Doesn’t it boil down to like what you know is safe, what you are can be used?
Like they can’t make you give passwords, but biometrics are vulnerable.
Restart your phone beforehand so that it won’t accept biometrics
Both iOS and Android have Lockdown options, so that isn’t even completely necessary, granted it will also work.
Before the police pull you over?
That’s why passwords are safer in this situation. Cops can’t compel you to reveal it.
Yeah, unfortunately, this isn’t a new thing, just upholding the old standard. I explicitly avoid fingerprint and face recognition features because of this. Your fingerprint and your face are legally considered what you are, so things like 5th amendment right to avoid self incrimination don’t apply, but passwords and PINs are legally considered what you know, so you can’t be forced to divulge.
The wrinkle in this case is that the thumb print giver was in parole. The conditions of parole stated that failure to divulge phone pass codes on phones could result in arrest and phone seizure “pending further investigation”. The parole conditions didn’t say anything about forcible thumb print taking.
So the logic here seems to be:
- If he had agreed to unlock the phone then the result would be the same.
- If he refused to unlock the phone, that is a legitimate grounds for arrest. Fingerprinting is a routine part of being arrested, so there’s really no harm if it’s done on a phone in a patrol car. Either way, the result would end up about the same.
Any time a cop has the legal authority to access the contents of your phone, you can be compelled to provide your fingerprint or face to unlock it if that will work. If your phone doesn’t have those features enabled and relies on a PIN, they can’t force you to tell them that outside of some unusual circumstances like parole obligations because you agree to those. They can still access your phone, but only to the extent that they can without the PIN. In this case, cops had the required authority because of his parole obligations, but they’d be equally able to force you to unlock by fingerprint or face if they got your phone as part of a search warrant and I think if you’re arrested but only if your phone is relevant evidence. Maybe even if it’s not, but I’m less sure about that.
Yeah that’s even less than what the standard is. That’s just saying “you have to do what’s in the conditions of your parole, and we won’t accept sneaky technicalities.”
But I suppose “appeals court rules that you have to obey the terms of your parole” is far less ragebaity.
The real story here is how terms of parole are often ridiculous and contribute heavily to our high recidivism rate. Not to mention stripping away rights.
Not arguing in favor of them, with how awful the police and oftentimes court systems are, I’m not surprised to hear parole ones are bad too. But what about them contribute to reoffending?
(I’m too lazy to check myself right now, and maybe the answer will help others too? Plus it might vary in jurisdictions)
I wasn’t referring to the parole officers per se, just the parole stipulations. For example, a common one is that you must be employed. But then you also must make your regularly scheduled meetings with your parole officer, which are scheduled during working hours. The parole board will determine your address (usually as a stipulation of release, usually with family) but the parole office will be on the other side of the city. Public transit is unreliable, if you miss your bus you go to prison.
I had a friend of a friend who was getting released to a halfway house. Never saw the light of day. When they released his clothes to him, that he got arrested in seven years previously, they found Marijuana seeds in the pockets. Not bud, seeds. That’s a parole violation, instant back to prison for 3 more years, minimum. The parole officer who was there told me about it (was also the officer of my friend, who I was giving a ride to).
I just have lockdown mode enabled from the power menu so that it forces pass code login instead of allow fingerprint login.
Never been pulled over or talked to a cop (other than family members) in my life.
Oblig:
I miss when crypto nerd meant cryptography nerd
It still does. People who like cryptocurrency are crypto bros (regardless of gender).
?
They mean literal cryptography.
https://en.m.wikipedia.org/wiki/Cryptography
Now, a lot of old crypto bros were the origins of crypto currency, but that’s a different breed of nerd than the modern crypto bro. The difference is how much you like math and how many posters of Alan Turing you have.
cryptocurrency is applied cryptography, no reason you can’t like both.
I don’t really know how you misunderstood his post in order to correct you, but I’ll try.
He’s saying crypto nerds like cryptography and crypto bros are cryptocurrency shills.
Ah, I see. The confusion happened because crypto nerd absolutely does not mean that to the casual public anymore, as bemoaned in the parent comment, and I didn’t realize he was insisting there is still a distinction.
I really don’t have a leg to stand on with that topic because I always put “libertarian” in scare quotes.
