For Android: learn the hard reset combo for your phone, especially if you encrypt it.
After rebooting, pattern/PIN will be required to decrypt the phone. Biometrics won’t work for this step. This is what graphene does for security, tries to keep the phone in a “before first unlock” state by rebooting on a timer. You can’t even read anything over USB/ADB, it’s scrambled until you unlock the phone.
The only drawback to just keeping your phone in this state is none of your apps are loaded, so no notifications/updates/processing at all.
You don’t even need to do that. You can go to the power down menu on Android 14 and select lockdown. Even from the lock screen without unlocking the phone.
Tapping lock five times does not start making a phone call and to me is definitely still the faster/more reliable way of doing it. Easy way to force a passcode.
I am also not sure how it’s “intrusive”? What do you mean by that?
This is the advice people (with iOS) should follow, not disabling biometrics altogether. Using FaceID or TouchID prevents shoulder surfing to find out what the password to your phone is. When local passwords have so much control over a device, using biometrics to prevent anyone from seeing what your passcode is is very useful.
Last week, the 9th Circuit Court of Appeals in California released a ruling that concluded state highway police were acting lawfully when they forcibly unlocked a suspect’s phone using their fingerprint.
You can turn that and Face ID off on iOS by mashing the power button 5 times- it locks everything down.
Pretty sure Apple would replace the buttons with pressure sensors – not for user comfort but so that they are no longer replaceable with OEM parts and can be serialized. They did literally this with Macbook sleep sensors.
Probably. Wouldn’t it be good to have the truth during investigations?
However I think that we really need refine when warrantless searches can occur. Right now many searches seem to be done with very little evidence to justify them. I think this protection should apply to your mind and phone just like it applies to your house. This probably also needs to be considered at border crossings. Right now they have basically unlimited rights for searching what you have on you with little to no evidence.
We should probably also rethink about how the information is shared when there is a warrant. Right now during a trial a huge amount of personal information can be made available. Maybe if it was easier to get precise information less would be needed.
Most trials and discoveries are already incredibly invasive. I don’t really see why the mind should be treated much differently. I would rather define what is acceptable evasiveness generally than different for mind vs written down in my diary.
Also why would you do this after they are convicted beyond reasonable doubt? This should only be done when required to reach the conclusion. Just like avoiding physical searches you can just plead guilty if you don’t want to be investigated.
If used properly this could actually be less invasive. Imagine a quick check of some facts that you believe with an automated machine that only returns the basic required information and you could be removed from the suspect list before other searches need to be done (like lawyers searching through your emails or personal notes).
I agree that this is a very dangerous thing to consider, and it needs to be applied very carefully. But I don’t think it is in the abstract any more morally wrong than the current methods of evidence gathering that we currently do. In many ways it could potentially be less harmful to the person being investigated. However it will be impossible to know for sure until we know how exactly this technology (when it is developed) works.
No, mind reading is a hundred orders of magnitude more invasive than any possible search.
There is no possible scenario where it could ever possibly be justified or excused. Your brain is unconditionally sacred. There is no possible theoretical version of such technology that could ever not be pure, unforgivable evil to use without completely uncoerced consent.
Wouldn’t it be good to have the truth during investigations?
Well, yeah, but the mind is fallible. That’s why eye witness testimony usually only gets a case so far, people tend to forget specifics and fill in the gaps without realizing they did.
That is important to remember but it is sort of orthogonal to the point being made. Assuming that mind-reading worked perfectly you can find the truth about what the person believes. In most cases if they think they murdered the person and the gun is hidden behind the oak in their backyard it is beyond a reasonable doubt. I think it is still useful to have the truth about what that person believes, even if we have to remember that their beliefs are fallible.
However I think that we really need refine when warrantless searches can occur. Right now many searches seem to be done with very little evidence to justify them. I think this protection should apply to your mind and phone just like it applies to your house. This probably also needs to be considered at border crossings. Right now they have basically unlimited rights for searching what you have on you with little to no evidence.
to be fair to the current justice system, a lot of times you can just hit the courts with “excuse me sir, this was unwarranted” and assuming it was actually unwarranted, they should overthrow it immediately.
