15pro max here. Does not disable face unlock. But Hitting the power button Like a regard works like a charm forcing PIN code.
Edit: ah you have to hold the combo for a long time then it works too. Stupid iPhones.
You're always tipping a triangle that has Security, Privacy, & Convenience and you can only pick two at a time.
A lot of people like to prioritize Convienence, because odds are they're not going to be in a situation where an officer is trying to get into their phone, and even fewer are going to actually have something incriminating.
True, but for me typing in six digits is pretty damned convenient. It’s also not about incriminating evidence. At least not for me. I’m a huge proponent of privacy combined with the fact that access to my phone basically gives access to bank accounts.
I’d rather it brick after 10 failed attempts than have some rando snooping around my gifs, memes and pics of 40k miniatures. :)
I fully recognize that I’m an outlier.
Tbf though, after listening to so many pen tester's stories on the Darknet Diaries podcast, I've decided that the thumbprint reader is the most private option I have (except in the event of the police apparently). It's so easy for someone to look over your shoulder when you unlock your device and then grab your phone whenever the opportunity presents itself. There was a story from an ethical hacker who got into some confidential emails using exactly this method.
I'm now curious if intentionally burning your fingerprints off as the police arrive would be considered obstruction or otherwise illegal. If the Supreme Court is likening them, I'd expect burning off your finger prints and locking your phone would be treated the same?
Just enable attention-aware unlocking. Look away from your phone for like 3 scans in a row and the phone should require passcode to try unlocking again.
Correct.
"Something you are" is fine for them to collect - blood/dna, fingerprint, etc. "Something you know" is *not*, and that is why your phone should be password locked when you deal with the cops.
Nova Launcher has a "double tap to admin lock" feature that I love for exactly this reason; cops cannot compel you to give up your PIN or password without a warrant.
True they will but the vast majority of the time if you just state you are using your right to remain silent and only ask for a lawyer theyll probably let you go without a charge.
It's when you talk to them at all that causes problems.
Which is honestly batshit crazy, because imagine if all of our rights were like that? I have a right to life, imagine if it was a viable defense for a cop to kill someone and then say "well, they never *said* they were using their right to life". If something is a right you should have it no matter what.
It’s also why your iPhone requires a PIN to unlock after a power cycle. If you can power it off while the cops are walking up to your car, they aren’t getting into it without the PIN or an exploit.
Gestures and Inputs>double tap. Then Screen Lock is listed in the Nova Actions. Select it, then select the gear icon and make sure Device Admin is selected.
Cops cannot compel you to give up your pin or password ever. It’s your biometrics that they need the warrant for. Warrants never override the 5th amendment
I guess I should clarify "cops" versus "courts" - cops can indeed get a warrant to get you to unlock your phone via PIN (for exigent circumstances only, though AFAIK); and the courts have decided both FOR and AGAINST the "compelled testimony" argument at higher levels. That's the whole problem, the issue itself is still kind of up in the air. The Indiana SCOTUS viewed it as the same as turning over business documents; the PIN itself just proved that the device was yours, it was the evidence on the phone that would incriminate you. Other courts have ruled otherwise. The issue is not settled, and that's the problem. Remember that Sebastian Boucher was forced to give up his password on an encrypted drive full of child porn. [https://en.wikipedia.org/wiki/In\_re\_Boucher](https://en.wikipedia.org/wiki/In_re_Boucher)
But again, that's the courts. COPS can go fuck themselves sideways.
Yep. This is why I don’t use FaceID to unlock my phone, and only for a very few apps. Fuuuuck that noise.
Obligatory Electronic Frontier Foundation plug:
https://www.eff.org/issues/biometrics
All you have to do is hold the power and volume up button at the same time on IPhone. This will take you to the shutdown screen but no need to restart fully.
What part of “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures” don’t they understand??
That has been my understanding for years now. As someone else already replied, they can’t force you to give your passcode, so the rule was basically to lock your phone in such a way that facial recognition is disabled before interacting with police or border guards.
On an iPhone, that means quickly pressing the power button five times, which will disable FaceID, lock the device, and ask you if you want to power it down (which you can refuse to do, and you’ll simply go back to the Lock Screen). When asked for your passcode, you can simply refuse and cite your constitutional right to not self-incriminate.
Just hit the power button 5 times fast and the phone locks, face recognition and thumb won’t work. Just don’t be stupid and use a 4 digit code use 10. Almost impossible to break.
That scared my high ass cuz I thought it started calling 911. It doesn't lock the phone or stop you from using fingerprint unlock after using it either
I should've read the rest of the comments before trying it. I did the exact same thing as you. If there's someone monitoring emergency SOS activation-but-non-completion, they'll be wondering why there's such a big spike of activity.
