Just another reason to forgo the convenience of biometrics in favor of a password/phrase that exists only in your mind. At least for now, that's something you can't be compelled to produce.
Really though, this descent into a police state is such a pathetic outcome for this country. Dangerous, scary, and tragic, but also... pathetic. This is what happens when a sizeable majority don't even participate in the electoral process, and those who do are overwhelmingly mindless.
Relevant bits start at page 5 (III - LEGAL DISCUSSION).
Compelling a person to provide his or her fingerprint does not
implicate, let alone violate, the Fifth Amendment. "[B]oth
federal and state courts have usually held that [the Fifth
Amendment] offers no protection against compulsion to submit
to fingerprinting."
Schmerber v. California, 384 U.S. 757, 764 (1966).
That is so because the Fifth Amenmendment privilege against self-
incrimination only prevents the use against an accused of
testimonial or communicative evidence obtained from him.
and yet here they are as a matter of fact seeking "communicative evidence".
Right, and considering fingerprint's long history as identification, it seems like it would be both impossible & unreasonable to try to split the two uses. Can we really say "You only obtained his fingerprint for the purpose of identifying him, you can't use it to unlock the phone"? And, we can't reasonably try to end the use of fingerprints as ID...
> Can we really say "You only obtained his fingerprint for the purpose of identifying him, you can't use it to unlock the phone"?
That seems to me to be a very reasonable thing to say. It seems to me that we have plenty of mechanism in place to say "you have X, you can use it for Y, and not Z, because using it for Z violates someone's rights". As a super contrived strawman example, if your computer ever gets confiscated by law enforcement, while they may be permitted to search it, they can't just play Fallout 4 or mine bitcoins on it.
Another instance I think is similar in concept: juries are instructed to disregard things (i.e. pretend they don't have a piece of information for the purposes of a trial) all the time, when access to this information would be improper.
To be clear I don't think it's unreasonable, it just seems it would be difficult to define & enforce, because it's already matter of public record. For example, what if the fingerprint was lifted from the scene of the crime? Can you use that to unlock the phone?
But my phone is mine, it contains deeply personal things that I put on there without the intention of sharing them. How is forcing me to unlock my phone anything other than forcing me to testifying against myself?
The analogy that's sometimes used is that of a safe full of documents. Current case law says that you can be compelled to turn over a key but cannot be compelled to turn over a password [1].
The Department of Justice is saying that a fingerprint is more like a key than a password I guess. Or alternatively that unlocking phones is search and not testimony.
The EFF seems to be primarily objecting on the grounds that a search of "all devices in the building" is too vague to be a correct warrant.
Couldn't you say the same about a safe on the premises being searched?
The self-incrimination clause of the fifth amendment is broadly interpreted as intended to dissuade the government from attempting to coerce confessions. Forcing someone to unlock their phone with a fingerprint caries none of the moral hazard of forcing them to testify.
All of that being said, I'd love for US society to recognize that a search encompassing a bunch of people's phones is vastly more intrusive (by virtue of the volume of data collected and network effects) than a search of a building that excludes computing devices, and for us to require a correspondingly higher burden of proof.
How about we stop expecting "justice" to work in our favour and start forcing it to work in our favour?
If you don't want anybody to be able to take your stuff, don't make it possible for somebody to take your stuff. A piece of paper saying something isn't permitted is not going to stop it happening.
If the piece of paper says I can be forced to tell them my password, they will try to force me... and I will give my password. You can simply put people in jail for not disclosing their password, when the law provides these means.
The fingerprint is not communicative. That's the crux of the matter. The state of law, currently, is that if the police have you, and they have your phone, and they have probable cause that your phone contains evidence of a crime, they can compel you to press fingers to the phone.
It's no different, really, then that they can force you to press your fingers onto a sheet of paper for booking during an arrest, or to take a buccal swab.
What they apparently cannot do is force you to admit what if any finger of your would unlock the phone. Apparently some people use tricks like locking the phone with a knuckle or even the tip of their nose (that one sounds comical). Really though, it goes to show that the good old fashioned memorized password has not gone out of style. Any biometric or dongle-based authentication or encryption can be circumvented by legal process.
And in a civil matter, judges and parties have even more power. Ultimately, if a court is convinced that you know a password and are not properly invoking a 5th amendment privilege against criminal self-incrimination, you could be held in contempt (fined daily, or jailed) until you provided the password or the password-protected materials. At this point it could well become a battle of wills and proofs, which the contemnor may well lose.
Exactly, the fingerprints aren't material evidence in this case, but communicative testimony that could lead them to unspecified future material evidence on their phone. It's not the same thing at all.
I heard fingerprints described as "Authentication, not authorisation", which I think is a better description of the role they play (on the iPhone, at least), and the role they should play.
They authenticate who you are, they aren't trivial to fake. However, they shouldn't authorise access to a device on their own. Your fingerprint works as a somewhat more secure, medium term swipe-to-unlock for your phone.
Authorization typically means what actions the authenticated user is allowed to perform, not that the authenticated user has herself conveyed some kind of approval.
> I heard fingerprints described as "Authentication, not authorisation",
I understand once you've authenticated who the user is, authorization is just a mask of what they are allowed to do. It is like saying "after you've given your username (GMail account) to Google, it should allow you to read your email. If you happen to be an administrator for Google Business account you can also see other accounts or settings etc".
So hopefully you meant that you just use your fingerprint in place of typing out your username not in place of typing your username _and_ password.
One could see fingerprint and user/pw as two different roles - with different levels of authorisation.
(Somehow similar to sudo which asks for the user's password the first time but assumes that the logged in user is allowed to execute further sudo commands without pw auth. Even if sudo does not really implement two different user roles here.)
One could see fingerprint and user/pw as two different roles - with different levels of authorisation.
(Somehow similar to sudo which asks for the user's password the first time but assumes that the logged in user is allowed to execute further sudo commands without pw auth. Even if sudo does not really implement two different user roles here.)
Careful, authentication / authorization have specific definitions in software development which are at odds with what you say. A username/password together would be authentication.
If we keep repeating it, maybe someone will eventually listen ... Really, it should be obvious how bad an idea it is to use biometrics as passwords to large companies like Apple. I guess they figure (probably correctly) that customers favour convenience over security.
I'm not sure if "overwhelmingly mindless" is the right characterization. In my opinion, the most interesting story playing out among the Western nations is what is happening in Poland right now. In the USA, people fought for independence from Britain starting in 1775, so obviously those people are not alive in 2016. But in Poland, many of the people alive now are the same people who overthrew tyranny in 1989. That's an interesting story. Among the Polish public there are many who were willing to risk their lives to fight for a more open, democratic and liberal political system, in 1989. And now, in 2016, Poland is suffering the same shift towards authoritarianism that we see in other Western countries.
Just so I'm clear, I'm saying I find this interesting because in many cases we are talking about the same people who were alive in 1989. In the USA you can say "Oh, that generation believed in those things, but those currently alive don't believe in these things." (I don't agree with that statement, but you could make that argument.) Whereas in Poland, it's in many cases the same people who fought for a more open system who are now tolerating the drift towards a more authoritarian system.
To me, the story isn't about "overwhelmingly mindless" voters, its about voters who are angry with the failure of the system. That is, they are mindful of how the system has failed. They may not know what the answer is, but they are angry, and they are willing to elect politicians who seem to mirror their anger. It might be a bad strategy to vote for someone simply because they appear to reflect your anger, but I think I can understand the motivation, and it is not quite the same as being mindless.