Except it doesn't activate by mashing the power button 5 times. On my Pixel 8, that activates the emergency dialer that will automatically call 911 if you don't cancel the prompt in 5 seconds. I did not know that before. Probably a better use for that feature. It also points out the different ideologies of Apple vs Android.
On my 8, that just activates the Google assistant. To get to the power menu, you have to press power (oddly named button, to be honest) and vol up at the same time. But these are active acts that you have to think about and verify to make sure they did what they are supposed to. Mashing the power button 5 times is succinct. I don't have to guess how many seconds I've waited. I don't have to feel to make sure I'm hitting the vol up instead of vol down accidentally. I count 5 times, 6 to make sure, and I can drop it while being certain that it's going to call 911. That's what I want in an emergency. A quick distinct action that requires no guessing to make sure it works. It makes sense once you stop and think. Nothing else about the power button makes sense, but at least that part does.
I actually didn’t know that was changeable, one of my most hated “features” of my phone that it wants to bring up an AI assistant I’ll never use and didn’t ask for when doing something that has brought up the power menu on every phone I’ve ever owned
I could do that...but then I lose easy access to the assistant. I could set up the tap on back function, but that doesn't work when it's in a holder in the car. There are no options that I can find that would let me assign the assistant to open on power + vol up. Unfortunately these phones aren't as customizable as as I'd like them to be. Or at least not by default, but I don't want to go through the trouble of flashing a new OS yet.
I was mowing my lawn and learned about that feature. A nice ladies voice came through my bluetooth headphones asking if I needed help lol. You can change what the button spam does and I changed it to call my mom instead.
On my ditto (running GrapheneOS), the Lockdown option is accessible through the regular power button menu. When I press power+volumeUp it switches to silent mode. I don’t know if/where I changed this, since I can’t find the options when searching in settings.
EDIT: I just found it - in Settings > System > Gestures > Prevent ringing. I can either set power+volumeUp to mute the phone, or vibrate only. Nothing about the Lockdown option, but having it in the regular power button menu is good enough for me.
If by “regular power button menu” you mean holding the power button for a couple seconds, that was changed at least on pixel devices to bring up some bullshit called “Gemini”, some AI from googie that I never got a chance to say no to. Power + volume up is now how we get to the power menu, because of course they would change the function everyone uses occasionally to a more obscure combination without notice
In a getting pulled over situation, this works. But do it before you go protest anything. Or better yet, leave your phone at home. You don’t want to be reaching for something while a cop is pointing a gun at you and saying “Hands up!”
Not on my Pixel 6. 🤷♂️ It just does what I told it to do, namely to open the camera.
Edit: these are some Reddit down votes. I just didn’t know I had this feature, and I apparently have disabled it, but I don’t remember doing so. Oh well.
I didn’t even know it existed. I had to search to find the setting, but I see it exists on my phone and it’s disabled. I don’t recall disabling it though.
I don’t know how it sounds like a weird flex. I was just asking. I don’t remember if it was something you could disable or not from when I had my pixel 5.
I didn’t even know it existed. I had to search to find the setting, but I see it exists on my phone and it’s disabled. I don’t recall disabling it though.
It’s not a flex… 🙄 I was just confused about how it seemed so established that this was an “Android” feature, so should be activated on my phone too, but it isn’t. And now that I see I have the functionality disabled but people say it’s the default, I’m even more confused because I don’t remember even seeing this setting. 🤷♂️
Right, correcting your incorrect information is “weird flex”. What are you, five?
On my Mi Max 3 it does not work as well. In “configure buttons” section of menu there is no call emergency number action, neither is there press [any button] five times trigger available. So clearly the function your phone has is not universal. What a wild world do we live in!
Thank you for defending me. ❤️ They were correct though. Apparently I had the setting disabled, but I don’t remember doing so. Must have been years ago on another phone? And then carried over when settings migrated? I don’t know when this feature was introduced. But yeah. It’s a thing.
But obviously not universal if you don’t have it. Which Android version are you on?