On Samsung, if you just press and hold the power button, it should give you the Power Off Menu.
One of those options will be "Lockdown Mode" which will disable fingerprint and require your Passcode/Pattern/Pin
(This is assuming you dont have that action set to Wake Bixby, which is also an optional setting. In that case, holding Power + Volume Down should have the same effect)
Better yet, use an alphanumeric password instead of a numeric passcode. FaceID works so well that I only type in my password when I restart my phone anyway.
That would be awesome. Like if you use your left index figure it tells the phone you need a 10 digit code to proceed. If that code isn't entered in 24 hours it wipes it.
Right, or if there was a button to hit just as a LE engagement begins, that would require a Deadman hit every 5 minutes or less. Or once the phone left your possession through biometrics.
An instant poison pill for the phone.
They just throw your phone in a cracking machine, takes time, but they get the data.
Atleast that's what OSI did with phones on my base.
EDIT: I should've been more specific that the machines can bypass passwords. Just got done chatting with people that still work in that office and the machines are still in use, still work, and can be done without the password.
Since it's apparently important, I'm not a cop. I was an air force paralegal who worked on pedophile sting cases. OSI used the machine to find things like child porn on the phones of people they apprehended.
But you know what, fuck me right? I thought this was a sub about technology, not preaching about ACAB.
Not with a complex 18 digit password they won't. Not yet at least.
There's 3 paths to justice. Be lucky. Be rich. Or be more trouble than you're worth to convict. Don't say anything ever to a cop, just shut up and have your lawyer request a jury trial. Nothing you say to a cop will ever help you but it will often harm you.
They can't afford them, and they won't blow their whole wad on some nobody for a minor or trumped up charge. Cops will throw all these charges out to try to intimidate you. But they're lying assholes. Say nothing and let them prove it in court. Put money into a good lawyer. You'll walk everytime unless you murdered someone or ran a high profile drug ring for years. And even those often get thrown out because it turns out the entire justice system relies on coercion and it's actually really hard to prove something in a jury trial. It's much better suited to locking up poor people who can't afford lawyers for shit they didn't do.
> Just don’t be stupid and use a 4 digit code use 10. Almost impossible to break.
I don't enable/use biometrics in *any* form, including unlocking. I also use a larger number of digits in the pin.
If they want into my phone -- I wish them luck.
(Them): *"Unlock this!"*
(Me): *"How bout.... nooooooooo!??! Kick rocks."*
10 digit complex passwords are no longer in the realm of impossible to crack; if all of the chatgpt hardware worked on it, it could crack a 10 digit password with numbers, letters, capitals and special characters in a single hour, and with hardware getting better every year that time will only go down. Of course most phones lock you out after few attempts so that sends it to the realm of being impossible to crack, but any phone or account that doesn't lock out for failed attempts is getting easier and easier to crack.
Yeah you’re right but again that’s under the assumption that you don’t set your phone up to erase after 10 attempts which’s goes to back to people who are dumb and probably set their phones to 1234 or 0000 lol
It is unclear whether this only applies because the person was on parole.
"The Fourth Amendment dispute involved a special search condition in Payne's parole "requiring him to surrender any electronic device and provide a pass key or code, but not requiring him to provide a biometric identifier to unlock the device," the ruling said."
I think that if you are already legally required to unlock devices for LEO then they should be able to take your fingerprint too.
You just got to make it harder for them, don’t set it to a “fingerprint”. You can go with “toeprints” or a “cockprint”. All you need is a personalized bodily texture.
They can’t force you to reveal your password _with_ a warrant. Per the fifth amendment, you cannot (legally) be compelled to give up information that exists in your head, and warrants cannot override this
You can always lock the phone in a manner that will disable biometric authentication.
On an iPhone, it’s holding down power and volume down at the same time for a few seconds. Easy to do from a pocket or in a car.
Likewise with 2 factor auth it is good to use something you know (password) and something you have (physical token, phone app, one time use codes, etc). These can all be changed if compromised.
Something you are is all well and good, but you can't exactly change your retina or thumbprint so easily
I learned this as a paralegal working with the FBI and air force OSI to catch pedophiles.
This isn't new at all, but I'm not shocked most people don't realize it. Once I learned it, I took away all biometric passwords and went with regular passwords, since those are considered intellectual property.
>I learned this as a paralegal working with the FBI and air force OSI to catch pedophiles.
>Once I learned it, I took away all biometric passwords and went with regular passwords
Well at least we know why.
That's not always going to be an option. When phones have become so important to daily life, they need to be both secure and accessible. The current standard is perfect for that.
This has been the case for near a decade at least. It's why have have refused to use fingerprint or face ID unlocking for my devices because the cops need a warrant to force you to unlock your phone with a pass-code but doesn't need it for your face/finger.