If a voter's reaction to anger with a failed system is to shoot themselves in the foot with a pistol they've had laying around since '89, I'm going to stick with the "mindless" appellation.
In counterpoint to this, witness the mass protests (by women) against the proposed ban in abortion. A religious right wing pressure group pushed it along, the govt backed it, mass protests, humiliating back down. Goes to show how out if touch ruling parties are about what people think, and their belief that people actually do support their hard line policies.
In actuality, maybe people are just voting based in whether their economic circumstances improved over the last term, regardless of whether the change was due to national or global factors. Maybe they just don't like the Russians and voted for the nationalist rhetoric.
Both events can be equally connected to nationalistic conservatism: the national identity of Poland is as much defined by slavic resistance to anything non-slavic coming from the west (e.g. the Teutonic Knights of old) as it is by catholic resistance to anything non-catholic coming from the east (e.g. eastern churches, anti-church ideologies like forced communism and most famously, Turks sieging Vienna).
No, it's what happens when large numbers of people decide they care about safety and security more than they care about freedom. That doesn't necessarily make it any better, but to attribute this outcome to mindlessness is to badly miss the point. The first step to solving a problem is to understand what the problem actually is.
The problem is that we're not exchanging freedom for security, we're exchanging freedom for the empty promise of security and the reality of a police state.
A locked phone is a lot less interesting to a burglar. If the convenience of touch ID means more people lock their phones, that's not an empty promise.
Huh... why? I mean, burglars and hackers are usually very different people, and the former usually doesn't care about what's on your phone, just your phone. I grant however, that you could have a particular situation perhaps relating to your work which might alter that.
How would your phone give them access to any of that? All of that kind of thing is inevitably protected by more security layers they won't be able to break, and meanwhile, the phone itself is worth something once wiped. Worse, the longer they fiddle with your phone, unwiped, the longer they risk someone tracking that phone.
What I heard is phones are often sold off by burglars to organized crime who do know how to exploit the phone to its full potential (and not get tracked, and properly wipe it and resell it after properly copying off the data/login credentials which is sold to another party, which then package the data with other data and sell that, and so on).
Wish I had some better sources. All I could find from a quick google search is that the market rate for full personal info is $20 -- that is certainly something you can get with email inbox access (which is enough to get Amazon login which would have your full address etc etc)
Keep in mind most services only needs your email address and browser cookies for full access, only banking services etc are 2FA.
The average burglar wouldn't know that, and wouldn't have anything they could do with that information. They're a drug addict who wants shit to fence for a fix. Burglary of the average residence is an insanely stupid crime with enormous risks and penalties.
The people stealing it usually want to resell it. They'll wipe it. The hackers want the data on it, esp if they can unlock it, since it might be valuable in itself or connected to your online accounts that they trade on black markets. A subset exists between the two which are people that might target you personally just to snoop, a grudge, incidentally to grabbing information you have on your business that's the actual target, and so on. Best to simply cover each one with whatever protections you need so the attackers' motivations and probability aren't something you need to guess.
how many people lock their phones for any other reason?
I only lock my phone in case it's lost or stolen, I don't lock it to keep the government out of it, since pretty much everything on my phone is available in Google's Cloud services (except for my password protected password manager), which the feds can gain access to with a valid search warrant.
? Who are the large numbers of people you speak of, who decided perceived "safety and security" are more desirable than freedom? Far as I can tell the general public had no say in the legislation, and the legislatures who pushed through the Patriot Act reassured their constituents that the abuses we're witnessing were not under the realm of possibility. Meanwhile the Feds techniques of warrant-less intervention and forced entry of suspects phone have yet to yield measurable results.
The general public is mindless to the extent of surveillance and the aggregation of that data, the vast majority are certainly unaware of the possible unintended consequences of wanton disregard for the 3rd, 4th and 5th amendments. Only a third of Americans can even name all three branches of government, to believe they're informed on matters they don't understand on a technical or philosophical level is badly overestimating the American Public.
Let's put this in its political context. We are citizens of a constitutional republic. A republic, as far as I understand it, implies that a (thoughtful, responsible, .., elected) minority is afforded the delegated power to legislate, judge, and administer.
The 'actual problem' seems to be in the selection/delegation process. The minority that is currently in charge has framed the question as that of "safety and security" vs liberties ("freedoms"). The corporate media (aka "journalists" and "free press") is more than happy to support this thesis. The "people", lets be frank here, were never expected to be a nation of Jeffersons. And it is unreasonable to expect them to be astute techno-political scientists carefully weighing various implications of technology and policy.
Other unelected minorities -- corporations such as Apple, Google, Facebook, ... -- could by fiat choose to only offer goods that preserve our liberties. They chose not to do so and arguably they are not under an obligation to do so. (Note arguably.)
Other unelected minorities -- technologists that work for the above -- have also elected to lend their talents to produce these systems, platforms, and devices that erode our liberties. Again, arguably they don't really have much choice in the matter, as we all must pay the proverbial rent.
So, imho, beyond the cliche that 'a people deserve their government' (which is a congenital defect of a political body), there remains the framework that was intended to select the best and brightest minority that would be entrusted with carefully considering various options. It is this framework that is currently broken. I accuse our so called "free press" for a playing a substantial role in the dysfunction of our political system.
There are other responsible parties for sure, but the press and media play a critical role in knowingly confusing and frightening the majority -- a role known as agitprop in the USSR.
The current voting system doesn't help. A national popular vote for president under IRV and proportional representation for Congress are necessary parts of the solution.
The free press is not objective, or benevolent, or ethical. Yes, parts of it may have started that way, but today's free press is merely free, in that it can and will say anything, within legal bounds. It ends up saying whatever gets the most eyeballs.
We need a better way to disseminate factual information to the public. Sadly, I have no idea how to do that.
https://theconversation.com/ has African, Australian, French, UK, US and global versions (but the African, US and global editions seem not to be donor-funded), Creative Commons licensing, and no advertising (but it does have sponsors).
I wonder how it would cope with a billion readers.
> A republic, as far as I understand it, implies that a (thoughtful, responsible, .., elected) minority is afforded the delegated power to legislate, judge, and administer.
Elected, yes. Thoughtful and responsible depends on your point of view. For example: there is a substantial contingent of people in the U.S. that want the country to be a Christian theocracy. (Most of these people believe that this is how things used to be, and they want to return to those halcyon days.) And so, unsurprisingly, these people vote for representatives who they think will advance that goal. So, for example, is Roy Moore "thoughtful and responsible"? If you're a member of this contingent then you probably think he is. If you're not, then you probably don't.
Likewise, there is a substantial contingent of people who are scared witless at the thought of terrorism, and think that it's worth trading in the odd civil right to insure that terrorists are not "free" to plot our destruction unmolested. There is a substantial contingent of people who are unrepentant racists who think black people are less than human and the root of all evil. Likewise for Muslims. All of these people not only don't care when "the bad guys" have their civil rights violated by the cops, they think it's a feature. They see the cops as courageous defenders of their point of view against the corrupting influence of pluralism and wussiness. The vaguaries of our electoral system make a difference at the margins (e.g. by gerrymandering) but none of these things would be possible if there were not millions of people who thought that it was good and proper.
