Trick is not to use your right index finger as a biometric unlock finger (the button sits on the top right corner of the keyboard). If you are "forced" to unlock, the agents will guide your fingers and probably try that first 2-3 times. 2 more tries, and fingerprint reading gets disabled. Quite good odds.
One is knowledge the user has, and the other is a physical key they own.
Providing your 'finger' to unlock a device is no different than providing your 'key' to unlock something. So you can be compelled to provide those biometrics.
Compelling you to reveal a password is not some *thing* you have but knowledge you contain. Being compelled to provide that knowledge is no different than being compelled to reveal where you were or what you were doing at some place or time.
That is genuinely the current state of law, yes. There's no real logic at work, just attempts at clawing back control whenever a new gray area appears.
Yes the difference come from a close parsing of the 5th amendment, telling cops the password or code for a device or safe is pretty clearly compelling speech and adverse testimony while allowing cops to gather fingerprints and DNA has long been held as allowed so biometrics were analogized to that. It's also similar to the rule that cops can't force you to tell them the code to a safe but they're allowed with a warrant to destructively open the safe (if it falls under the terms of the warrant). Combine those too legal threads and it's at least reasonable to see how that line gets drawn from previous rulings.
It's interesting because the latest Cellebrite data sheets showed them to support all iPhones including e.g. unbooted, but apparently not lockdown mode? It also showed they hadn't cracked GrapheneOS.
Wait, was this an oversight on his part about the biometric unlock? My MacBook biometric gets disabled after a bit and requires a password if the lid was closed for substantial amount of time.
Does anyone know if iOS in lockdown mode stops syncing mail, imessage, call history etc to your other apple devices? I am wondering if reporter's stuff was all synced to the non lockdown MacBook from the iPhone
The warrant is the force, current jurisprudence largely says warrant do compel people to provide biometric unlocks because it's not speech the same way giving up a password/passcode would be. Blocking or not complying with a signed warrant from a judge is it's own crime and the only safe way to fight them is with a lawyer in court not with the officer holding the paper (and gun/taser/etc with the power of the state behind them).
What do you think warrants are? You think they get a warrant and they say, "Can you put your finger on the device?" You say, "No," and that's it? If all they wanted to do was ask you, they would just ask you without the warrant.
If the police get the warrant you either allow them to take it or you face an obstruction charge. The only safe way to fight a warrant like that when signed is after the gathering is done in court or at trial.
Touch ID allows only limited attempts, so odds are the FBI wouldn't just try to wrestle her to attempt different fingers on the spot even if they were allowed to do so.
`hnrayst` seems to be another AI (?) bot account created in 2022 with only two comments, both being in this very thread we're in today:
https://news.ycombinator.com/threads?id=hnrayst
Something weird is going on at Hacker News recently. I've been noticing these more and more.
[dead]
Takeaway is to not enable biometric unlock if you are concerned about your data being accessed by authorities.
Trick is not to use your right index finger as a biometric unlock finger (the button sits on the top right corner of the keyboard). If you are "forced" to unlock, the agents will guide your fingers and probably try that first 2-3 times. 2 more tries, and fingerprint reading gets disabled. Quite good odds.
This has long been true. In a pinch you can mash the power button 5+ times to require a key code at next unlock.
Also, on iPhone, if you have face ID turned on, you can hold power+volume down (may differ depending on model) to force a passcode.
3 replies →
So in america, they can force you to use a biometric but they can't compel you to reveal your password?
I mean, i agree with you, but its a really weird line in the sand to draw
One is knowledge the user has, and the other is a physical key they own.
Providing your 'finger' to unlock a device is no different than providing your 'key' to unlock something. So you can be compelled to provide those biometrics.
Compelling you to reveal a password is not some *thing* you have but knowledge you contain. Being compelled to provide that knowledge is no different than being compelled to reveal where you were or what you were doing at some place or time.
That is genuinely the current state of law, yes. There's no real logic at work, just attempts at clawing back control whenever a new gray area appears.
5 replies →
> So in america, they can force you to use a biometric but they can't compel you to reveal your password?
I don't get it, touching finger is easy, but how do you compel someone to reveal their password?
6 replies →
Pretty much.
Something you are: can be legally compelled Something you have: can be legally compelled Something you know: cannot be legally compelled
1 reply →
Yes the difference come from a close parsing of the 5th amendment, telling cops the password or code for a device or safe is pretty clearly compelling speech and adverse testimony while allowing cops to gather fingerprints and DNA has long been held as allowed so biometrics were analogized to that. It's also similar to the rule that cops can't force you to tell them the code to a safe but they're allowed with a warrant to destructively open the safe (if it falls under the terms of the warrant). Combine those too legal threads and it's at least reasonable to see how that line gets drawn from previous rulings.
Germany does the same thing too . They can force you to unlock via faceid/biometric but can't force you to enter password.
It's interesting because the latest Cellebrite data sheets showed them to support all iPhones including e.g. unbooted, but apparently not lockdown mode? It also showed they hadn't cracked GrapheneOS.
Wait, was this an oversight on his part about the biometric unlock? My MacBook biometric gets disabled after a bit and requires a password if the lid was closed for substantial amount of time.
Does anyone know if iOS in lockdown mode stops syncing mail, imessage, call history etc to your other apple devices? I am wondering if reporter's stuff was all synced to the non lockdown MacBook from the iPhone
They usually ask you to enable lockdown mode on all your devices for advanced protection, even though you can skip it if you want.
Yeah.
This reporter very likely knew who she was dealing with. For users like her, everything is likely locked down and she probably didn't do much sharing.
I'm thinking that, to her, her sources would be probably one of the most important things in her life to protect.
https://support.apple.com/en-us/105120
Looks like lockdown mode is focused on blocking inbound threats, not the sharing of data from the device.
I can't imagine it would. The accounts don't flow through the phone you're just logged in to them on both devices.
> (forced her finger on Touch ID per the warrant)
Can anyone link a source for this? I’ve been seeing conflicting claims about this part.
https://news.ycombinator.com/item?id=46886694
I understand that it’s within the law. I’m looking for specific evidence that this is what happened in this specific case. Not conjecture.
> forced her finger on Touch ID per the warrant
She was not forced, and the warrant does not state that she could be forced. The warrant, almost certainly deliberately, uses far milder language.
The warrant is the force, current jurisprudence largely says warrant do compel people to provide biometric unlocks because it's not speech the same way giving up a password/passcode would be. Blocking or not complying with a signed warrant from a judge is it's own crime and the only safe way to fight them is with a lawyer in court not with the officer holding the paper (and gun/taser/etc with the power of the state behind them).
What do you think warrants are? You think they get a warrant and they say, "Can you put your finger on the device?" You say, "No," and that's it? If all they wanted to do was ask you, they would just ask you without the warrant.
I think you should simply try to read the warrant in question.
5 replies →
By definition a warrant is force backed by state violence
You’re saying she complied willingly?
If the police get the warrant you either allow them to take it or you face an obstruction charge. The only safe way to fight a warrant like that when signed is after the gathering is done in court or at trial.
7 replies →
Sounds like it, yeah.
Touch ID allows only limited attempts, so odds are the FBI wouldn't just try to wrestle her to attempt different fingers on the spot even if they were allowed to do so.