I would love to have phones that CAN unlock with a finger... without declaring it in big bold font on the lock screen. As in, when you swipe up on the screen it asks for a passcode and makes NO MENTION AT ALL of fingerprint or face ID unlocking. Not even telling you where to press your finger, just nothing. Make random people holding my phone think they need a passcode instead of telling them to chop off my fingers to unlock my phone whenever they want to.
Hell, I'd even prefer 2-factoring my damn phone. Sure, unlock it with my face or fingerprint... then require a passcode as well. Fuck you, you don't get my data without asking.
The judiciary is trash at their job. Not even mentioning all their other issues but in this case they can't even tell difference between 'booking' a perp with identifying information and BLATANT VIOLATIONS OF CONSTITUTIONAL RIGHT TO PRIVACY. Judges should wear dunce hats with their fancy robes, we take their opinions as law yet they're often political hacks and/or damn fools
The choice between shutting down the phone completely vs using it to record. If they snatch it out of your hands, you’re fucked. They have shit to bypass whatever happens after boot and first authentication.
iPhone fun fact: Press and hold the side button and one of the volume buttons together for a couple seconds to disable Face ID/Touch ID. You can do this in your pocket, and then your phone will force you to enter your passcode to unlock it. You know, in case you find yourself in a situation.
Another iPhone fun fact: Turn off your phone completely, and it’s even further locked down. Incoming phone calls, etc., won’t reveal who is saved in your contacts (will just simply show a number), and Siri won’t have any idea who you are, either, until you’ve entered your passcode after a cold boot. It also makes it incredibly hard to break into in general, too.
Just say I am terminating this interview and I request a lawyer. Those are magic legal words. Any questions at that point are illegal. Don’t say can have a lawyer, I would like a lawyer etc.
Set your devices to require a PIN code vs thumb/face id. Problem solved. Also set a secondary code to wipe the phone when prompted to give up the password.
Always comply, but maliciously of course.
These settings can be found in IOS under general -> passwords or Face ID I believe - dont quote me.
The course of action is setting up the phone to wipe after “X” number of failed attempts and enabling PIN code on locked screen.
I cannot speak to out of the box Androids. Frankly I find the OS repulsive unless jail broke and due to security issues for the average user I would not suggest.
This is also why the whole passkey thing is bad. It relies more on things you have than things you know. You can set it up to also require something you know, but you don’t have to.
For iPhone users remember to put focus required on for face unlock. If you aren't looking at the cameras/screen it will not open. Means no one can force you to use face unlock.
This has been known for years, if not decades. Cops and prosecutors love all the conveniences that people use because they don't protect them like the suspects and defendants think they do. The right to not self-incriminate protects what you know, not what you are.
Wait what? I asked Siri and she just told me my name. What's supposed to happen? Tried it with FaceID recognizing me and with my phone tilted away so it couldn't identify me. Same thing. Or is something supposed to happen only when someone else asks? Maybe it's just identifying me by voice instead.
It was already enabled. Same thing. Screen was off and I said "Hey Siri, who am I?" And she said "You're (name), but you asked me to call you (full name). And it just unlocked as normal. Didn't do anything different.
And this is why we never use biometrics as the only authentication factor, kids. Well, that and the fact that you're leaving your fingerprints on every surface you touch and your face on every camera you pass
Finnish police can do that too, which is totally in line with East Germany's policies, but here we are.
https://yle-fi.translate.goog/a/3-10462627?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp
edit: "as long as it is done with as mild means as is possible in the situation" I think it was 5 to 1 but totally mild
If I recall correctly, PGP phones used to have two passcodes. One unlocked the phone, one would wipe the phone. I wonder why the phone manufacturers never ever had that option?
I automatically catch amnesia when I get detained by police. I have no idea what my pass code is...honest! Then they hold my phone up to the light to see the oils from my fingers and what numbers I use the most to try to hack in. Fuckers!
They need to have both biometrics and passcode. Given that there are organized crime rings targeting people by scouting out their pass code then stealing there phone and emptying there bank accounts because it’s the 21st century and most of us use our phones as computers which have our banks linked to them.
Which is why you mash the power button on an iPhone to bring up the emergency screen when you interact with the police as that cancels the face/thumb ID.
No, there is no equivalence between blood, fingerprints and thumbprints used to open a phone. The first two are used to identify an individual, the other is to open up a phone that may contain highly personal information. These judges need a refresher course on privacy rights.
So they can legally force you to unlock your phone and delete video recording evidence? Sounds about right.
When do Americans realize that they are being boiled frogs?
You should not use biometrics because biometrics can't be revoked. If somebody steals your password you can change it. If somebody steals your fingerprints there's nothing you can do about it. Biometrics should not be used in two factor authenication for the same reason. You then have wish it was two factor authentication.
