I mean they can try.
And this is why you never, ever, EVER enable biometrics. EVER. Make a damn password or at least a very long PIN and enter that shit every time.
For people who don’t want to do that: turn off your phone if there’s the likelihood that your phone will be confiscated soon (crossing a state border or getting a perquisition). This will
- Disable biometrics
- Encrypt everything
And this only makes it more expensive and time consuming to unlock. So if you’re small fry, they won’t waste the resources. But if you are a “person of interest” don’t be dumb, bring a burner phone.
On Android, entering lockdown mode does the same thing. You can do it by pressing volume-up and power at the same time, then tapping Lockdown.
Not all phones work that way. Just tried it on mine btw
deleted by creator
Or power it off when they ask for it to disable biometric unlock.
Not always an option. Sometimes reaching for your phone to turn it off will get you killed. Just don’t use biometrics.
Completely agree. There are a surprising number of folks who should know better who will swear up and down how safe they are. If they like the convenience and the “cool factor” of using them…that’s fine, whatever, none of my business. Just don’t try to gaslight me that they are safe.
I can’t find a lockdown mode in MIUI.
One way to enforce the PIN unlock in MIUI if you have it with fingerprint unlock is to tap the fingerprint scanner five times with the wrong finger and it will ask for the PIN. After entering the PIN the fingerprint will work again.
Just enter the wrong password a few times
This is about biometrics, not passcodes.
restart de phone, most of them will require the passcode at least once before enabling biometrics
He was handcuffed, I know we like to conjure up cool scenarios but realistically you won’t have the time for this, better to remove biometrics.
The statement is but an option, of course you couldn’t handle your phone handcuffed, that would be extremely difficult.
It’s merely a countermeasure prior to any altercations with officers, most phones automatically restarts if you press the power button for a few seconds.
I don’t think having to resort to such things is cool, but I indeed had to do this once .
Where I live cops often unlawfully search you and check whatever they want. I was stopped at a traffic light, on the guise of a “drugs operation”. Told the officer I’d pick my license and car register, picked those and restarted my phone in 5 seconds. Got out of the car, they searched and soon released me.
In this case nothing happend, but if you’re somewhere where cops search unlawfully, and you were not stopped near an alleyway that cops can beat your password out of you with a wrench, I’d totally say you should restart your phone.
That requires the freedom to do so. If it is a situation where the police interaction starts suddenly, there are many scenarios where this advice is not useful.
You’re correct, it’s but an option. If you have the means to do so I’d go for It.
That’s why passwords are safer in this situation. Cops can’t compel you to reveal it.
You can use the lockdown mode on Android, but you have to remember to turn it on.
Android: Search settings for “Lockdown” and enable “Show lockdown option”
When needed hold the power button and the lockdown option will appear alongside the standard power menu options.
IOS: Hold the Lock button and either volume button to show the power off screen. Cancel out and FaceID will be disabled until you use your pin to unlock the phone.
I did not know about this feature. Thank you!
You can also spam the power button on IOS. It should pop up the same menu as holding the power button. You can cancel, but it requires a password to get back into the phone.
Thank you!
Not sure about Android but IOS you can actually use FaceID for all the things you want like password managers, log into PayPal, and other biometric features but have it disabled to unlock the phone. It’s what I do, you don’t need to spam anything. Just use a pin to unlock.
I’ve never understood people who are happy to give their biometrics to fucking PayPal and every other random company. Just use a password for everything.
That’s a fair point, I don’t want my info given to every private company out there. However the idea of the biometrics (if you take it at face value [no pun intended]) is that the biometrics are stored on the chip in your device. Then the password or authorization is then granted based on approval from that.
It’s not like you can grab another phone and try to log into said service with your biometrics.
I 100000% guarantee there is a backdoor that allows someone (at least the nsa, probably various companies) to get that data.
You don’t “give” your *biometrics to any of them. Your biometric data is used to encrypt and store each services password hash or auth token on your device.
*At least when it comes to login authentication. Nothing stopping them from acquiring your biometric data from a hundred data brokers.
Nothing stopping them
Stop using biometrics for everything, that’ll help
I didn’t know that!
Cool!
