considerably more likely to get hit by a car while walking than thrown in jail as a political prisoner. That doesn’t mean I’m never going to go for a walk. I’m going to live life.
Leaving my phone at home seems pretty silly when the risk is very low in my nation and I do riskier things while cooking dinner.
Oh, in day to day usage I agree with you: we’re all one little uninteresting datapoint in a whole lot of datapoints and there are plenty of other ways in which we are tracked.
However if you’re part of a Political Party or Movement and/or attend demonstrations, it’s probably wiser to leave the phone at home, if only because that makes you stand out as a much more interesting datapoint than average.
It can be used, even while powered off, to track and surveil you.
How? The only legit thing I can think of is if they are tracking you anyway, and then they see your phone is turned off, they might try to claim that you must be up to something. But they won’t be able to track it while it’s off.
I think the fact that we are able to record everything that happens and automatically upload it seriously outweighs what you are saying.
The only reason cops get in trouble is only because people are filming. If it’s not caught on camera, it didn’t happen in the eyes of the law if it’s just our word against a cops.
It’s your life. This advice is important in more active circles. There are also jobs that should be given out. Just like there are medics that come out, there should be journalists—in leftist action circles, this isn’t EMTs and NBC photographers. See what I’m saying?
It’s ultimately your choice. But depending on what’s happening, the cause, the state, the cops, the current state of the govt of the country, etc., this advice can literally be invaluable.
For 200-250$ you can get very decent used compact cameras (like the RX 100). It won’t upload the photos immediatly, but it is still pretty much on par with most current cell phones.
The concern with bringing your phone is that police have subpoenaed cell providers to force them to turn over cell tower records. The police then used the lists of cell phones connected to those towers to track down protestors.
You shouldn’t bring your phone to a protest because it could end with police kicking your front door in three weeks after the protest has wrapped up.
Maybe get a dumb burner phone with no personal data on it. You could potentially keep your main phone in a secret/secure pocket.
keep your main phone in a secret/secure pocket.
Terrible idea, it will be found with absolute certainty if you’re arrested.
No. Several Jan 6 participants tried burners and they still got caught because the burners were still linked to their movements and activities and their personal phones were unusually unused/off/immobile for the amount of time the burners were used. You would have to expend a lot of effort to make sure your burner was completely disconnected from yours and your phone’s location, as well as making sure your phone showed signs of appropriate activity in your absence.
Not so easy.
Just having a burner phone works against dragnet surveillance if one is not doing really stupid shit like logging in to one’s personal social media accounts from one.
If however it’s an actual crime which actually gets investigated by actual criminal investigators, they’re going to be coming at it individually and using much more specific techniques than just “use a surveillance warrant to get a list of all mobile phones that connected to certain cell towers at certain points in time and plonk them all on a database to cross-check with similar data from other demonstrations”.
You can’t just treat a burner phone as a second phone that you have active anywhere near your home, place of work or places you normally frequent and you can’t just keep it and keep on using it for a long period of time: the longer one holds on to that burner phone the more data points there will be that can be bulk checked with other, identifyable, data from other sources (say, car tracking data) to find out a more than normal overlap.
I wouldn’t at all be surprised if those people with the burner phones had them with them active whilst ridding their personal vehicles which had something like OnStar or were dumb enough to log-in to their Facebook account from them.
And completely cover any tattoos. Even more identifiable than your face, honestly.
The article pretty plainly says the guy was coerced into entering his password. So the headline feels a bit manipulative.
It’s Gizmodo. Its all manipulative bullshit.
Lemmy quality descended quite quickly. What’s the more intelligent tech community alternative besides hacker news?
It seems everything descends into this samey mess of america bad, eat the rich which I don’t dispute with but I am here for tech and not politics honestly. Time and place for everything.
The amount of low effort comments that seem to only be about points/validation which aren’t even visible for some is tiring.
It used to be that you would look into comments for useful information about the posted article. Now you can skip the comments altogether and the posted links quality also became questionable.
I miss times where you could find links to some niche but full of creativity/usefulness websites in the comments or posts. Those juicy gems of the web. Or learn some fact that you had no idea about.
I want to learn something new being here. Not make my brain feel good with the reward of validation.
Probably because America bad, eat the rich.
and this is why lemmy is a limp-wristed do-nothing. too many people here want to stick their head in the sand. but by all means, pls share some more star trek memes.
