I want a system where you can define duress biometrics. For example, right middle finger and left thumb open the phone. Right forefinger locks the phone and disables further use of biometrics.
A friend of mine was recently questioned by the FBI in regards to a potential crime that his employer allegedly committed (I can’t go into the details). They asked him to give them his phone and unlock it. He asked them what if he didn’t want to unlock it. They told him they would hold him down and use his biometrics to open it. As soon as he told me this story I disabled biometric unlock on my phone. It’s really not that much of an inconvenience. I can still use my fingerprint to login to banking apps and stuff, it’s not that big of an adjustment to put in my code every time I have to unlock my phone.
GrapheneOS has a duress password: a different PIN you can type in at any unlock prompt that tells your phone to wipe your SIM and contents
Graphene uses 3 kinds of unlock methods - if you choose to use them.
The main password/pin unlock you’d see whenever you first unlock your phone.
A biometric fingerprint to use after first unlock.
And Graphene has a secondary pin so that it requires a code AFTER using your fingerprint.
This duress password and pin (you have both options) can be used at first unlock or whenever it prompts for the password and after biometrics where it asks for the secondary pin.
Both will wipe your phone.
I want this but instead it logs you into a blank dummy profile that is completely separate from your normal profile
GrapheneOS also will restart after 18 hours without being unlocked by default, you can adjust this down to as little as 10 minutes or as long as 72 hours. A reboot forces a phone into the most secure Before First Unlock status. Biometrics do not work there.
Biometrics for phones were always a security risk.
Every security measure is vulnerable to the wrench method. But at least with passwords you have to make the decision to say it out loud. With biometrics, it can just be unlocked while you sleep.
The only security advantage is that with passwords you can just look at/film the screen. But you’d need very high res images of your fingerprint + advanced 3d printing.
It’s always a concern when travelling to another country. There’s the decision between biometrics, passcode and/or burner. When travelling, always keep in mind that legality varies, and a country’s compliance with their laws varies as well…
Prepare ahead of time, always.
In addition to this: airport security cameras are REALLY good these days. So if you are in a risk group and want to use a passcode to secure yourself, make sure you don’t unlock your phone at the airport at all.
These days, with QR boarding passes etc, a burner may be a better alternative for such people.
Think of your phone as a safe, and your fingerprint as the key.
With a warrant the police cannot force you to divulge the location of the key to your safe, but they can absolutely open your safe if they find it. (Yes they can pick the safe or cut it open but that’s irrelevant to this analogy) If your safe uses a code to unlock they cannot force you to give them the code. (Again yes they’ll get into the safe eventually, somehow, but irrelevant).
It then follows that with a warrant the police cannot force you to divulge if you use facial recognition or which finger you use, but they can just try things until it works. And again they cannot force you to give them a pin or passcode to your phone.
Key concept here is don’t use fingerprints or facial recognition to secure your phone.
Hold down the side button and either volume button for two seconds until the “Slide to power off” screen appears, then tap cancel to lock it*. Alternatively, press the side/power button 5 times rapidly to activate Emergency SOS and lock the phone.
Varies by phone. Pressing power 5x on mine dials emergency services.
Probably. On mine this works
Is this for iPhone or Android?
My android is long press the power to select lockdown, or you can select a 5 quick presses type gesture to activate lockdown or another action
iPhone
This makes sense. Any time I see someone acting as though there is one type of phone, it’s an iPhone user. For example, only an iPhone user will recommend an iOS-only app because it literally never occurred to them that another platform exists.
Power + Volume Down is screenshot in Android, so I’m guessing iPhone.
What if I quickly restarted my phone? I’d only need to hold the side button for a second or two and then it would require my gesture to unlock. They can’t force that right? I’m. Not American but I’d like to see them try.
They can physically force your body to do things, but they can’t compel you to tell them information. Or at least that’s the law.
That was my understanding too. At this point I’m never entering the USA again but domestically it’s still good to know.
Use a password or pin, and if your phone has it turn off auto connection to USB devices attached.
deleted by creator
