Law enforcement shouldn't be able to get into someone's mobile phone without a warrant anyway. All this change does is frustrate attempts by police to evade going through the proper legal procedures and abridging the rights of the accused.
Yep! The police, being fascists, HATE this.
well it's kind of a selling point. I'm just too used to using android, though.
Edit - there's something for that too, cool!
You can enable lockdown mode. It forces the next unlock to ignore biometrics and require a pin, which police cannot force you to divulge without a warrant. Once enabled, you get a "lockdown mode" option in the menu when you hold down your power button.
You can use GrapheneOS, a security-focused version of Android which includes auto-reboot, timers that automatically turn off Wi-Fi and Bluetooth after you don't use them for a certain period of time, a duress PIN/Password that wipes all the data from your device after it's entered, as well as many other incredibly useful features.
It's fully hardened from the ground up, including the Linux kernel, C library, memory allocator, SELinux policies, default firewall rules, and other vital system components.
IT support everywhere sigh in satisfaction
There is no shortage of reasons to dislike Apple. This isn’t one of them.
There is a scene in Mr Robot where Darlene is able to do a full wipe on her phone without even looking at the screen.
I wish I was that good.
I want a way that I can trigger this from the main lock screen without unlocking the phone.
Like a specific pin you have to enter twice to trigger the full wipe.
speaking of that.
this can wipe your phone on a trigger, or lock it with a different code, or send a broadcast message that other apps can act on: Wasted (Lock a device and wipe its data on emergency) https://f-droid.org/packages/me.lucky.wasted/
this reads the screen to see if you have used a special unlock code: Duress (Duress password trigger) https://f-droid.org/packages/me.lucky.duress/
read the app description of both, there's important information
I feel that a lot of the hate for Apple is not fully warranted. Contrary to Google or Facebook, their business model is not built on collecting your personal data. They are extremely overpriced, but deliver good quality - I am using my first iPhone for more than 4 years now, I never had and Android last nearly that long.
As a member of the intelligence community, I can almost guarantee that this is directed at the increased use of Cellebrite UFED hardware, specifically putting the device back into BFU mode, which removes cryptography-related memory allocations. This is also why you're asked for your password instead of face or fingerprint upon reboot.
I don’t know how Cellebrite is a legally operating company. Their entire business model is a violation of the computer fraud and abuse act.
No that’s only for when poor people do it
Cellebrite is developed in Israel, a country that legally shouldn't even exist, and is known for genocide, crime, espionage, manipulation and propaganda, more war crimes, illegal settlements, using their intelligence agency to assassinate political opponents abroad, etc.
The so-called "only democracy in the middle east"
Which is great, because you can't warrant a password.
I am also an intelligent individual in a community! High five
Thank you Apple, right side of history here, fuck fascist pigs
Wouldn't that disrupt the usage of a phone as a server?
oh fuck I can't stop laughing
You joke but people do that. I've seen people repurpose their old android phones to host small services on their home networks. I won't comment on how reasonable it is because battery, but it's a thing.
Literally no difference between a low power SOC RaspberryPi or a fucking phone which is the same thing with a built-in display.
That's it!! Now I will NEVER use an iPhone as a server. 😋
On one hand, Fuck Da Police
On the other hand, Fuck Apple
Meanwhile security-oriented Android forks: "You didn't do that?"
Actually, Graphene and Calyx have this feature. I believe graphene may have it on by default at 18 hours, but I do not know about Calyx.
I think this used to be possible with tasker, ironically though probably not anymore before of all Google's restrictions on Android. (maybe if you have root)
Why does rebooting it improve the safety or security of the phone?
When you first boot up a device, most data on that device is encrypted. This is the Before First Unlock (BFU) state. In order to access any of that data, someone must enter the passcode. The Secure Enclave uses it to recreate the decryption keys that allow the device to access that encrypted data. Biometrics like Face ID and Touch ID won’t work: they can’t be used to recreate the encryption keys.
Once you unlock the device by entering the passcode the device generates the encryption keys and uses them to access the data. It keeps those keys in memory. If it didn’t, you’d have to enter your passcode over and over again in order to keep using your device. This is After First Unlock (AFU) state.
When you’re in AFU state and you lock your device, it doesn’t throw away the encryption keys. It just doesn’t permit you to access your device. This is when you can use biometrics to unlock it.
In some jurisdictions a judge can legally force someone to enter biometrics, but can’t force them give up their passcode. This legal distinction in the USA is that giving a passcode is “testimonial” because it requires giving over the contents of your mind, and forcing suspects to do that is not legal in the USA. Biometrics aren’t testimonial, and so someone can be forced to use them, similar to how arrested people are forced to give fingerprints.
Of course, in practical terms this is a meaningless distinction because both biometrics and a passcode can grant access to nearly all data on a device. So one interesting thing about BFU vs AFU is that BFU makes this legal hair-splitting moot: biometrics don’t work in BFU state.
But that’s not what the 404 Media articles are about. It’s more about the forensic tools that can sometimes extract data even from a locked device. A device in AFU state has lots of opportunities for attack compared to BFU. The encryption keys exist, some data is already decrypted in memory, the lightning port is active, it will connect to Wi-Fi networks, and so on. This constitutes a lot of attack surface that hackers could potentially exploit to pull data off the device. In BFU state, there’s very little data available and almost no attack surface. Automatically returning a device to BFU state improves resistance to hacking.
Fun fact: in Australia we don't have a bill of rights of any kind, so the cops can just force you to reveal your passwords. The maximum penalty for refusing is 2 years imprisonment.
Once rebooted, you need to enter your PIN to unlock the phone (and the SIM as well). Before that it is not possible to unlock the phone with biometric credentials (face ID or fingerprint).
As far as I'm aware, police can force you to hand over your biometric credentials (they can hold the phone to your face to unlock it when you have face ID enabled, or can move your finger to the fingerprint sensor). But they can't force you to reveal the PIN number.
Do two fucks make a right?
This is a most excellent place for technology news and articles.