I mean I have curated my ‘All’ only to non world news and non memes comms and I was left with literally nothing except this community. There is literally nothing here :/
I will still keep using it whenever I can though just out of principle and to curb some of my Reddit addictions.
I am sorry to say nowadays 95% of content appears to be meaningless. Not contributing anything, not creative, not even funny lots of the times. I won’t sugar coat this
but tech news ad nauseum is ‘meaningful’. lol okay.
See I have this weird feeling that we are too different to even connect somehow. You didn’t even read my comment. Any benefit of doubt of mine is pointless when you just throw some out of place, bland one liner and don’t even want to discuss anything. It’s like talking to a wall
I don’t want to have a discussion. I want to unify a disgruntled public so we can make change for the better. Get friends if you just want to have a discussion. All I’m here to do is to get you to say it with me:
EAT. THE. RICH.
Take a deep breath and tell us how you really feel ;-)
I got here a bit late and it seemed like there was some decent discussion going on. Practical advice on how to lock various phones.
Some high quality pasta about how to survive the coming civil war ;-) Honestly good advice for anyone considering civil unrest there.
It’s small, but what’s really missing here? Someone dragging up the constitution? Being forced to incriminate yourself is wrong and any evidence gleaned should be inadmissible. Cops shouldn’t manipulate people into giving up their rights… but that’s the country we live in.
Reddit was a wash in low effort feel good upvote nonsense too. It just got buried faster.
To each his own but until I have time to post a bunch of high quality content, I’m not going to complain so bitterly.
I am just annoyed that those sites became so mainstream that’s all. It always gets shitty then but if it is really good it is unavoidable.
I guess the key is to make it bad enough so normal fans won’t touch it but good enough so that some of us enjoyers will enjoy it
I think they were victims of their own success weren’t they? Gawker was already kind of a tech-tabloid, happy to report rumors (which were often true or at least truth adjacent).
That kinda made them popular with both hardboiled techies who wanted to know when my shit was going to come rolling down, and regular folks who just wanted some good gossip… maybe wanted to touch our feet or whatever ;-)
With that success and the capital investment it garnered Gawker bought up all the good tech news sites.
Unable to produce meaningful content for that many sites on the limited budget their investors demanded Gawker invented the listical. And humanity wept —and kept clicking for some damn reason 🤨
Many years passed and the listical was clearly dying, so Gawker sought out a real zinger to boost their profile… I’m a bit hazy on the details, but it sounds like Peter Teal fucked them up the ass with Hulk Hogan‘s penis. 
At least that’s how I remember it ;-)
Ya know… I hadn’t see anything by them in so long I forgot.
It’s just as shitty as ever
The headline is click-bait. I honestly don’t know why people still read this crap.
It’s frustrating to no end that fingerprints and face ID are treated like passwords when they should be treated like usernames.
That makes a lot of sense !
Maybe don’t live in a fucking dystopia. The US is a police state and you have no freedom left.
While I buy you’re general cynicism, it’s wrongly applied here …
It seems like we have both more and less protections than other places, for this instance.
- while it’s not entirely settled case law, you can NOT be compelled to give up your passwords. Different states differ and they’re constantly trying
- however biometrics are counted as public knowledge, so you have no protections
This is more of a scenario where legal contortions turn into huge inconsistencies, plus our legislature has refused to clarify so it’s all on the court system
## How to disable Face ID through the Power Off screen
- Hold down both the Side Button and either Volume Button at the same time for three seconds.
- The Power Off slider should appear. Tap Cancel.
You actually don’t need to hit cancel, you can just hit lock, so you can do this whole thing with your phone in your pocket.
https://appleinsider.com/inside/iphone/tips/how-to-quickly-disable-face-id
This is easier and less intrusive than the lock-button-5-times method because it doesn’t start making a phone call that you have to quickly cancel.
This is the advice people (with iOS) should follow, not disabling biometrics altogether. Using FaceID or TouchID prevents shoulder surfing to find out what the password to your phone is. When local passwords have so much control over a device, using biometrics to prevent anyone from seeing what your passcode is is very useful.
Those settings can also be altered under Settings > Emergency SOS
Real MVP right here. Good to know!
deleted by creator
This also encrypts your data.