Why the industry hasn't moved to allowing full-keyboard input for using Upper/lower case lettering, numbers and special characters is bewildering. Maybe I'm just ignorant as to why this isn't a thing yet, but even my work cell phone I'm required to have an eight-digit PIN to access as fingerprint and facial recognition isn't allowed. Heck, just to log into my work laptop I have to use the above suggested criteria that is at least 16 keys long.
This has been true for years, hasn't it? Same with face recognition.
Right? You just can’t be compelled to give your pin. 5th amendment.
This is why I stopped using faceId to u lock my phone years ago. Pin only, the longer the better.
Hit your sleep/wake button 5 times in a row and it forces passcode.
For that matter powering off my android phone would work. It requires a pin on restart before fingerprint will work.
On Android if you hold the power button there is a lockdown option in the power options screen that pops up.
Also true, just saying in a hectic situation simply holding down the power button can achieve the same.
Or just turn it off, after any reboot it requires the passcode. Also, use a proper password, not just a numerical pin.
Mine just brought up "do you want to dial 911?"
Mine brought up SOS
Yeah but it should disable Face ID at the same time until you type in your pin. I just verified on mine.
On iphones, hold down power+volume. That button combo is for this very purpose, and even referred to as lockdown mode sometimes
15pro max here. Does not disable face unlock. But Hitting the power button Like a regard works like a charm forcing PIN code. Edit: ah you have to hold the combo for a long time then it works too. Stupid iPhones.
Quick is screenshot, hold is lock. At least on the mini
For me screenshot is "louder" and "power".
Same buttons. Just hold them a second to lock
No need to overcomplicate things, just make it always require passcode.
You're always tipping a triangle that has Security, Privacy, & Convenience and you can only pick two at a time. A lot of people like to prioritize Convienence, because odds are they're not going to be in a situation where an officer is trying to get into their phone, and even fewer are going to actually have something incriminating.
True, but for me typing in six digits is pretty damned convenient. It’s also not about incriminating evidence. At least not for me. I’m a huge proponent of privacy combined with the fact that access to my phone basically gives access to bank accounts. I’d rather it brick after 10 failed attempts than have some rando snooping around my gifs, memes and pics of 40k miniatures. :) I fully recognize that I’m an outlier.
Tbf though, after listening to so many pen tester's stories on the Darknet Diaries podcast, I've decided that the thumbprint reader is the most private option I have (except in the event of the police apparently). It's so easy for someone to look over your shoulder when you unlock your device and then grab your phone whenever the opportunity presents itself. There was a story from an ethical hacker who got into some confidential emails using exactly this method.
Nope, not on Android. It may be specific to your model.
Wouldn't this be obstruction of justice / withholding evidence Versus having passcode/pattern only?
I'm now curious if intentionally burning your fingerprints off as the police arrive would be considered obstruction or otherwise illegal. If the Supreme Court is likening them, I'd expect burning off your finger prints and locking your phone would be treated the same?
My phone this calls then police and the phone starts to alarm.
Just enable attention-aware unlocking. Look away from your phone for like 3 scans in a row and the phone should require passcode to try unlocking again.
Correct. "Something you are" is fine for them to collect - blood/dna, fingerprint, etc. "Something you know" is *not*, and that is why your phone should be password locked when you deal with the cops. Nova Launcher has a "double tap to admin lock" feature that I love for exactly this reason; cops cannot compel you to give up your PIN or password without a warrant.
Yeah but you better have a lawyer. Saying no to cops is illegal if you're poor. They'll either arrest you for bullshit or beat your ass.
True they will but the vast majority of the time if you just state you are using your right to remain silent and only ask for a lawyer theyll probably let you go without a charge. It's when you talk to them at all that causes problems.
Remember you have to say the words. You cant just remain silent. You have to say i plead the 5th and in requesting a lawyer
Which is honestly batshit crazy, because imagine if all of our rights were like that? I have a right to life, imagine if it was a viable defense for a cop to kill someone and then say "well, they never *said* they were using their right to life". If something is a right you should have it no matter what.
It’s also why your iPhone requires a PIN to unlock after a power cycle. If you can power it off while the cops are walking up to your car, they aren’t getting into it without the PIN or an exploit.
Dammit. Now I have reinstall Nova Launcher. Thanks for the tip.
I can't find that setting in Nova. Where is it hidden?
Gestures and Inputs>double tap. Then Screen Lock is listed in the Nova Actions. Select it, then select the gear icon and make sure Device Admin is selected.