The thing is, however, that a lot of the crypto nerds are also crypto bros. Or at least, they’re who the crypto bros were trying to be, the guys who were mining Bitcoin when it was worth $0.13, but those two people sound exactly alike on the Internet on their shared interest because they’re both trying to sell you the coins.
You can use the lockdown mode on Android, but you have to remember to turn it on.
Android: Search settings for “Lockdown” and enable “Show lockdown option”
When needed hold the power button and the lockdown option will appear alongside the standard power menu options.
IOS: Hold the Lock button and either volume button to show the power off screen. Cancel out and FaceID will be disabled until you use your pin to unlock the phone.
Not sure about Android but IOS you can actually use FaceID for all the things you want like password managers, log into PayPal, and other biometric features but have it disabled to unlock the phone. It’s what I do, you don’t need to spam anything. Just use a pin to unlock.
I didn’t know that!
Cool!
I’ve never understood people who are happy to give their biometrics to fucking PayPal and every other random company. Just use a password for everything.
That’s a fair point, I don’t want my info given to every private company out there. However the idea of the biometrics (if you take it at face value [no pun intended]) is that the biometrics are stored on the chip in your device. Then the password or authorization is then granted based on approval from that.
It’s not like you can grab another phone and try to log into said service with your biometrics.
I 100000% guarantee there is a backdoor that allows someone (at least the nsa, probably various companies) to get that data.
You don’t “give” your *biometrics to any of them. Your biometric data is used to encrypt and store each services password hash or auth token on your device.
*At least when it comes to login authentication. Nothing stopping them from acquiring your biometric data from a hundred data brokers.
Nothing stopping them
Stop using biometrics for everything, that’ll help
You can also spam the power button on IOS. It should pop up the same menu as holding the power button. You can cancel, but it requires a password to get back into the phone.
I did not know about this feature. Thank you!
I wish there was a way to require both biometrics and PIN. They’re both insecure on their own, but together they’re better. Like instant MFA for your unlock. I would enable that immediately, if it was available.
Edit: then a password / passphrase in case one of the other two stops working (as an emergency unlock).
linux fun fact, im pretty sure you can just do this out of the box using PAM auth.
Gotta love android and IOS being utter dogshit.
Wow, a generic “Linux good, anything else dogshit” comment.
This is in no way relevant to the topic.
This is like if someone posted that they could get their car with the color they wanted and you saying “fuck you and your car, I can paint my living room in any color I want, right now it is striped burgundy and mint, aren’t living rooms way better than cars?”
It is rather “you have proprietary car where you can’t even change volume on radio, while I have car that can be repaired with standard parts”.
With PAM you can do literal math captcha.
Show me a mobile phone running Linux with that config working. It doesn’t exist.
i wasn’t talking about phones, but the pinephone, and the pinephone64, and a handful of other phones that are supposedly running linux, that are either not out yet, or really expensive.
Is this your alt?
lol.
nope, unfortunately this is my main, and by main i mean the one sole singular lemmy account that i have.
PinePhone64.
That is just a Phone model, you have yet to show me that phone being configured as you specified
It’s literally linux phone. It runs regular linux. Regular linux uses PAM modules. There is no difference between configuring it on desktop and on phone. If comprehending ability to use same OS on desktop and phone is beyond your intellectual ability, I will guide you with this logical chain: linux on desktop -> linux on ARM computer like raspberry pi -> linux on ARM computer based on Allwinner A64 -> PinePhone is based on Allwinner A64.
If you still don’t grasp it, I’ll try once more. This can be installed on regular linux. Single Board Computers can run regular linux. This includes Pine64, which uses A64 chip. A64 devices can run it from sd card. And if you can’t imagine how Pine64 that works on A64 and PinePhone that works on A64 are connected, here’s neat trick: insert bootable sd card into Pine64, load linux, configure math captcha module, shut it down, insert same sd card into powered off PinePhone, power it on, it will load exact same OS your Pine64 have been using and where math captcha is configured.
go show me that it’s impossible then, once you show me that it’s impossible i will go and do it myself just to spite you.
and the original comment is entirely irrelevant to the original thread? You can’t be serious.
Am i not allowed to enjoy the flexibility of linux, ever? I agree with the original poster, i think android and IOS should objectively support these features, they have no reason not to. I’ve never said otherwise, i just think they’re dogshit OS’s because they don’t support basic security features you would otherwise expect to any level of consistency.
