Ask HN: Protecting private data during a robbery.
I've often wondered what would I do during the case of an armed robbery, whereby you're forced to unlock your phone (likely on the street, but it could also happen at home).
One such option would be to have multiple users (which is transparent to the robber, and instead only accessed via a different pin) - one which doesn't include banking, messaging etc, but AFAIK I don't believe this exists (I'm on android (Samsung).
How do the security / privacy conscious folk on here handle this threat?
15 comments
[ 3.0 ms ] story [ 207 ms ] threadWhen I have been in more dangerous places, I’ve tried to do two things: 1) never mindlessly pull out electronics while on the street and 2) have a spare junk phone in my pocket in case anything does happen.
The spare phone is a good idea, unless you get patted down I guess
Start with prevention though - don't have the newest most expensive phone, don't make yourself look like an easy victim (distracted, alone, scared, weak), don't go to bad neighborhoods if it can be avoided, learn some self defense. If armed robbery is really a pressing concern there are options in many places to meet that threat with similar force. There are some criminals that will kill you even after getting what they want. That was happening in my city a while back, and I'm sure it occasionally still does.
That is not something I've heard of or seen, I also can't find it in the settings.
I can find an Fdroid app https://f-droid.org/en/packages/me.lucky.duress/ which looks to implement this idea of wiping / broadcasting on a certain pin press, however the problem is the attacker still wants in to your phone, which is now suspiciously empty
It feels like a second profile with some good enough looking apps may be the perfect solution here.
No need to apologize.
I've not gone the app route because it would need system access I think to intercept the PIN functions. I barely semi-trust the OS provider enough to use the phone at all. It would be nice if they would make that a default feature. There were some discussions here about it in the past. [1]
[1] - https://news.ycombinator.com/item?id=28956477
If you have laptop, you can encrypt it with veracrypt that gives you plausible deniability. Unfortunately it’s not available in LUKS or bit locker. It’s similar to login into a dummy account. Phones could also implement such system, but they haven’t yet. I don’t know if you can hide apps.
Face or fingerprint ID protects some data. The rest, remote wipe, but the thief may not give you enough time.
But they could just ask you for your bank account information!
This can't be trusted.
It’s a fork of TrueCrypt, which was reviewed by an academic cryptographer (Matthew D. Green) a decade ago.