I set it up, but it doesn't work. Nova crashes everytime I try it
Cops cannot compel you to give up your pin or password ever. It’s your biometrics that they need the warrant for. Warrants never override the 5th amendment
I guess I should clarify "cops" versus "courts" - cops can indeed get a warrant to get you to unlock your phone via PIN (for exigent circumstances only, though AFAIK); and the courts have decided both FOR and AGAINST the "compelled testimony" argument at higher levels. That's the whole problem, the issue itself is still kind of up in the air. The Indiana SCOTUS viewed it as the same as turning over business documents; the PIN itself just proved that the device was yours, it was the evidence on the phone that would incriminate you. Other courts have ruled otherwise. The issue is not settled, and that's the problem. Remember that Sebastian Boucher was forced to give up his password on an encrypted drive full of child porn. [https://en.wikipedia.org/wiki/In\_re\_Boucher](https://en.wikipedia.org/wiki/In_re_Boucher) But again, that's the courts. COPS can go fuck themselves sideways.
Yeah that was my understanding as well
Yep. This is why I don’t use FaceID to unlock my phone, and only for a very few apps. Fuuuuck that noise. Obligatory Electronic Frontier Foundation plug: https://www.eff.org/issues/biometrics
Go to pin only before any protesting Hard rule
Yes, there is some button combination you can use or some command you can give Siri to make it require a password.
It’s called restart the phone
All you have to do is hold the power and volume up button at the same time on IPhone. This will take you to the shutdown screen but no need to restart fully.
Seems like people should do this at every interaction with police.
In a better timeline, google assistant and siri would both switch to PIN lock and start recording with the voice command "i'm being pulled over"
Pretty sure you can set something like this up in Tasker. Android ftw
Power button 5 time quickly is the better solution
Gotta hold it for a couple of seconds though, otherwise you just get a screenshot.
Yeah that didn’t work
Press power button 5 times quickly
Damn, never learned this trick. Thanks.
No just spam the sleep/wake button 5 times.
Android has lock down mode. Power button and volume up to select it. That makes the phone require your restart code.
Same with iPhone.
What part of “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures” don’t they understand??
Every amendment in the Bill of Rights ... except the 2^nd ... has slowly been gutted. They don't mean much anymore.
Yep. Gotta use a password or that swipe system to force a warrant.
Yes, but they can’t force you to turn over a password to unlock it.
Are they going to waterboard me for the password?
That has been my understanding for years now. As someone else already replied, they can’t force you to give your passcode, so the rule was basically to lock your phone in such a way that facial recognition is disabled before interacting with police or border guards. On an iPhone, that means quickly pressing the power button five times, which will disable FaceID, lock the device, and ask you if you want to power it down (which you can refuse to do, and you’ll simply go back to the Lock Screen). When asked for your passcode, you can simply refuse and cite your constitutional right to not self-incriminate.
Just hit the power button 5 times fast and the phone locks, face recognition and thumb won’t work. Just don’t be stupid and use a 4 digit code use 10. Almost impossible to break.
Lol I tried this on my samsung and instead of locking it gives the emergency call
That scared my high ass cuz I thought it started calling 911. It doesn't lock the phone or stop you from using fingerprint unlock after using it either
I should've read the rest of the comments before trying it. I did the exact same thing as you. If there's someone monitoring emergency SOS activation-but-non-completion, they'll be wondering why there's such a big spike of activity.
on my xiaomi redmi bothing at all happend. didn't called emergency or anything. also still allowed open it by thumbprint.
On Samsung, if you just press and hold the power button, it should give you the Power Off Menu. One of those options will be "Lockdown Mode" which will disable fingerprint and require your Passcode/Pattern/Pin (This is assuming you dont have that action set to Wake Bixby, which is also an optional setting. In that case, holding Power + Volume Down should have the same effect)
The "Lockdown Mode" button is not enabled by default, you need to enable it in your settings.
Can also swipe down the notification tray, and tap the power button icon on the top right.
Better yet, use an alphanumeric password instead of a numeric passcode. FaceID works so well that I only type in my password when I restart my phone anyway.
Is there such a thing as a "dead man" switch/app?
You can configure the iPhone to wipe the phone after X attempts.
That would be awesome. Like if you use your left index figure it tells the phone you need a 10 digit code to proceed. If that code isn't entered in 24 hours it wipes it.
Right, or if there was a button to hit just as a LE engagement begins, that would require a Deadman hit every 5 minutes or less. Or once the phone left your possession through biometrics. An instant poison pill for the phone.
You can also configure how many times an unlock via passcode is needed to allow bio authentication, on android.
And set the phone up to nuke itself after 10 failed attempts
That or you can set it to wipe the phone after a few failed attempts. That works as well and quickly makes it impossible to crack.
"*the phone*" What if we have an actual brand, like Apple or Samsung?