The irony is that by blaming the system instead of acknowledging that the outcomes we see are the result of democracy working exactly as intended you are actually contributing to the problem, which is that everyone retreats into their echo chamber and spends their energy vilifying anyone who doesn't agree with them instead of working constructively to figure out how all 7+ billion of us are going to get along on this little planet.
> The irony is that by blaming the system instead of acknowledging that the outcomes we see are the result of democracy working exactly as intended you are actually contributing to the problem, which is that everyone retreats into their echo chamber and spends their energy vilifying anyone who doesn't agree with them instead of working constructively to figure out how all 7+ billion of us are going to get along on this little planet.
But I am not blaming the system.
I pointed out bad faith actors in the system, which in my view, are contributing to the dysfunction of the process, and have poisoned political discourse in this nation. I don't remember the exact date when we crossed the threshold but do remember noting a somewhat abrupt introduction of extreme vulgarity and uncivility into televised political shows at some point in 90s.
The various POVs you mention are noted and point well taken. But were not these strains of thought present in the 80s, 70s, and before? I haven't watched TV in decades, but the few times I am exposed to it by force (visits to family, public spaces, etc.) my skin literally crawls, regardless of which point of view is being voiced. It's like the planet of the vulgarian apes. Don't you think the public that is exposed to this /garbage/ day after day has been conditioned to act in the same manner?
> Likewise, there is a substantial contingent of people who are scared witless at the thought of terrorism, and think that it's worth trading in the odd civil right to insure that terrorists are not "free" to plot our destruction unmolested.
This is the only POV that I find unacceptable. This view -- propagated from on high from -- is the factual "blaming the system". The clear subtext of this manufactured view is that our system is fragile and inadequate in face of enemies and needs corrective measures that alter the very nature of our system. Yes, the people were scared, but it was not the people who pulled the Patriot Act out of God knows where and passed it without even an attempt at deliberation.
They could have been offered other remedies, but were not. They could have been reassured by national leadership that we can prevail without disfiguring our national character, but were not.
Americans torturing and torture shows on cable TV.
Wagging fingers is one of the more boring forms of political discourse, and no matter how unacceptable you find an opinion, you will never finger-wag someone out of one.
You are wagging fingers also, and therefore boring.
Honestly, I've been finger-wagged out of an opinion or two, so "never" is too strong. Frankly, I challenge you to name any form of "political discourse" that regularly changes opinions. In my experience political discourse in general rarely accomplishes anything other than preach to the choir and cause opponents to dig in.
I'm not telling you what to do, which is a necessary component of the finger wagging. I do enjoy when people accuse me of the actions they are taking, though. Very human. Very, very human.
(In case you're interested, Pierre Sallinger touches on the post '72 role of the media in the selection process in his 1995 c-span interview: https://www.c-span.org/video/?67372-1/ps-memoir [edit: jump to 44:56])
As a system administrator: No. It's not. A broken system and a system being misused are two entirely different things. It could be suggested that a system is broken if it can be misused and indeed an ideal system will be incapable of misuse. But I've never met one yet.
Do you claim here that elections (who votes, where, how often, in what conditions, for whom, for what, etc.) aren't part of "the system"? That probably isn't your intention, but you seem to hold the parenthesized conditions blameless, offering instead some sort of caricature of a Trump voter for criticism. Incidentally, if the participation of all those apparent cretins is "democracy working exactly as intended", how should we characterize previous elections in which they did not take part?
ISTM there are problems in that process. Even if there aren't, there could be, and preemptively declaring such out of scope certainly wouldn't help solve those.
One has long suspected the insidious idea that the Founders etc. did such a Good Job that we mustn't criticize any current incarnation of the institutions and traditions they created. One used to hear this silly idea from "strict constructionists", but recently it seems to come mostly from devoted supporters of the status quo.
Of course there are problems in the process, but they pale in comparison to the fact that there are vast and fundamental differences in people's quality metrics, and even in what they mean by words like "freedom" and "equality" (e.g. is allowing gay marriage "equal rights" or is it "special treatment"?) So the whole premise of electing reasonable people to run the government is doomed from the start because Americans don't agree on what "reasonable" means. No amount of tinkering with the process is going to fix that.
We were supposed to be nation of 'Jeffersons', or at least educated people with skin in the game. Only educated and land owning males were allowed the vote.
I'm sure part of the reason non land owners, slaves, women, etc. were not allowed to vote was in order to keep a certain group in power, but there have been many writers who correctly predicted what happens when everyone is allowed to vote:
"A democracy can only exist until the voters discover that they can vote themselves largess from the public treasury."
The fact that you have something like 1/2 the citizens working and subsidizing the other half, along with our 24 hour news cycle that cannot be trusted anymore than Pravda at its worst, and I think we will probably look back and realize allowing everyone a vote is a bad idea, or no better than a monarchy or some other rule by a select few.
> We were supposed to be nation of 'Jeffersons', or at least educated people with skin in the game. Only educated and land owning males were allowed the vote.
What states include being educated as an input to their voter eligibility determination?
The presumption was that being a land owner was correlated with education. If not formal education, then at least an active interest in being informed about current affairs.
Alternative idea:intentionally register someone else's fingerprints on your phone - so when the cops arrive and find a phone lying on the couch you can plausibly say "not mine, here try my finger on it!" ;-)
(Anybody got ready access to med school cadavers with the fingerprints intact?)
> Just another reason to forgo the convenience of biometrics in favor of a password/phrase that exists only in your mind. At least for now, that's something you can't be compelled to produce.
Unless by rubber hose cryptanalysis. Still better than being compelled to produce one's finger, though ;)
Fortunately, my threat model does not include people cutting off my fingers. Take out the pliers and you can have my phone. My notes are private, but not that private.
That's the reality, for sure, but at least you're stripping away the air of respectability, law, and order. When you're whipping someone with a rubber hose, you've made a serious commitment.
" you're stripping away the air of respectability, law, and order."
Counterexample popped in my head was parents with a belt asking for iPhone unlocked. Still has respectability, law, and order in most places. I wonder if there are other counterexamples.
Good passkeys also should only exist to be checked on the device. Fingerprints can be in databases and on the device itself. Not sure how fingerprint scanners react to replicated fingerprints, but the right people can probably replicate them pretty well. I would only consider a fingerprint a more secure authentication measure because it can't be recorded by cameras.
I meant it's a lot harder to record fingerprints... It's relatively easy for a camera from almost any angle to record touches on the phone (especially with many phone's animations that show the number touched)
> the right people can probably replicate them pretty well
They can be fooled reasonably well (well enough to fool an iphone) with pretty simple techniques. For details, search for a bunch of articles from 2002 referencing Tsutomu Matsumoto's work.
This is why my unlock is not tied to biometrics. Once I realized the government can compel you to unlock your phone without a warrant using your fingerprint it became a much less compelling feature. The same for facial recognition.
My favorite fast response to disarm that is always: that's not up to you [whether or not you have something to hide]. I've found it instantly shakes the false comfort they're trying to derive from their premise and opens up a moment of rethink.
Not for me, I don't even understand your point. Of course it's up to me if I have something to hide. I have nothing on my phone that I wouldn't be perfectly OK with to have printed and displayed in a busy public place. How is it not up to me to decide what details of my life I have to hide?