Yeah, unfortunately, this isn’t a new thing, just upholding the old standard. I explicitly avoid fingerprint and face recognition features because of this. Your fingerprint and your face are legally considered what you are, so things like 5th amendment right to avoid self incrimination don’t apply, but passwords and PINs are legally considered what you know, so you can’t be forced to divulge.
The wrinkle in this case is that the thumb print giver was in parole. The conditions of parole stated that failure to divulge phone pass codes on phones could result in arrest and phone seizure “pending further investigation”. The parole conditions didn’t say anything about forcible thumb print taking.
So the logic here seems to be:
- If he had agreed to unlock the phone then the result would be the same.
- If he refused to unlock the phone, that is a legitimate grounds for arrest. Fingerprinting is a routine part of being arrested, so there’s really no harm if it’s done on a phone in a patrol car. Either way, the result would end up about the same.
Yeah that’s even less than what the standard is. That’s just saying “you have to do what’s in the conditions of your parole, and we won’t accept sneaky technicalities.”
But I suppose “appeals court rules that you have to obey the terms of your parole” is far less ragebaity.
The real story here is how terms of parole are often ridiculous and contribute heavily to our high recidivism rate. Not to mention stripping away rights.
Not arguing in favor of them, with how awful the police and oftentimes court systems are, I’m not surprised to hear parole ones are bad too. But what about them contribute to reoffending?
(I’m too lazy to check myself right now, and maybe the answer will help others too? Plus it might vary in jurisdictions)
I wasn’t referring to the parole officers per se, just the parole stipulations. For example, a common one is that you must be employed. But then you also must make your regularly scheduled meetings with your parole officer, which are scheduled during working hours. The parole board will determine your address (usually as a stipulation of release, usually with family) but the parole office will be on the other side of the city. Public transit is unreliable, if you miss your bus you go to prison.
I had a friend of a friend who was getting released to a halfway house. Never saw the light of day. When they released his clothes to him, that he got arrested in seven years previously, they found Marijuana seeds in the pockets. Not bud, seeds. That’s a parole violation, instant back to prison for 3 more years, minimum. The parole officer who was there told me about it (was also the officer of my friend, who I was giving a ride to).
Any time a cop has the legal authority to access the contents of your phone, you can be compelled to provide your fingerprint or face to unlock it if that will work. If your phone doesn’t have those features enabled and relies on a PIN, they can’t force you to tell them that outside of some unusual circumstances like parole obligations because you agree to those. They can still access your phone, but only to the extent that they can without the PIN. In this case, cops had the required authority because of his parole obligations, but they’d be equally able to force you to unlock by fingerprint or face if they got your phone as part of a search warrant and I think if you’re arrested but only if your phone is relevant evidence. Maybe even if it’s not, but I’m less sure about that.
I just have lockdown mode enabled from the power menu so that it forces pass code login instead of allow fingerprint login.
Never been pulled over or talked to a cop (other than family members) in my life.
Oblig:
I miss when crypto nerd meant cryptography nerd
It still does. People who like cryptocurrency are crypto bros (regardless of gender).
?
They mean literal cryptography.
https://en.m.wikipedia.org/wiki/Cryptography
Now, a lot of old crypto bros were the origins of crypto currency, but that’s a different breed of nerd than the modern crypto bro. The difference is how much you like math and how many posters of Alan Turing you have.
I don’t really know how you misunderstood his post in order to correct you, but I’ll try.
He’s saying crypto nerds like cryptography and crypto bros are cryptocurrency shills.
Ah, I see. The confusion happened because crypto nerd absolutely does not mean that to the casual public anymore, as bemoaned in the parent comment, and I didn’t realize he was insisting there is still a distinction.
I really don’t have a leg to stand on with that topic because I always put “libertarian” in scare quotes.
The thing is, however, that a lot of the crypto nerds are also crypto bros. Or at least, they’re who the crypto bros were trying to be, the guys who were mining Bitcoin when it was worth $0.13, but those two people sound exactly alike on the Internet on their shared interest because they’re both trying to sell you the coins.
cryptocurrency is applied cryptography, no reason you can’t like both.