FYI Androids have a feature for this. If you are ever forced to interact with a cop you can press the side button and volume up(might be different on other phones) to select lockdown which will force your phone to only be opened with the password. Its gross that we need this feature, but now you know.
iPhones do this too. Hold the lock and volume down button until your phone buzzes, to get to the SOS/reboot screen. Once that screen is activated, it’ll disable biometrics until the passcode is entered.
You can even take photos/videos with the locked phone, and the recordings won’t be able to be deleted from your iCloud until the passcode is entered. Handy for recording cops. Cuz even if they take your phone and delete the recording, it’ll still sit in your “Recently Deleted” for 30 days. And while the phone is locked, they can’t access that Recently Deleted folder to permanently wipe it. So you can just access your iCloud account from any computer and recover the “deleted” footage.
iPhones also have this feature, for a long time now:
https://ios.gadgethacks.com/how-to/keep-law-enforcement-out-your-iphone-your-privacy-intact-0194999/
Rather irresponsible of the article to not point out these features on Android and iPhone. Did a cop or government official write that article?
Most likely just a written with little real tech experience.
Yeah, but I want a combo that force starts the feature. I want to pull out my phone and be able to blind start it, not stare at my screen to select the correct thing.
Same, but this is our only option unfortunately.
I have Button Mapper trigger a Tasker task that locks my phone when I hold the volume down button, for some reason Button Mapper’s lock doesn’t trigger a lockdown.
(Tap and hold still lowers the volume)
Edit: Maybe:
You can instead hold the power button for 1 second to open the same menu. Feels easier to me.
Jesus christ this explains why occasionally I’ll pull my phone out of my pocket and it forces me to input the pin rather than the thumb print. It’s just one of those mildly annoying things that you wonder about but don’t think about enough to search for the answer.
Your situation is more likely to be caused by Android’s system to make sure you don’t forget your pin. It has a number of unlocks (and a length of time) before it forces you to do the code.
It’s* gross
Great contribution.
On pixel, if you ever need to - press and hold the power button, select “lockdown”.
(It might apply to other androids too, I don’t know.)
You will now need a pin to unlock the phone. This disables the lock screen shortcut (camera, light, etc) as well.
Why disable your convence features for an scenerio that is not likely and can be quickly and easily be prevented.
Universal: You could also just the tap the sensor with a “wrong” finger a few time, and the pin will be required.
Maybe don’t do this one in front the cops…if you find your self in a postion where they are trying to unlock your phone, you probably don’t want to piss them off. .
Edit: I’m surprised no one called me out on “if you’re ever need to”. The sentence was going to be “if you’re even in a situation that needs…”, but that was getting too long. Forgot to change you’re to you.
On my pixel 6 it is power + Volume Up to access the power menu with lockdown.
The Pixel fingerprint scanner is so bad, you could end up locking it entirely by accident.
Behind-the-screen fingerprint scanners are an abomination.
My 5a sensor is fantastic (it is on the back). I’ll be sad when it’s time for this phone to go.
Not my experience. They are usually instant, but you need a flagship device, of course. Otherwise it’s comparing apples and oranges.
The $1000 price tag on the Pixel tells me it’s a flagship device and yet the scanner is still trash.
But optical scanners just suck in general. I wish they’d bring back the rear sensor, it was so convenient both for unlocking and for having a shortcut to pulling down the notification shade.
First gen in-screen scanners were absolute trash. Borderline unusable. But the tech has improved quite a lot since the first ones. The one in my galaxy tab s9’s screen is fast and accurate.
It’s from AOSP, so any device close to the actual Android baseline should support that. This means that you can enter that mode from LineageOS as well.
I have a motorola razr (basically stock android) and I have the ability.
A stipulation of Payne’s parole agreement was that he be willing to provide a passcode to his devices, though that agreement didn’t explicitly refer to biometric data. However, the panel said the evidence from his phone was lawfully acquired “because it required no cognitive exertion, placing it in the same category as a blood draw or a fingerprint taken at booking, and merely provided [police] with access to a source of potential information.”
These both seem like bad calls. You have a right to privacy, right? And for police to access your files/home/phone tap requires obtaining a warrant.
Fingerprints at booking gives access to public records. Not your own personal private data. Pretty sure drawing blood is justified suspicion of DUI.
Yes and no. When you take parole, you agree to give up some freedoms in exchange for getting out of prison early. For example, taking drug tests, checking in with your parole officer, or not leaving the state/country. If your crime was related to using a phone or something, like being a drug dealer, then it can make sense to have to allow your parole officer to check it.