Easy: Your contact list. You may not care who sees your list, but the people on your contact list would probably be upset if their private email address, cellphone number, chat name, home address and other personal data were exposed to the general public. Ditto any conversation you had with them via text; you may not care who sees the conversation, but your partner/friend/boss may object to having their privately texted words plastered all over Times Square.
Your GPS location data is another good one. Hypothetically speaking, would you really want the public, which contains some seedy characters mixed in with the "normal" people, to see the route you take to drop off/pick up your daughter at school, making her easy pickings for a kidnapping?
There's more than just the websites you browse and the people you talk to on your phone. It's a digital vault of every move you make, every question you ponder, every person you've interacted with, every store you shop at. Your banking data is there, your stocks, your hobbies, your bursts of anger, your outlook on life, your loved ones' and associates' addresses and contact information.
In short, you hurt more than yourself by exposing your private data, whether to the public at large, the government, or commercial entities seeking to hoover it up for advertising revenue. It's your responsibility to keep it private.
Do you ever find it ironic that you are trying to combat totalitarian fear-mongering with an argument that in part is literally "think of the children?"
It was just an example; besides, sometimes "think of the children" is the correct stance. If that is your only counter to my point, then I feel safe in my position. :-)
Currently you have nothing on your phone that wouldn't be OK to be made public.
Depending on who is in power in your area, that could change very quickly. If you're of the wrong race, someone like Donald Trump might use three-letter agency-collected data to move you out of the country. Foreign states might want to use your identity to get cheap health care for their citizens.
Immigration policies, substance legal statuses and acceptable social practices and attitudes change overnight. Someone could spam with you child pornography and border officials could find it in your phone at the border.
Furthermore, you don't know what you're going to do with the rest of your life and how the decisions you make now could be perceived in the future.
Maybe someone's watching your house, keeping track of when you're not home. Or maybe they're using your phone patterns to do the same: Checking your phone when you're in the gym, in the bathroom at a restaurant.
And any of these scenarios could be used to threaten you or someone you care about. Did a neighbor ask if you could babysit their children when they're away? Did your aunt admit she has a mental disorder that could get her fired? Did a friend reveal he has a substance abuse problem? Did your elderly parents send you copies of official financial documents to review? Ever looked for a "questionable" book on Amazon?
Furthermore, if you're not following proper safety practices, you could be a liability for future business partners. Who wants to risk sharing data with someone who's loosey-goosey about the info on their systems?
In conclusion, it's not just you, right now that bears thinking about. It's everyone in your social circle over the long-term future.
The police asks you to surrender you phone. Telling "you have nothing to hide, you shouldn't mind" and you respond with "It is not up to decide if I have something to hide"
Or, your friend is arguing for letting the police see their phone because your friend has nothing to hide. Your friend says "I have nothing to hide". But you respond with "It is not up to you if you have nothing to hide, so you shouldn't have that attitude".
Assuming you meant the second, what is the reasoning behind it?
Say your friend is arrested for smoking pot in Arizona or Indiana or anywhere else that has draconian cannabis laws, now each of their contacts is possibly a dealer. They're in a different state? The DEA will be happy to help make a federal case out of it.
It is acceptable but not "perfectly". It is acceptable with an additional condition: if you also accept the fact that the act of surrendering your privacy increases the pressure to expose the privacy of those who are not so willing to expose theirs.
Then they will use your unlocked phone and plant the evidence they need.
At least, if they can't unlock the phone, then they even have to worry about the evidence they fabricate as you might have something that counters it on the phone.
Do you travel ? In much if not all of Europe not giving your password, even to a random search when passing through (not entering the country), is a crime. Therefore legal advice is to provide custom agents and other police with access to any device upon request and then.
Right. So just don't keep anything sensitive on the phone. Whenever crossing borders or otherwise subject to search and seizure, carry blank devices. Access sensitive stuff from secure online repositories.
Exactly. I'd even do locally-sourced hardware if the device ever leaves my site or they plug anything into it. Download the data via a VPN to be stored in an encrypted container. Upload and wipe it when you're done for your next round back. Not as much trouble as one would think if you use easy disk encryption, VPN, and syncing. I don't have an up-to-date recommendation on what combo to use, though.
What's your proposed fix for establishing privacy from police at borders in all industrialized nations despite lack of voters or media campaign backing you? Cuz I call bullshit on that.
Have you seen the "information security" at most companies? It's anywhere from bad to horrible. Yeah, that's a possibility except at those with teams that would think about border searches.
Yes, I travel a lot. Over 50 countries, 25 in the last 2 years as part of my sabbatical.
Sadly, I disagree. If I'm in a foreign country and I want legal advice I'll ask the local bar (or equivalent) about my rights. I'm simply not going to unlock my phone or incriminate myself just on the word of law enforcement.
I don't do anything criminal, this is about respect. If they feel I have done something wrong it's for them to prove it. I'm not going to do it for them.
You arrive in a foreign country. You get stopped by police and asked to unlock your phone. You're worried you will miss your connecting flight/train/bus/whatever.
How will you contact the local bar equivalent in this situation?
Even without the time pressure of a connecting flight, you're not exactly going to tell the police "hang on, wait until I google to see who I should contact, and then let me give them a call. Then I will see if I will comply with your order or not"
From a glance at your profile, you hardly seem to be a person a government would be interested in (maybe you're a drug king pin in your off hours, don't tell me if you are). What is your threat profile? If you loose your phone and some kid racks up a few hundreds $ in whatever one can buy through a phone nowadays, is that threat worth less to you than the convenience of fingerprint phone locking? Why would you give up that convenience out of fear for something that is much less likely to happen than other, realistic threats?
I know it's a snarky question because there is no way to phrase it without being so; but I honestly don't understand the reasoning behind 'convenience features are worthless/I turn them off because they're not 100% secure against [some powerful actor] that might hypothetically want to look at my phone'. I mean, they can get comms metadata from carriers; speech comms content from wiretaps; email content through subpoenas (minus those you encrypt with client-side tools, a major pain to do on a phone anyway). If you're going to run a coke line from South America or plan to overthrow the government or conspire to bomb immigrants, you're better off not using any such obvious electronic communication tools in the first place. So what's your reasoning?
> From a glance at your profile, you hardly seem to be a person a government would be interested in
He may not be someone the government is interested in right now, but as is clear in the case we all are discussing, the government is on a fishing expedition, seeking to unlock a non-suspect's phone in the hopes of making a suspect out of them. That's some 1980s USSR shit right there, and it's disheartening that our government is trying to become what they once fought against. They can get a warrant first, or they can get bent.
To put it another way, you don't want your neighbor poking around in your garage looking for something she can report to the fire marshal "just because", even though you're pretty sure there's nothing she can call out, so you keep your garage locked.
Over a set of 100 million American with smartphone, statistically speaking quite a few of them would have to have a run in with the authority somehow.
> I mean, they can get comms metadata from carriers; speech comms content from wiretaps; email content through subpoenas (minus those you encrypt with client-side tools, a major pain to do on a phone anyway).
All of those things need to have their case present in front of a judge. And that is infact a major difference.
From your link:
"The process starts with a scanned photo of the target user’s fingerprint. This image is scanned, then some fiddling with contrast levels may be required."