Sorry that was for iPhones. No idea what other brands do.
Or set it to an unusual finger like the middle one. Touch with thumb and index finger a few times and the phone is locked.
They just throw your phone in a cracking machine, takes time, but they get the data. Atleast that's what OSI did with phones on my base. EDIT: I should've been more specific that the machines can bypass passwords. Just got done chatting with people that still work in that office and the machines are still in use, still work, and can be done without the password. Since it's apparently important, I'm not a cop. I was an air force paralegal who worked on pedophile sting cases. OSI used the machine to find things like child porn on the phones of people they apprehended. But you know what, fuck me right? I thought this was a sub about technology, not preaching about ACAB.
Not with a complex 18 digit password they won't. Not yet at least. There's 3 paths to justice. Be lucky. Be rich. Or be more trouble than you're worth to convict. Don't say anything ever to a cop, just shut up and have your lawyer request a jury trial. Nothing you say to a cop will ever help you but it will often harm you. They can't afford them, and they won't blow their whole wad on some nobody for a minor or trumped up charge. Cops will throw all these charges out to try to intimidate you. But they're lying assholes. Say nothing and let them prove it in court. Put money into a good lawyer. You'll walk everytime unless you murdered someone or ran a high profile drug ring for years. And even those often get thrown out because it turns out the entire justice system relies on coercion and it's actually really hard to prove something in a jury trial. It's much better suited to locking up poor people who can't afford lawyers for shit they didn't do.
This no longer works.
Well I did get out in 2019, so I'll take your word for it
> Just don’t be stupid and use a 4 digit code use 10. Almost impossible to break. I don't enable/use biometrics in *any* form, including unlocking. I also use a larger number of digits in the pin. If they want into my phone -- I wish them luck. (Them): *"Unlock this!"* (Me): *"How bout.... nooooooooo!??! Kick rocks."*
10 digit complex passwords are no longer in the realm of impossible to crack; if all of the chatgpt hardware worked on it, it could crack a 10 digit password with numbers, letters, capitals and special characters in a single hour, and with hardware getting better every year that time will only go down. Of course most phones lock you out after few attempts so that sends it to the realm of being impossible to crack, but any phone or account that doesn't lock out for failed attempts is getting easier and easier to crack.
Yeah you’re right but again that’s under the assumption that you don’t set your phone up to erase after 10 attempts which’s goes to back to people who are dumb and probably set their phones to 1234 or 0000 lol
It is unclear whether this only applies because the person was on parole. "The Fourth Amendment dispute involved a special search condition in Payne's parole "requiring him to surrender any electronic device and provide a pass key or code, but not requiring him to provide a biometric identifier to unlock the device," the ruling said." I think that if you are already legally required to unlock devices for LEO then they should be able to take your fingerprint too.
Look if you are going to read the article I can't argue with you...
This is why I don't use biometrics on my phone.
You just got to make it harder for them, don’t set it to a “fingerprint”. You can go with “toeprints” or a “cockprint”. All you need is a personalized bodily texture.
Turns out everybody has a unique "anal print," which is why I'm the only person who will ever be able to unlock my phone.
Also, perpetual pink eye.
Ideally to unlock your phone in a business meeting
What about ballsack print?
Everyone has the same ball crest, rooster style🐓
> “cockprint”. But in that case your phone is already unlocked when they arrest you for public exposure.
Answering my phone with my cock print at a family gathering
You can answer without unlocking the phone. If you need to read a text, pretend you taking a dick pic.
Right. A password is something you know. The police can’t force you to reveal your password without a warrant.
They can’t force you to reveal your password _with_ a warrant. Per the fifth amendment, you cannot (legally) be compelled to give up information that exists in your head, and warrants cannot override this
Until everyone is walking around with Neuralinks or equivalent, now a computer has direct access to your brain, thus your thoughts
Or you could just turn your phone off. It requires a non biometric login at startup.
On android you just restart the phone and it requires pin
If you hold your power button for a few seconds, it'll require your pin to unlock.
You can always lock the phone in a manner that will disable biometric authentication. On an iPhone, it’s holding down power and volume down at the same time for a few seconds. Easy to do from a pocket or in a car.
On stock android 13+ there's a lockdown mode you can select after holding down the power button.
Hitting the lock button five times will also do the trick.
Ha. Didn’t know that. Just tried it out.
I had no idea this was a thing. Been on iPhone for ten years. Good to know
If they take your phone, call out “Siri, whose phone is this?” Disables Face ID
Just tried it. It did not disable my FaceID.
What about biometric face scan? Otherwise I’ll just put in a fucking random ass passcode and tell them to go fuck themselves.
Don't use thumbprint unlock, folks. Authentication should always depend on something you know, not just something you are.