So after you have been convicted of a crime, you will have restrictions based on that crime. That’s a world of difference from pulling over Bob and forcing him to unlock his phone.
I’ve avoided willingly using biometrics so far. Though I’m sure our faces, gaits, body shapes, etc, are all stored somewhere, willingly or not.
Say no to biometrics. It’s like having a password you can never change.
Password you can never change
Not with that attitude! You can absolutely change your face. its rather inadvisable
Face… off…
it’s not a password; it’s closer to a username.
but realistically it’s not in my personal threat model to be ready to get tied down and forced to unlock my phone. everyone with windows on their house should know that security is mostly about how far an adversary is willing to go to try to steal from you.
personally, i like the natural daylight, and i’m not paranoid enough to brick up my windows just because it’s a potential ingress.
It’s not a great analogy. Your house and its windows are exposed to your neighborhood/community. Your internet device is adjacent to every hacker on the web.
it’s an analogy that applies to me. tldr worrying about having my identity stolen via physical access to my phone isn’t part of my threat model. i live in a safe city, and i don’t have anything the police could find to incriminate me. everyone is going to have a different threat model. some people need to brick up their windows
Assuming the phone’s security works as intended, what you’re saying is true. However, it’s a legit concern that the security is not airtight, and physical access is not actually required to harvest your biometric data.
I know the phone manufacturers make all sorts of claims about how secure biometric data is, but they have a profit motive to do so. I’m not being brick-up-my-windows paranoid by pointing out all the security failures and breaches we’ve seen over the years. Companies that have billions on the line are still frequently falling short at securing their own assets, much less their customer’s data.
I understand biometrics are convenient, and many folks love the ease / coolness factor of using them. Just don’t kid yourself that it’s secure by requiring your physical phone. Once the dark web has a digital copy of your biometric data, it’s compromised forever.
First provide proof that you can pull out biometric data out of a secure element in a phone.
like i said, it’s more of a username than a password
Joke’s on them. My yo-yo diet keeps me safe from accurate body shape biometrics.
Same here. Still using the pattern lock. I’ve never used fingerprint not to even mention face scan.
Sucks to be american. Sucks to live in america.
Why would anyone?
This is a dumb question. Almost 50 million people live in Sudan where there’s an ongoing famine. 70 million people live in UK where mass surveillance is roughly state supported. Asking why 300 million people don’t just move is … stupid
The difference is that people from the US and UK are generally welcommed in other countries. People from Sudan have a much harder time being let into other countries
As tourists, sure. But getting a work visa/residence permit is not as easy as you think.
And second of all, what do you expect? An entire country to up an leave? That’s stupid beyond measure. Won’t that entire country elect the same government wherever else they end up in?
LOL
1- Its correct that its not easy to get a residence permit, but it is a lot easier if you are entering from the US/UK than if you are coming from Sudan.
2- I don’t expect people leaving the US, to want to live like they did in the US. So assuming that they would want to create a similar life outside the US is kind of childish, and not even possible in most countries.
That said, it’s a figure of speech. You’re taking it too far and too literal
I live in the UK. A judge can compel you under Section 49 of the Regulation of Investigatory Powers Act 2000 to hand over any passwords for any devices or services they reasonably believe you have possession of the passwords for.
If you don’t then you can be imprisoned for up to 2 years for normal crime or 5 years for crimes relating to national security or the production, possession or dissemination of CSAM
No.
I’ve already planned to spam the lock button for a few seconds if something like that came up (iPhone) it triggers the emergency settings and disabled unlock without a passcode.
You can also just hold a volume button + power. That will bring up the power / emergency screen and will require a non biometric password for the next unlock.
I really think this depends largely on who you are and what you do with your phone. I have face recognition and fingerprint recognition both enabled on my phone. It’s good enough to prevent a thief from gaining access to my device, and if law enforcement asked, there’s nothing on my phone that could possibly be incriminating. Realistically, I’d have no issue just unlocking my phone and giving it to a police officer, although I do know well enough to always get a lawyer first. Biometrics add an extra layer of convenience; it’s nice to just look at my phone and it unlocks. My concern personally is more about someone stealing my phone and accessing my accounts than self-incrimination.
If I ever was going to put myself in a situation where I’d run afoul of the authorities, I’d leave my phone at home anyway.