"Cao told Quartz that the spoof worked on the iPhone during an earlier attempt, but it didn’t work when he tried to replicate the result for the technical report. “We unlocked it at the start of the project, but when we prepared the report, I could not unlock the iPhone. I used the same protocol and method. I’m not sure why it didn’t unlock,” Cao said."
I wouldn't exactly say this was a slam dunk then, eh? Seriously I'd like to know if someone can reproduce the exploit on film using non-exotic materials or process (ie, no latex glue or pre-existing high-resolution images). Of note, if feds can get fingerprints through existing paperwork, why do they need a seek a warrant for this?
I have to wonder what sort of technical measures could be implemented to make biometric systems as legally secure as passwords while still retaining something like the same convenience.
The first thing that comes to mind for me is the Apple patent on recognizing a fingerprint anywhere on the phone's surface, and using that in combination with Android-style lock screen patterns. A lock screen pattern isn't nearly as secure as a full password, but it could serve a similar legal role.
While I'm all for the idea that sometimes you have to make do with what tools you have available, why are we looking for technical solutions to a legal (or perhaps even philosophical) problem?
Philosophically and legally I am firmly convinced that we should treat information, and therefore data, as an extension of consciousness. Information is only meaningful because we have the conscious capacity to interpret it; digital data is a "memory aid", a tool we use to expand our everyday capacity to interact with information. Data is not analogous to a physical object; any discussion about ownership, or transfer rights (and so forth) is inherently based on a flawed premise.
Directly descendant from that argument is that privacy is irrelevant, that instead, individual agency is what matters. Privacy is a decision not to share information, but that means privacy is only possible given the agency to make that decision. Any serviceable definition of information agency implies, at the very least, having control over the creation, retention, and sharing of data, which is so much more than privacy. And when you start looking at it that way, it becomes clear that our conversations around incidents like OP's link should happen around the fifth amendment, and not the fourth.
When I talk to tech people about this, they (typically) emphatically agree. When I talk to lawyers about it, their response is much less enthusiastic: "That's an interesting perspective, but it's not really supported by existing case law." If all we're doing is piling technical circumventions on top of bad policy, we're stuck in an arms race. What we need is a shift in legal attitudes towards information; that's the only sustainable outcome here. We need a cogent legal and philosophical argument, one rooted in existing, accepted principles, that makes a solid case for a new paradigm surrounding data.
Hi, my name is Grey. My voice is my password, verify me. Seriously though, would it really be a challenge to simulate someone's speech in that way? If the key element which makes a system secure is the biometric side, then that's still the point to attack legally and otherwise.
Somewhat different convenience level, but you could introduce a mode where the fingerprint unlock only works for certain content and other content is behind a password.
In the legal filing, the government says (in a footnote) that there is no Fifth Amendment issue because the Fifth protects against self-incrimination but that, here, no one has been charged with a crime.
The government is on a "fishing expedition" -- obtaining a warrant to search the phones so that they can (hopefully) find evidence. As mentioned in the article, it doesn't work that way (they're going about it backwards).
It does happen by mistake. My apartment was raided by police and I know four others who have been raided too. In two of those cases, the people who were raided had nothing to do with any kind of illegal activity. The other three were drug related, of course.
I've never owned a smart phone. At the time I would've had some prepaid flip phone, and fortunately I was pretty consistent about keeping those out of the house.
Or a configurable timeout, rather than the apparently hard-coded 48 hours.
Or ask for a PIN if the phone's radio detects many more other radios in the vicinity than a few minutes ago ("Because you might be under duress, please enter a PIN now.")
Or if a phone has been sitting on a flat surface for a while, require a PIN.
Or require a PIN if the phone is tapped with a duress code ("Shave-and-a-hair-cut"). Could be pretty subtle.
Countermeasures like this are useful both against thieves (who might want to unlock your phone and get access to your accounts) as well as against state actors (ditto).
Touch ID is set to require a passcode after five failed attempts, One could use an unregistered finger or knuckle to intentionally fail the five attempts and force a passcode requirement.
On Android, if you have fingerprint unlock enabled, you still have to enter a PIN it other unlock code after a reboot (I can't speak for carrier-specific modifications, though). So if you have time, shutting down your phone (or leaving it turned off even not using it) would prevent your fingerprint from unlocking it. I believe the same is true for an iPhone as well.
More generally, if this is important to you, make sure you know under what circumstances your phone will or will not consider a fingerprint sufficient. Also, you should check whether the error message betrays any information. If you try a fingerprint when it requires a PIN code, does it say the same thing for a known and an unknown fingerprint?
Phones need a feature to require the passcode after n minutes of non-use. No that wouldn't solve all the problems with fingerprints to unlock, but it would reduce the scope considerably.
I was going to say the same thing, but then the article says:
> For that reason, the warrant authorizes the seizure of ‘passwords, encryption keys, and other access devices that may be necessary to access the device,’” the document read.
So the "power off the device, now it's a password" seems to be something they were prepared for. The article is unclear as to whether or not this was granted, but if so it'd be seemingly unprecedented.
I don't know that withholding your fingerprint to keep your phone locked would work, anyway. They already have my fingerprint on file, and likely most of everyone else's, in the DMV records.
I'm not sure if fingerprint scanners have been defeated using ink prints yet, but it's just a matter of time, I suspect.
Fingerprints are established as identification, which makes them necessarily not private/secret.
You got downvoted but it's true. People unlocked their phones just fine before with pins or patterns. The time saved is marginal. Fingerprints need to go the way of facial recognition to unlock. Unfortunately as these get more popular even more people will find ways to doctor fingerprints.
I was going to say the same thing. Likewise for iOS. Not that I have anything to hide, but if I didn't want to comply in such a situation, I would turn my phone off, game over.
This seems more like a 4th amendment issue. It's great that they got a warrant, but the warrant is unbelievably broad. I can't imagine a similar one enabling law enforcement officers to conduct strip / body cavity searches of everyone in the building. Or, allowing the officers to search all of the vehicles in the parking lot.
This is one reason I've always wanted to have two separate authentication credentials for one user. Unfortunately, I've yet to find an acceptable or easy way to implement that on any device that would need it (your phone, your laptop, any device which you want to keep stuff private). For example: have one authentication method that unlocks the device to the typical desktop environment, command line, or whatever -- just a typical GUI that people would expect to see upon logging in. And then have another (hidden) authentication method to unlock the device into the REAL meat & potatoes. Useful for situations like this when law enforcement demands it, or when TSA/Customs in a foreign country demand you open and boot your laptop at a foreign airport. Is there any way to implement this on Android, iOS, GNU/Linux, or Windows?
Veracrypt (the most popular fork of Truecrypt) has this ability too. And some Truecrypt user still trust Truecrypt after the latest audit found no signals of backdoors.
I think Qubes OS (https://en.wikipedia.org/wiki/Qubes_OS) does something similar to what you're looking for. You can set it up so when you login your "qube" (The virtual machine you're currently using) is a normal looking operating system that doesn't have access to any of your protected files. You can then load up your protected files and programs by starting another password protected "qube", which is similar to starting another VM.
This looks very, very interesting. I'll have a deeper look into Qubes this weekend for sure. I wonder how good their repos are in terms of up-to-date packages and software
This is EXACTLY a best-case-scenario, but I have no idea if/how it can be done. (ie: one user account, username: <user1>, but <password1> unlocks and boots into a typical desktop, and a separate <password2> unlocks into another totally different environment)
Maybe I missed it but I skimmed the legal document and didn't see anywhere where it indicates the police actually have any kind of probable cause. Was this literally just some fishing expedition against a household's phones?