No, it’s more like ford only producing cars in black, and people complaining about the fact that they don’t come in any other color, and then me mentioning that actually, you can just paint your own car a different color, it’s not really that hard. But regardless of that ford only selling cars in black is a rather shitty business practice to do especially when customers want cars in other colors, because black is, rather boring.
So this is your alt, how cute!
i have an alt? Since when?
I don’t have any other accounts on lemmy lmao, you could doxx me and you would find nothing.
Maybe. I don’t biometrics on my computers. Only phone. I don’t unlock my computer a thousand times a day using a crappy touch kb. Actually, if the phone had a physical kb, maybe it wouldn’t have been so bad. Not sure.
i wouldnt really want to use biometrics on my computer either, i’d rather use a physical security key, but then i’d probably also want to use it with my phone also. So there’s that i guess.
The only issues I have with a yubi on a phone, is the general fragility of USB-C ports (and that there is only one). On a PC or laptop, you’ve generally got several, so if one breaks and the yubi can’t be used in that port, you’re not locked out.
With PAM you can do literal math captcha.
Linux on it’s way to support things because “haha funny, why not”
You claim so and yet have no example article, video, blog post, or any form of proof of it ever being done. Everything is possible in theory, even on iOS (with a jailbreak).
bro i use linux, i have literally configured a fingerprint scanner to work before, do you think i’m just making up PAM?
There is quite literally a section on the arch wiki about this being a thing.
https://wiki.archlinux.org/title/Fingerprint_GUI#Password there are probably a handful of other methods of doing this notably any additional form of 2FA. (like this one is)
although realistically, there are better ways of doing this than using biometrics, physical security keys for example.
Also you say this like the OP actually verified that this was a thing that was impossible and couldn’t be done. You’re also acting like i claimed that this was explicitly the case, which i did not.
bro i use linux, i have literally configured a fingerprint scanner to work before
So did I, can confirm it’s easy, and it doesn’t matter because we are not talking about configuring a fingerprint scanner to work, we are talking about having a phone lock screen that asks for both a fingerprint and a password, something that would require, at the very least, UI that I don’t think exists in any Linux phone project. That there is underlying functionality in PAM to make it happen is irrelevant, because that’s only part of such a solution.
do you think i’m just making up PAM?
No, why? I’m saying that there is no Linux phone where “you can just do this out of the box” like you say.
i wasn’t talking about phones, you are retconning my own thoughts lmao.
No, why? I’m saying that there is no Linux phone where “you can just do this out of the box” like you say.
i did not say that, not once, please show me where on the doll it says “linux phone”
The topic is about phones, and you said:
Gotta love android and IOS being utter dogshit.
If you are saying you started an offtopic conversation about Linux that had nothing to do with phones, and then, unrelated to your own comment, complained about Android and iOS even though your comment had nothing to do with phones, then… that sure is interesting.
It’s sort of there, but maybe more to protect from criminals than abuses of authorities. All of my bank apps require a second authentication to launch or even to switch back to them.
Granted I could turn it that off or set it to biometrics, but I leave it on PINs. A criminal wanting to steal from my bank account will need both my biometrics to unlock my phone and a different PIN per bank.
This even provides some protection from the $5 wrench they’d use. Sure, I’ll unlock my phone at the threat of real violence. But you won’t know ahead of time what banking app I have or even how many, so you may not get them all. Pay by phone may use the same biometric but I can likely dispute those charges after the fact
In the abuse of authority scenario, that may keep them out of my bank records but there are established paths to get that from the bank so they’re less likely to be interested. I’m sure they’re more interested in violating the privacy of my friends and family
What an outrageously evil and dystopian ruling.
Bending over backwards to find logic that lets cops ignore the Constitution.
If it’s a search violation without biometrics then it’s a search violation with biometrics. Next up they’re going to rule that no matter how much you get recorded telling them you don’t consent to a search, a search is legal as long as they can smash their way into your car.
Per the article, I wonder if they have to “mash” the thumb, or if they can simply press it? 🙄
I’ve said it before that I’ll say it again: Biometrics are a convenience to allow you or anyone else to unlock your phone quickly. Biometrics are NOT security.
DO NOT use biometrics to secure your phone unless you want anyone who has you and your phone to be able to unlock your phone without your permission.
Likely GrapheneOS has a duress passowrd feature. Very useful for these situatuons!
How does it work? Can someone use a specified finger to trigger the password requirement?