Biometrics are not secret and should not be used in place of passwords. They are identity like a user name. It’s the same problem with orgs trying to use ssn as a security challenge, with all the beaches pretty much everyone’s is already public knowledge.
i disagree, while not secret, i think a warrant should be required to use them, since it effectively bypasses password auth.
For some reason the typo on beaches got me to laugh. Beaches are a very revealing place I suppose, I felt exposed already when I went to them.
What a terrible decision. That’s like saying if you have a house key they can search your house.
His attorney probably should have raised that objection in the first place. He should have objected based on the phone not being material to the search of the car. But if he didn’t raise the objection correctly during the initial trial, then he can’t raise the objection on the appeal either.
they did in fact use the data seized from his phone to find his house, then took his key and searched it
There are finger print locks for doors available commercially too
There’s a reason they keep you focused on the first two amendments. Don’t want you realizing how comfortable they are with unregulated search and seizure.
Honestly idk how the civil forfeiture can possibly be considered constitutional
They can’t be, at least not without a trial.
That won’t stop the Court.
Sneaky fuckers thought I forgot about the third amendment.
Soldiers keep trying to sleep with your spouse?
iOS users can press and hold the power and volume up button until the emergency call screen appears, then release. You now have to enter your PIN / Password to unlock again and not use TouchID / FaceID. Good luck trying to get me to tell you the code.
Similarly, on Android there’s an option in your lock screen settings along the lines of “Show lockdown option” that adds a lockdown button to the power/restart menu when holding the power button.
iPhone SE also has that. It’ll disable the fingerprint on next unlock if you hold the power button for 5 seconds or mash the power button repeatedly (like 5 times in 2 seconds, therabouts). Pretty handy to know these things not only for police but if you get mugged. Everyone should know how to lock their phone out
Or you can press the power button for like 10 seconds, that should force a restart and android asks for password/pin/unlock pattern after restart or after 48 hours.
deleted by creator
I can only count to three. 😔
One, two, five!
-Three, sir.
THREE!
Your comment and the one above should be shared widely these days. Everyone should know this.
Everyone should just not use these methods to unlock their phones in the first place. Pressing a power button 5 times, or holding a power button for 10 seconds, or pressing and holding buttons until the emergency screen appears are very easy things to do, at least until there is a cop in your face grabbing your phone and putting you in cuffs.
On Android the lockdown option shows next to the shutdown, requires a code instead of a bio
Doesn’t it boil down to like what you know is safe, what you are can be used?
Like they can’t make you give passwords, but biometrics are vulnerable.
Restart your phone beforehand so that it won’t accept biometrics
Both iOS and Android have Lockdown options, so that isn’t even completely necessary, granted it will also work.
Before the police pull you over?
On iOS hold vol up (or down) and power at the same time. It starts SOS but you can cancel. At this point Face ID is disabled and you must enter your pin to reenable it.
So yeah. As soon as you see lights, hit that cop button.
Just make sure you have all your docs on paper so you don’t have to open your phone.
iPhone users:
-
DO NOT USE FINGERPRINT unless you absolutely have to for, say, disability reasons.
-
if you use facial recognition, don’t. Same as above.
-
If you find yourselves in a situation with the police, tap the lock button 5 times. This forces a passcode to open the phone and they cannot (yet) force you to enter a passcode.
Anytime I am filming a protest or anywhere near police, I just tap the lock button a bunch of times in my pocket and I can rest easy.
I learned something from my (quite activists) daughters recently: they delete the Signal app each time they cross a border.
It’s the main coordination and information tool in their circles, and the recommended behavior is just to not have the app when at risk.
Good luck finding incriminating evidence stifling through zillions of Pouting Selfies and Gossip-Sharing Screenshots of Idiot Boyfriend’ text messages.
You can also just hold power + volume up while it’s locked, once you feel the buzz it won’t accept biometrics until you put in the password.
On Motorola it’s press power + volume up button and then the lockdown button.
Samsung users (not sure if it also applies to other android flavors):
Go to settings>lock screen>secure lock>show lockdown option and turn it on.
Now if you hold the power button for over a second, a menu pops up with an option to turn on lockdown mode. This disables all biometric unlock methods until the next time you unlock it.
You can also turn the phone off.