A bunch of people mentioned turning off the device, to require a pin or password. The article though explicitly seems to claim the warrant included anything imaginable to unlock a device:
> For that reason, the warrant authorizes the seizure of ‘passwords, encryption keys, and other access devices that may be necessary to access the device,’” the document read.
Our new startup is an emergency fingerprint-dissolving appliance: nose-plugs and novcaine are premium features, but you can DIY burn the skin of your fingerprint pads off for free with lasers. Next year, we'll also have a slicing add-on product in this category which complements the lasering for extra tinfoil security. We also plan to heavily encourage apps and accessories.
189 comments
[ 3.6 ms ] story [ 281 ms ] threadReally though, this descent into a police state is such a pathetic outcome for this country. Dangerous, scary, and tragic, but also... pathetic. This is what happens when a sizeable majority don't even participate in the electoral process, and those who do are overwhelmingly mindless.
Relevant bits start at page 5 (III - LEGAL DISCUSSION).
and yet here they are as a matter of fact seeking "communicative evidence".That seems to me to be a very reasonable thing to say. It seems to me that we have plenty of mechanism in place to say "you have X, you can use it for Y, and not Z, because using it for Z violates someone's rights". As a super contrived strawman example, if your computer ever gets confiscated by law enforcement, while they may be permitted to search it, they can't just play Fallout 4 or mine bitcoins on it.
Another instance I think is similar in concept: juries are instructed to disregard things (i.e. pretend they don't have a piece of information for the purposes of a trial) all the time, when access to this information would be improper.
If they could, they would read your mind too.
The Department of Justice is saying that a fingerprint is more like a key than a password I guess. Or alternatively that unlocking phones is search and not testimony.
The EFF seems to be primarily objecting on the grounds that a search of "all devices in the building" is too vague to be a correct warrant.
[1] http://www.uclalawreview.org/the-fifth-amendment-encryption-...
The self-incrimination clause of the fifth amendment is broadly interpreted as intended to dissuade the government from attempting to coerce confessions. Forcing someone to unlock their phone with a fingerprint caries none of the moral hazard of forcing them to testify.
All of that being said, I'd love for US society to recognize that a search encompassing a bunch of people's phones is vastly more intrusive (by virtue of the volume of data collected and network effects) than a search of a building that excludes computing devices, and for us to require a correspondingly higher burden of proof.
If you don't want anybody to be able to take your stuff, don't make it possible for somebody to take your stuff. A piece of paper saying something isn't permitted is not going to stop it happening.
It's no different, really, then that they can force you to press your fingers onto a sheet of paper for booking during an arrest, or to take a buccal swab.
What they apparently cannot do is force you to admit what if any finger of your would unlock the phone. Apparently some people use tricks like locking the phone with a knuckle or even the tip of their nose (that one sounds comical). Really though, it goes to show that the good old fashioned memorized password has not gone out of style. Any biometric or dongle-based authentication or encryption can be circumvented by legal process.
And in a civil matter, judges and parties have even more power. Ultimately, if a court is convinced that you know a password and are not properly invoking a 5th amendment privilege against criminal self-incrimination, you could be held in contempt (fined daily, or jailed) until you provided the password or the password-protected materials. At this point it could well become a battle of wills and proofs, which the contemnor may well lose.
They authenticate who you are, they aren't trivial to fake. However, they shouldn't authorise access to a device on their own. Your fingerprint works as a somewhat more secure, medium term swipe-to-unlock for your phone.
I understand once you've authenticated who the user is, authorization is just a mask of what they are allowed to do. It is like saying "after you've given your username (GMail account) to Google, it should allow you to read your email. If you happen to be an administrator for Google Business account you can also see other accounts or settings etc".
So hopefully you meant that you just use your fingerprint in place of typing out your username not in place of typing your username _and_ password.
(Somehow similar to sudo which asks for the user's password the first time but assumes that the logged in user is allowed to execute further sudo commands without pw auth. Even if sudo does not really implement two different user roles here.)
(Somehow similar to sudo which asks for the user's password the first time but assumes that the logged in user is allowed to execute further sudo commands without pw auth. Even if sudo does not really implement two different user roles here.)
That might be your best hope.
(Respectfully submitted, etc, etc.)
Just so I'm clear, I'm saying I find this interesting because in many cases we are talking about the same people who were alive in 1989. In the USA you can say "Oh, that generation believed in those things, but those currently alive don't believe in these things." (I don't agree with that statement, but you could make that argument.) Whereas in Poland, it's in many cases the same people who fought for a more open system who are now tolerating the drift towards a more authoritarian system.
To me, the story isn't about "overwhelmingly mindless" voters, its about voters who are angry with the failure of the system. That is, they are mindful of how the system has failed. They may not know what the answer is, but they are angry, and they are willing to elect politicians who seem to mirror their anger. It might be a bad strategy to vote for someone simply because they appear to reflect your anger, but I think I can understand the motivation, and it is not quite the same as being mindless.
In actuality, maybe people are just voting based in whether their economic circumstances improved over the last term, regardless of whether the change was due to national or global factors. Maybe they just don't like the Russians and voted for the nationalist rhetoric.
I'm still calling "mindless".
If the US were to outlaw all forms of encryption, we would have less privacy AND less security:
Less Privacy: all communication is now readable by a third party in the middle
Less Security: all banking information is now transmitted in plaintext
They're burglars, not masterminds.
Wish I had some better sources. All I could find from a quick google search is that the market rate for full personal info is $20 -- that is certainly something you can get with email inbox access (which is enough to get Amazon login which would have your full address etc etc)
Keep in mind most services only needs your email address and browser cookies for full access, only banking services etc are 2FA.
I only lock my phone in case it's lost or stolen, I don't lock it to keep the government out of it, since pretty much everything on my phone is available in Google's Cloud services (except for my password protected password manager), which the feds can gain access to with a valid search warrant.
The general public is mindless to the extent of surveillance and the aggregation of that data, the vast majority are certainly unaware of the possible unintended consequences of wanton disregard for the 3rd, 4th and 5th amendments. Only a third of Americans can even name all three branches of government, to believe they're informed on matters they don't understand on a technical or philosophical level is badly overestimating the American Public.
The 'actual problem' seems to be in the selection/delegation process. The minority that is currently in charge has framed the question as that of "safety and security" vs liberties ("freedoms"). The corporate media (aka "journalists" and "free press") is more than happy to support this thesis. The "people", lets be frank here, were never expected to be a nation of Jeffersons. And it is unreasonable to expect them to be astute techno-political scientists carefully weighing various implications of technology and policy.
Other unelected minorities -- corporations such as Apple, Google, Facebook, ... -- could by fiat choose to only offer goods that preserve our liberties. They chose not to do so and arguably they are not under an obligation to do so. (Note arguably.)
Other unelected minorities -- technologists that work for the above -- have also elected to lend their talents to produce these systems, platforms, and devices that erode our liberties. Again, arguably they don't really have much choice in the matter, as we all must pay the proverbial rent.
So, imho, beyond the cliche that 'a people deserve their government' (which is a congenital defect of a political body), there remains the framework that was intended to select the best and brightest minority that would be entrusted with carefully considering various options. It is this framework that is currently broken. I accuse our so called "free press" for a playing a substantial role in the dysfunction of our political system.