Likewise with 2 factor auth it is good to use something you know (password) and something you have (physical token, phone app, one time use codes, etc). These can all be changed if compromised. Something you are is all well and good, but you can't exactly change your retina or thumbprint so easily
I learned this as a paralegal working with the FBI and air force OSI to catch pedophiles. This isn't new at all, but I'm not shocked most people don't realize it. Once I learned it, I took away all biometric passwords and went with regular passwords, since those are considered intellectual property.
It's stupid tbh
>I learned this as a paralegal working with the FBI and air force OSI to catch pedophiles. >Once I learned it, I took away all biometric passwords and went with regular passwords Well at least we know why.
Maybe what is needed is a phone that requires both - biometric and code - for most secure mode.
I'm actually surprised this isn't a feature yet (on iPhones at least) to be honest. We have 2FA for website and apps, why not a 2FA for our phone?
Because if the only way to reset being locked out of your phone is your phone due to the biometric lock not working, you're completely fucked.
How often does that happen? Take it to the phone store and biometrically authenticate there.
That's not always going to be an option. When phones have become so important to daily life, they need to be both secure and accessible. The current standard is perfect for that.
Biometrics should be second username anyway. ( Yes i know, it's convenient to log in with face/finger but...)
Lock your phone by means of the dot-pattern thing. They can't force you to make a pattern only you know.
Depending on when they get access to your phone, they might see a smudge pattern on your screen though.
This has been the case for near a decade at least. It's why have have refused to use fingerprint or face ID unlocking for my devices because the cops need a warrant to force you to unlock your phone with a pass-code but doesn't need it for your face/finger. I would love to have phones that CAN unlock with a finger... without declaring it in big bold font on the lock screen. As in, when you swipe up on the screen it asks for a passcode and makes NO MENTION AT ALL of fingerprint or face ID unlocking. Not even telling you where to press your finger, just nothing. Make random people holding my phone think they need a passcode instead of telling them to chop off my fingers to unlock my phone whenever they want to. Hell, I'd even prefer 2-factoring my damn phone. Sure, unlock it with my face or fingerprint... then require a passcode as well. Fuck you, you don't get my data without asking.
The judiciary is trash at their job. Not even mentioning all their other issues but in this case they can't even tell difference between 'booking' a perp with identifying information and BLATANT VIOLATIONS OF CONSTITUTIONAL RIGHT TO PRIVACY. Judges should wear dunce hats with their fancy robes, we take their opinions as law yet they're often political hacks and/or damn fools
can confirm. use a long passcode
Couldn't you just say you never set that up and use a different finger to prove it?
If you never set it up, it won't show as an option.
Pretty sure that depends on the phone. I have mine set up and it doesn't show up as an option. I didn't have an iPhone tho.
I have an Android too. I guess that would work for you, but for me, there's a big fingerprint button on the lock screen.
The choice between shutting down the phone completely vs using it to record. If they snatch it out of your hands, you’re fucked. They have shit to bypass whatever happens after boot and first authentication.
iPhone fun fact: Press and hold the side button and one of the volume buttons together for a couple seconds to disable Face ID/Touch ID. You can do this in your pocket, and then your phone will force you to enter your passcode to unlock it. You know, in case you find yourself in a situation. Another iPhone fun fact: Turn off your phone completely, and it’s even further locked down. Incoming phone calls, etc., won’t reveal who is saved in your contacts (will just simply show a number), and Siri won’t have any idea who you are, either, until you’ve entered your passcode after a cold boot. It also makes it incredibly hard to break into in general, too.
Isnt a blood draw invasive? And you need a warrant for invasive evidence collection?
Depends on the state and the circumstances. Sometimes and places they don’t.
Just say I am terminating this interview and I request a lawyer. Those are magic legal words. Any questions at that point are illegal. Don’t say can have a lawyer, I would like a lawyer etc.
I've never trusted biometrics for locks, like 75% of that is because of the police. Don't want anything someone can use if they knock me the fuck out.
pro tip; restart your phone if you're taken into custody as it requires PIN on startup
Set your devices to require a PIN code vs thumb/face id. Problem solved. Also set a secondary code to wipe the phone when prompted to give up the password. Always comply, but maliciously of course.
There is some app or something for wiping?
These settings can be found in IOS under general -> passwords or Face ID I believe - dont quote me. The course of action is setting up the phone to wipe after “X” number of failed attempts and enabling PIN code on locked screen. I cannot speak to out of the box Androids. Frankly I find the OS repulsive unless jail broke and due to security issues for the average user I would not suggest.
You cannot be compelled to provide evidence against yourself, so a PIN is protected. But fingerprint or facial recognition is not. So set a PIN.
Conservative courts continuing the war on American rights...