There are two ways you can do this on Android currently, but they’re not as quick. You can try to unlock with the wrong finger 5 times and it will stop allowing fingerprint unlocks. Or, you can hold down the power button for 10 seconds and the phone will reboot and also disable fingerprint unlocking.
I’ve always wanted a setting to create a lockdown key and an unlock key. So something like middle-finger to unlock but index-finger to force it into PIN/password only mode. So you can have some convenience of a quick unlock but if an authority figure asks or forces you to unlock it you can one-tap lock it down.
That’s not correct. It just says not recognized, and let’s you try again. I just tested it. Do you have documentation that it should work the way you said and mine is faulty?
but realistically it’s not in my personal threat model to be ready to get tied down and forced to unlock my phone. everyone with windows on their house should know that security is mostly about how far an adversary is willing to go to try to steal from you.
personally, i like the natural daylight, and i’m not paranoid enough to brick up my windows just because it’s a potential ingress.
It’s not a great analogy. Your house and its windows are exposed to your neighborhood/community. Your internet device is adjacent to every hacker on the web.
it’s an analogy that applies to me. tldr worrying about having my identity stolen via physical access to my phone isn’t part of my threat model. i live in a safe city, and i don’t have anything the police could find to incriminate me. everyone is going to have a different threat model. some people need to brick up their windows
Assuming the phone’s security works as intended, what you’re saying is true. However, it’s a legit concern that the security is not airtight, and physical access is not actually required to harvest your biometric data.
I know the phone manufacturers make all sorts of claims about how secure biometric data is, but they have a profit motive to do so. I’m not being brick-up-my-windows paranoid by pointing out all the security failures and breaches we’ve seen over the years. Companies that have billions on the line are still frequently falling short at securing their own assets, much less their customer’s data.
I understand biometrics are convenient, and many folks love the ease / coolness factor of using them. Just don’t kid yourself that it’s secure by requiring your physical phone. Once the dark web has a digital copy of your biometric data, it’s compromised forever.
That’s not retrieving the biometric data from the device, that’s retrieving the biometric data from surveillance or physical interaction.
It’s quite specifically the type of threat that most people do not need to worry about.
So, it really depends on your personal threat model.
For background: the biometric data doesn’t leave the device, it uses an on-device recognition system to either unlock the device, or to gain access to a hardware security module that uses very strong cryptography for authentication.
Most people aren’t defending against an attacker who has access to them and their device at the same time, they’re defending against someone who has either the device or neither.
The hardware security module effectively eliminates the remote attacker when used with either biometric or PIN.
For the stolen or lost phone attack, biometric is slightly more secure, but it’s moot because of the pin existing for fallback.
The biggest security advantage the biometrics have to offer is that they’re very hard to forget, and very easy to use.
Ease of use means more people are likely to adopt the security features using that hardware security module provides, and that’s what’s really dialing up the security.
Passwords are most people’s biggest vulnerability.
I’ve read all this before. If you believe the people who designed and implemented the device and its myriad layers of firmware and software were 1. All acting in good faith and 2. Knew WTF they were doing… then: yes, sure.
Unfortunately that’s way too many strangers for me. Hundreds of people design and code these things. Meanwhile, every week there’s a clever new breach somewhere.
You should be more worried about your local doctor’s office contracting some cheap-ass company to handle your data and ending up in a branch than being concerned about biometrics.
Or hell, Experian had that insane breach of basically everyone’s information years ago. Biometrics are not the problem, it’s smaller companies that you have to deal with all the time skimping on security because they think they can’t afford it.
And then companies even more shady than Google and Apple and Samsung (loan companies, health systems contractors, banks, credit card companies, insurance companies) have all your data and are more likely to be involved in a data breach.
While I do respect that viewpoint, there’s a lot more independent scrutiny of the hardware modules than there are around the parts that would handle any other authentication mechanism you might use.
Just because something isn’t perfect doesn’t mean we should keep using the less good thing that it replaces.
Use the PIN if that’s more your cup of tea, just so long as you move away from passwords, since it’s the HSM that’s the protection, not the biometrics. Those are just to make it easier than passwords.
Add comment