There are other responsible parties for sure, but the press and media play a critical role in knowingly confusing and frightening the majority -- a role known as agitprop in the USSR.
[edit: noop cleanup]
The free press is not objective, or benevolent, or ethical. Yes, parts of it may have started that way, but today's free press is merely free, in that it can and will say anything, within legal bounds. It ends up saying whatever gets the most eyeballs.
We need a better way to disseminate factual information to the public. Sadly, I have no idea how to do that.
https://theconversation.com/ has African, Australian, French, UK, US and global versions (but the African, US and global editions seem not to be donor-funded), Creative Commons licensing, and no advertising (but it does have sponsors).
I wonder how it would cope with a billion readers.
Elected, yes. Thoughtful and responsible depends on your point of view. For example: there is a substantial contingent of people in the U.S. that want the country to be a Christian theocracy. (Most of these people believe that this is how things used to be, and they want to return to those halcyon days.) And so, unsurprisingly, these people vote for representatives who they think will advance that goal. So, for example, is Roy Moore "thoughtful and responsible"? If you're a member of this contingent then you probably think he is. If you're not, then you probably don't.
Likewise, there is a substantial contingent of people who are scared witless at the thought of terrorism, and think that it's worth trading in the odd civil right to insure that terrorists are not "free" to plot our destruction unmolested. There is a substantial contingent of people who are unrepentant racists who think black people are less than human and the root of all evil. Likewise for Muslims. All of these people not only don't care when "the bad guys" have their civil rights violated by the cops, they think it's a feature. They see the cops as courageous defenders of their point of view against the corrupting influence of pluralism and wussiness. The vaguaries of our electoral system make a difference at the margins (e.g. by gerrymandering) but none of these things would be possible if there were not millions of people who thought that it was good and proper.
The irony is that by blaming the system instead of acknowledging that the outcomes we see are the result of democracy working exactly as intended you are actually contributing to the problem, which is that everyone retreats into their echo chamber and spends their energy vilifying anyone who doesn't agree with them instead of working constructively to figure out how all 7+ billion of us are going to get along on this little planet.
But I am not blaming the system.
I pointed out bad faith actors in the system, which in my view, are contributing to the dysfunction of the process, and have poisoned political discourse in this nation. I don't remember the exact date when we crossed the threshold but do remember noting a somewhat abrupt introduction of extreme vulgarity and uncivility into televised political shows at some point in 90s.
https://en.wikipedia.org/wiki/Telecommunications_Act_of_1996
The various POVs you mention are noted and point well taken. But were not these strains of thought present in the 80s, 70s, and before? I haven't watched TV in decades, but the few times I am exposed to it by force (visits to family, public spaces, etc.) my skin literally crawls, regardless of which point of view is being voiced. It's like the planet of the vulgarian apes. Don't you think the public that is exposed to this /garbage/ day after day has been conditioned to act in the same manner?
> Likewise, there is a substantial contingent of people who are scared witless at the thought of terrorism, and think that it's worth trading in the odd civil right to insure that terrorists are not "free" to plot our destruction unmolested.
This is the only POV that I find unacceptable. This view -- propagated from on high from -- is the factual "blaming the system". The clear subtext of this manufactured view is that our system is fragile and inadequate in face of enemies and needs corrective measures that alter the very nature of our system. Yes, the people were scared, but it was not the people who pulled the Patriot Act out of God knows where and passed it without even an attempt at deliberation.
They could have been offered other remedies, but were not. They could have been reassured by national leadership that we can prevail without disfiguring our national character, but were not.
Americans torturing and torture shows on cable TV.
Disgraceful.
Honestly, I've been finger-wagged out of an opinion or two, so "never" is too strong. Frankly, I challenge you to name any form of "political discourse" that regularly changes opinions. In my experience political discourse in general rarely accomplishes anything other than preach to the choir and cause opponents to dig in.
You were certainly wagging your finger at a fingerwagger.
You wrote:
> The 'actual problem' seems to be in the selection/delegation process.
That sounds like blaming the system to me.
(In case you're interested, Pierre Sallinger touches on the post '72 role of the media in the selection process in his 1995 c-span interview: https://www.c-span.org/video/?67372-1/ps-memoir [edit: jump to 44:56])
> The 'actual problem' seems to be in the selection/delegation process.
One has long suspected the insidious idea that the Founders etc. did such a Good Job that we mustn't criticize any current incarnation of the institutions and traditions they created. One used to hear this silly idea from "strict constructionists", but recently it seems to come mostly from devoted supporters of the status quo.
I'm sure part of the reason non land owners, slaves, women, etc. were not allowed to vote was in order to keep a certain group in power, but there have been many writers who correctly predicted what happens when everyone is allowed to vote:
"A democracy can only exist until the voters discover that they can vote themselves largess from the public treasury."
The fact that you have something like 1/2 the citizens working and subsidizing the other half, along with our 24 hour news cycle that cannot be trusted anymore than Pravda at its worst, and I think we will probably look back and realize allowing everyone a vote is a bad idea, or no better than a monarchy or some other rule by a select few.
Not that I have a better idea, though
What states include being educated as an input to their voter eligibility determination?
(Anybody got ready access to med school cadavers with the fingerprints intact?)
Unless by rubber hose cryptanalysis. Still better than being compelled to produce one's finger, though ;)
Counterexample popped in my head was parents with a belt asking for iPhone unlocked. Still has respectability, law, and order in most places. I wonder if there are other counterexamples.
They can be fooled reasonably well (well enough to fool an iphone) with pretty simple techniques. For details, search for a bunch of articles from 2002 referencing Tsutomu Matsumoto's work.
> it can't be recorded by cameras
Well... http://www.theregister.co.uk/2014/12/29/german_minister_fing... https://news.ycombinator.com/item?id=12611155
http://www.forbes.com/sites/thomasbrewster/2016/10/16/doj-de...
Your GPS location data is another good one. Hypothetically speaking, would you really want the public, which contains some seedy characters mixed in with the "normal" people, to see the route you take to drop off/pick up your daughter at school, making her easy pickings for a kidnapping?
There's more than just the websites you browse and the people you talk to on your phone. It's a digital vault of every move you make, every question you ponder, every person you've interacted with, every store you shop at. Your banking data is there, your stocks, your hobbies, your bursts of anger, your outlook on life, your loved ones' and associates' addresses and contact information.
In short, you hurt more than yourself by exposing your private data, whether to the public at large, the government, or commercial entities seeking to hoover it up for advertising revenue. It's your responsibility to keep it private.
Depending on who is in power in your area, that could change very quickly. If you're of the wrong race, someone like Donald Trump might use three-letter agency-collected data to move you out of the country. Foreign states might want to use your identity to get cheap health care for their citizens.
Immigration policies, substance legal statuses and acceptable social practices and attitudes change overnight. Someone could spam with you child pornography and border officials could find it in your phone at the border.
Furthermore, you don't know what you're going to do with the rest of your life and how the decisions you make now could be perceived in the future.
Maybe someone's watching your house, keeping track of when you're not home. Or maybe they're using your phone patterns to do the same: Checking your phone when you're in the gym, in the bathroom at a restaurant.