Edit: and I also have this on my Pixel so this may apply to all versions of android
Is it a rumor or is there a legal requirement that you must have some battery juuce left (in your laptop iirc) in order to cross US or UK borders? I remember this as an answer to “sorry, can’t fire up my device I’m out of battery”.
I’ve seen it happen when flying back to the US through Germany. There was random additional searches at the gate for select passengers. The guy next to me could not get his laptop to turn on as it was out of juice. He was told either he finds / buys a charger or the laptop is not flying with him on the plane.
I don’t see how they can ever enforce that. Also, if they really want they can plug the device in and make you log in I guess?
on android you can get Private Lock which locks your phone and disables biometric unlock, when the phone is shaken hard enough
Holy crap this is a great tip I did not know! I haven’t had a run in with the police in like a decade, but better safe than sorry. Hopefully I never need to use it, but I just tried it on my iphone and works like a charm, so thanks mate!
Another dude pointed out you can hold lock + volume up as well
Anytime I am filming a protest or anywhere near police, I just tap the lock button a bunch of times in my pocket and I can rest easy.
How does that help if the police are the ones that alert you to their presence? I highly recommend against quickly shoving your hand in your pocket to tap a button 5 times.
I do it in anticipation. It’s not like they sneak up on you like a ninja. They are very clearly around.
Plus it takes like 2 seconds. Unless they got you at gunpoint you’re probably going to have an opportunity to accomplish this. Most people interact with police in the US being pulled over - you’re telling me you can’t lock your phone before they come to your window?
-
Maybe make that tapping your finger on scanner will actually wipe device?
What an outrageously evil and dystopian ruling.
Bending over backwards to find logic that lets cops ignore the Constitution.
If it’s a search violation without biometrics then it’s a search violation with biometrics. Next up they’re going to rule that no matter how much you get recorded telling them you don’t consent to a search, a search is legal as long as they can smash their way into your car.
face based and fingerprint based unlocking schemes is a bad idea.
if you dead someone can still unlock your phone with your corpse
You are unable to care at that point though.
Stealing from an dead person is still stealing.
From their heirs, maybe.
I consider the real question to be how they ended up dead but you do you.
PSA FOR IPHONE:
if you press volume up, then volume down, then hold the power button until the power slider comes on, then it will disable biometrics until next unlock
For GrapheneOS (custom android), there is Lockdown button next to power off and restart which does the same thing. I think it may be on other Android phones as well but not sure.
Yeah, it’s a feature on stock android. Should be in most android flavors
Graphene even has an option to enter a fake pin and wipe the phone iirc.
Yes, known as Duress password.
Yes, and it may be a good idea to have it just in case. But the courts in the US so far mostly ruled that police forcing you to give biometrics to unlock is fine, as it is the same as fingerprinting you when you are arrested. But forcing you to give pin/password is the same as testifying against yourself, which is against the 5th amendment. So they usually can’t make you to give them a pin/password. At least in theory. Still better to have it in practice.
Why tf to use biometrics then?
99% of the time im not in a situation where i am being confronted by cops, but crossing a border or a traffic stop it is nice to know
Do you have to slide the power slider and turn off your phone for it to work? Or does it disable biometric as the slider show up?
as soon as it shows up, i have also learned in this thread that clicking the power button 5 times does the same
Lol that’s emergency 911 on my phone
Just learned something new. Thanks!
I just tested it… it’s the same combination for a fast shutdown. Up > Down > Hold Power (1 second hold), then you’re introduced to the option of sliding to power off. If you exit from that prompt or just leave the screen idle for about 10-15 seconds (I didn’t count it) you’ll be forced to enter passcode.
You won’t have the time or ability to do this when the police are involved. DON’T USE IT. It’s not secure.
Legit.
Laughs in Galaxy S8 where the fingerprint scanner only works if all planets are properly aligned which happens only once in 28 years.
Dude I have this old Galaxy XCover thing for my work phone and I swear to god I’ve wasted 3x as much time repeating the stupid fingerprint unlock over and over than if I just always used my PIN. It’s such a piece of shit.
“Cover the entire fingerprint sensor” “The fingerprint doesn’t match” “Try wiping the fingerprint sensor” “Try fingerprint again in 28 seconds”
Try going ahead and fucking off, Samsung.