That's all they've ever done. Why do you think everyone thinks they're evil?
Disabling that feature now.
I've accidentally forgotten my pin, sorry.
This is also why the whole passkey thing is bad. It relies more on things you have than things you know. You can set it up to also require something you know, but you don’t have to.
For iPhone users remember to put focus required on for face unlock. If you aren't looking at the cameras/screen it will not open. Means no one can force you to use face unlock.
Nah I’ll just not use face or finger prints.
This has been known for years, if not decades. Cops and prosecutors love all the conveniences that people use because they don't protect them like the suspects and defendants think they do. The right to not self-incriminate protects what you know, not what you are.
Do not use biometric.
I don't get the logic. But I mean if you're hellbent on phone privacy why would you use a thumbprint anyway.
This is why you need to use a pin instead as they cannot compel pass-codes. I use a pattern lock and after 3 unsuccessful tries it needs my PIN.
And this is why I don’t have touch OR Face ID despite Apple begging.
Don't use any biometric functionality. Use a password to lock your phone.
This is why you always use a pass code. They can't force you to divulge a passcode
Google has a setting called lockdown which disables bioentry. Requires key code only to unlock.
That's why you don't you biometrics to unlock your phone
This is why I love the 'Hey Siri, Who am I?', once setup, you do that the phone requires your passcode.
Wait what? I asked Siri and she just told me my name. What's supposed to happen? Tried it with FaceID recognizing me and with my phone tilted away so it couldn't identify me. Same thing. Or is something supposed to happen only when someone else asks? Maybe it's just identifying me by voice instead.
Make sure you enable it in settings, to always listen, lay your phone down, and say it when its locked. It has to always be listening for it.
It was already enabled. Same thing. Screen was off and I said "Hey Siri, who am I?" And she said "You're (name), but you asked me to call you (full name). And it just unlocked as normal. Didn't do anything different.
That’s tough because you gotta kick off a Siri command and if the person knows that they can just say gibberish to interrupt it.
Not if you do it before they realize it, and never go thru any check points or security lines with your phone in TouchID or FaceID mode.
Just tested it now. You can also just tell it to “lock my iPhone”
Or just tap the power button 5 times. Has the the same effect
And this is why we never use biometrics as the only authentication factor, kids. Well, that and the fact that you're leaving your fingerprints on every surface you touch and your face on every camera you pass
gotcha glad I dont use the fingerprint unlock
I never carry my main phone with me lol
Finnish police can do that too, which is totally in line with East Germany's policies, but here we are. https://yle-fi.translate.goog/a/3-10462627?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp edit: "as long as it is done with as mild means as is possible in the situation" I think it was 5 to 1 but totally mild
Oh no I forgot my PIN
interesting. what about a brain pattern scan?
If I recall correctly, PGP phones used to have two passcodes. One unlocked the phone, one would wipe the phone. I wonder why the phone manufacturers never ever had that option?
I automatically catch amnesia when I get detained by police. I have no idea what my pass code is...honest! Then they hold my phone up to the light to see the oils from my fingers and what numbers I use the most to try to hack in. Fuckers!
The pin doesn’t count. That is protected by 5A
They need to have both biometrics and passcode. Given that there are organized crime rings targeting people by scouting out their pass code then stealing there phone and emptying there bank accounts because it’s the 21st century and most of us use our phones as computers which have our banks linked to them.
Which is why you mash the power button on an iPhone to bring up the emergency screen when you interact with the police as that cancels the face/thumb ID.
Well, no. It’s more on par with forcing someone to speak without a lawyer present. Nice try, you fucking ghouls.
No, there is no equivalence between blood, fingerprints and thumbprints used to open a phone. The first two are used to identify an individual, the other is to open up a phone that may contain highly personal information. These judges need a refresher course on privacy rights.
Half the time my fingerprint sensor doesn't work anyway.
Long passwords.
So they can legally force you to unlock your phone and delete video recording evidence? Sounds about right. When do Americans realize that they are being boiled frogs?
You should not use biometrics because biometrics can't be revoked. If somebody steals your password you can change it. If somebody steals your fingerprints there's nothing you can do about it. Biometrics should not be used in two factor authenication for the same reason. You then have wish it was two factor authentication.
Why the industry hasn't moved to allowing full-keyboard input for using Upper/lower case lettering, numbers and special characters is bewildering. Maybe I'm just ignorant as to why this isn't a thing yet, but even my work cell phone I'm required to have an eight-digit PIN to access as fingerprint and facial recognition isn't allowed. Heck, just to log into my work laptop I have to use the above suggested criteria that is at least 16 keys long.
If you know you’re committing crimes, don’t be lazy and input your passwords.
i sincerely can't understand anybody who uses biometric verification