Nore information at: https://grapheneos.org/features#duress
Passcode. Not fingerprint.
Ah. Then I guess I don’t see how this is related to the post.
I didn’t know that. Is that in settings somewhere?
Edit: yep, see it now. Damn this must be new or I never looked into it.
It’s new as of about 1-2 months ago.
PSA FOR IPHONE:
if you press volume up, then volume down, then hold the power button until the power slider comes on, then it will disable biometrics until next unlock
Do you have to slide the power slider and turn off your phone for it to work? Or does it disable biometric as the slider show up?
as soon as it shows up, i have also learned in this thread that clicking the power button 5 times does the same
Legit.
For GrapheneOS (custom android), there is Lockdown button next to power off and restart which does the same thing. I think it may be on other Android phones as well but not sure.
Yeah, it’s a feature on stock android. Should be in most android flavors
Graphene even has an option to enter a fake pin and wipe the phone iirc.
Yes, known as Duress password.
Why tf to use biometrics then?
99% of the time im not in a situation where i am being confronted by cops, but crossing a border or a traffic stop it is nice to know
You won’t have the time or ability to do this when the police are involved. DON’T USE IT. It’s not secure.
I can’t find a lockdown mode in MIUI.
One way to enforce the PIN unlock in MIUI if you have it with fingerprint unlock is to tap the fingerprint scanner five times with the wrong finger and it will ask for the PIN. After entering the PIN the fingerprint will work again.
And this is why you never, ever, EVER enable biometrics. EVER. Make a damn password or at least a very long PIN and enter that shit every time.
Completely agree. There are a surprising number of folks who should know better who will swear up and down how safe they are. If they like the convenience and the “cool factor” of using them…that’s fine, whatever, none of my business. Just don’t try to gaslight me that they are safe.
For people who don’t want to do that: turn off your phone if there’s the likelihood that your phone will be confiscated soon (crossing a state border or getting a perquisition). This will
- Disable biometrics
- Encrypt everything
On Android, entering lockdown mode does the same thing. You can do it by pressing volume-up and power at the same time, then tapping Lockdown.
Not all phones work that way. Just tried it on mine btw
And this only makes it more expensive and time consuming to unlock. So if you’re small fry, they won’t waste the resources. But if you are a “person of interest” don’t be dumb, bring a burner phone.
Or power it off when they ask for it to disable biometric unlock.
Not always an option. Sometimes reaching for your phone to turn it off will get you killed. Just don’t use biometrics.
iOS users can press and hold the power and volume up button until the emergency call screen appears, then release. You now have to enter your PIN / Password to unlock again and not use TouchID / FaceID. Good luck trying to get me to tell you the code.
You can hit the power button 5 times to accomplish the same thing as well.
Your comment and the one above should be shared widely these days. Everyone should know this.
On Android the lockdown option shows next to the shutdown, requires a code instead of a bio
I can only count to three. 😔
One, two, five!
-Three, sir.
THREE!
Similarly, on Android there’s an option in your lock screen settings along the lines of “Show lockdown option” that adds a lockdown button to the power/restart menu when holding the power button.
I mean they can try.
Jokes on them, my biometrics don’t work most of the time and I have to enter my pin anyway.
I think this would be different for someone not on parole. So like if you’re just speeding and get pulled over I believe they would be violating the law/Constitution if they forced your thumb against your phone.
But they probably do it anyway so good idea to follow the lock down above in this thread.
(Also don’t use electronics to do crimes y’all.)
Only one of the reason I will never use fingerprints. Go get a fucking warrant.
(Also don’t use electronics to do crimes y’all.)
What should we use, paper? Let me print out that new movie frame by frame
Never leave a paper trail. It’s an outdated term now because it applies to emails and texts and everything else too.
Meet and talk in person. Pay with cash. Say nothing over email and phone that you wouldn’t want someone spying on you to see.
Something you have can be forced…thumbprint or face scan. Something you know can’t be forced
Biometrics are not secret and should not be used in place of passwords. They are identity like a user name. It’s the same problem with orgs trying to use ssn as a security challenge, with all the beaches pretty much everyone’s is already public knowledge.
For some reason the typo on beaches got me to laugh. Beaches are a very revealing place I suppose, I felt exposed already when I went to them.
i disagree, while not secret, i think a warrant should be required to use them, since it effectively bypasses password auth.