And any of these scenarios could be used to threaten you or someone you care about. Did a neighbor ask if you could babysit their children when they're away? Did your aunt admit she has a mental disorder that could get her fired? Did a friend reveal he has a substance abuse problem? Did your elderly parents send you copies of official financial documents to review? Ever looked for a "questionable" book on Amazon?
Furthermore, if you're not following proper safety practices, you could be a liability for future business partners. Who wants to risk sharing data with someone who's loosey-goosey about the info on their systems?
In conclusion, it's not just you, right now that bears thinking about. It's everyone in your social circle over the long-term future.
The police asks you to surrender you phone. Telling "you have nothing to hide, you shouldn't mind" and you respond with "It is not up to decide if I have something to hide"
Or, your friend is arguing for letting the police see their phone because your friend has nothing to hide. Your friend says "I have nothing to hide". But you respond with "It is not up to you if you have nothing to hide, so you shouldn't have that attitude".
Assuming you meant the second, what is the reasoning behind it?
It's not implausible.
I'm not saying I personally agree, I'm saying I can respect it.
At least, if they can't unlock the phone, then they even have to worry about the evidence they fabricate as you might have something that counters it on the phone.
If the authorities are seeking to blame or frame or shame... suddenly you have everything to hide.
I do not carry a phone though.
These reference what can be requested/forced during court proceedings. Do you have any examples that support the statement you made?
Sadly, I disagree. If I'm in a foreign country and I want legal advice I'll ask the local bar (or equivalent) about my rights. I'm simply not going to unlock my phone or incriminate myself just on the word of law enforcement.
I don't do anything criminal, this is about respect. If they feel I have done something wrong it's for them to prove it. I'm not going to do it for them.
How will you contact the local bar equivalent in this situation?
Even without the time pressure of a connecting flight, you're not exactly going to tell the police "hang on, wait until I google to see who I should contact, and then let me give them a call. Then I will see if I will comply with your order or not"
I know it's a snarky question because there is no way to phrase it without being so; but I honestly don't understand the reasoning behind 'convenience features are worthless/I turn them off because they're not 100% secure against [some powerful actor] that might hypothetically want to look at my phone'. I mean, they can get comms metadata from carriers; speech comms content from wiretaps; email content through subpoenas (minus those you encrypt with client-side tools, a major pain to do on a phone anyway). If you're going to run a coke line from South America or plan to overthrow the government or conspire to bomb immigrants, you're better off not using any such obvious electronic communication tools in the first place. So what's your reasoning?
He may not be someone the government is interested in right now, but as is clear in the case we all are discussing, the government is on a fishing expedition, seeking to unlock a non-suspect's phone in the hopes of making a suspect out of them. That's some 1980s USSR shit right there, and it's disheartening that our government is trying to become what they once fought against. They can get a warrant first, or they can get bent.
To put it another way, you don't want your neighbor poking around in your garage looking for something she can report to the fire marshal "just because", even though you're pretty sure there's nothing she can call out, so you keep your garage locked.
"If you've got nothing to hide..." - right?
> I mean, they can get comms metadata from carriers; speech comms content from wiretaps; email content through subpoenas (minus those you encrypt with client-side tools, a major pain to do on a phone anyway).
All of those things need to have their case present in front of a judge. And that is infact a major difference.
"Cao told Quartz that the spoof worked on the iPhone during an earlier attempt, but it didn’t work when he tried to replicate the result for the technical report. “We unlocked it at the start of the project, but when we prepared the report, I could not unlock the iPhone. I used the same protocol and method. I’m not sure why it didn’t unlock,” Cao said."
I wouldn't exactly say this was a slam dunk then, eh? Seriously I'd like to know if someone can reproduce the exploit on film using non-exotic materials or process (ie, no latex glue or pre-existing high-resolution images). Of note, if feds can get fingerprints through existing paperwork, why do they need a seek a warrant for this?
It's less work if the judge will approve it.
The first thing that comes to mind for me is the Apple patent on recognizing a fingerprint anywhere on the phone's surface, and using that in combination with Android-style lock screen patterns. A lock screen pattern isn't nearly as secure as a full password, but it could serve a similar legal role.
[p.s. this should be relatively trivial to roll out in a patch by Apple.]
There may be 4th and 5th amendment arguments, too
Philosophically and legally I am firmly convinced that we should treat information, and therefore data, as an extension of consciousness. Information is only meaningful because we have the conscious capacity to interpret it; digital data is a "memory aid", a tool we use to expand our everyday capacity to interact with information. Data is not analogous to a physical object; any discussion about ownership, or transfer rights (and so forth) is inherently based on a flawed premise.
Directly descendant from that argument is that privacy is irrelevant, that instead, individual agency is what matters. Privacy is a decision not to share information, but that means privacy is only possible given the agency to make that decision. Any serviceable definition of information agency implies, at the very least, having control over the creation, retention, and sharing of data, which is so much more than privacy. And when you start looking at it that way, it becomes clear that our conversations around incidents like OP's link should happen around the fifth amendment, and not the fourth.
When I talk to tech people about this, they (typically) emphatically agree. When I talk to lawyers about it, their response is much less enthusiastic: "That's an interesting perspective, but it's not really supported by existing case law." If all we're doing is piling technical circumventions on top of bad policy, we're stuck in an arms race. What we need is a shift in legal attitudes towards information; that's the only sustainable outcome here. We need a cogent legal and philosophical argument, one rooted in existing, accepted principles, that makes a solid case for a new paradigm surrounding data.
The government is on a "fishing expedition" -- obtaining a warrant to search the phones so that they can (hopefully) find evidence. As mentioned in the article, it doesn't work that way (they're going about it backwards).
So... how often are you actually in a situation like that? You know, police with a search warrant.
Or, do you feel that there is a reasonable possibility that will happen to you?
Also, how does that work? Customs officer asks you to touch-unlock your phone.
You say, no I have a pin code!
And then they say, oooh then, nevermind, please proceed?
That does not make sense.
Or a configurable timeout, rather than the apparently hard-coded 48 hours.
Or ask for a PIN if the phone's radio detects many more other radios in the vicinity than a few minutes ago ("Because you might be under duress, please enter a PIN now.")
Or if a phone has been sitting on a flat surface for a while, require a PIN.
Or require a PIN if the phone is tapped with a duress code ("Shave-and-a-hair-cut"). Could be pretty subtle.
Countermeasures like this are useful both against thieves (who might want to unlock your phone and get access to your accounts) as well as against state actors (ditto).
More generally, if this is important to you, make sure you know under what circumstances your phone will or will not consider a fingerprint sufficient. Also, you should check whether the error message betrays any information. If you try a fingerprint when it requires a PIN code, does it say the same thing for a known and an unknown fingerprint?
> For that reason, the warrant authorizes the seizure of ‘passwords, encryption keys, and other access devices that may be necessary to access the device,’” the document read.
So the "power off the device, now it's a password" seems to be something they were prepared for. The article is unclear as to whether or not this was granted, but if so it'd be seemingly unprecedented.
I'm not sure if fingerprint scanners have been defeated using ink prints yet, but it's just a matter of time, I suspect.
Fingerprints are established as identification, which makes them necessarily not private/secret.
This would also help them remember their pin which people can forget amazingly easily... It can be weeks between using it on iOS.
> For that reason, the warrant authorizes the seizure of ‘passwords, encryption keys, and other access devices that may be necessary to access the device,’” the document read.
;)