623
submitted 10 months ago by L4s@lemmy.world to c/technology@lemmy.world

Suspects can refuse to provide phone passcodes to police, court rules::Phone-unlocking case law is "total mess," may be ripe for Supreme Court review.

you are viewing a single comment's thread
view the rest of the comments
[-] pineapplelover@lemm.ee 45 points 10 months ago

Shut down your phones so they can't uze biometrics on you

[-] trash@lemm.ee 23 points 10 months ago

Android also has a Lockdown mode that will disable biometrics until you unlock with the pin.

[-] tabular@lemmy.world 4 points 10 months ago* (last edited 10 months ago)

How many digits is the pin? Can you try all codes?

[-] lolcatnip@reddthat.com 8 points 10 months ago* (last edited 10 months ago)

Pins are pretty damn secure because after too many wrong guesses the phone will start making you wait a long time between attempts.

OTOH, as a point of reference, Microsoft requires an 8-digit pin on phones that can access comment resources. It was 6 until very recently, though, so that's probably fine if you're not a target of corporate espionage.

[-] uriel238@lemmy.blahaj.zone 3 points 10 months ago

What makes it secure is the master key in a TPM which is considerably longer than four digits and can only be accessed by for digits in under twenty attempts.

Hypothetically.

Some TPMs are allegedly backdoored by their manufacturers (e.g. Microsoft), and regardless of the original intent of these backdoors they're now accessible through cracking software to which some law enforcement departments have access.

Then, if a government department really, really wants to get into a phone, the TPM can be cracked with a tunneling electron microscope, but this process is still slow, expensive and requires an expert.

[-] lolcatnip@reddthat.com 1 points 10 months ago

I don't know about the key length of a TPM. If I had to guess I'd say something like 256 or 512 bits, or even 1024. But I was just addressing the PIN the user might type in to unlock their phone. That's something the user can control, and it provides plenty of security against naive brute force attacks by people not sophisticated enough to disassemble the phone. I assume that group includes the majority of police departments and any cop whose main work is outside of a lab.

[-] uriel238@lemmy.blahaj.zone 1 points 10 months ago

Here in the states, in municipal precincts, we can expect they'll have some phone cracking software on hand, so if your TPM is backdoored, your PIN isn't going to matter much. If yours is an early phone (notoriously the iPhone 5, I think) that doesn't have a TPM, then it might be susceptible to exploits that lift the limits of tries, in which case a four digit PIN can be cracked by a machine using brute force.

[-] Natanael@slrpnk.net 1 points 10 months ago

Usually 128 or 256 bit root keys for symmetric keys, almost always 256 bits for ECC for asymmetric keys these days (used to be RSA between 1024 and 2048 bit)

[-] brunofin@lemm.ee 6 points 10 months ago* (last edited 10 months ago)

It depends, you can pick it. It can range from a simple 4 digit numeric PIN to a full blown alphanumeric with symbols password text field. But I guess the most common is that grid gesture thing, which in some phones you can also customise the size of the grid itself. All these options work as the default fallback to biometrics.

As far as I know as well, you are required to input your pin/password/gesture after a long period of inactivity, after X days, and after a reboot, before being able to use biometrics again.

[-] Natanael@slrpnk.net 1 points 10 months ago

Default is between 4-8 (your choice) and you can set a password too

[-] trash@lemm.ee 1 points 10 months ago

I personally use 10 digits.

[-] SulaymanF@lemmy.world 1 points 10 months ago

As does iOS for over a decade now.

[-] soggy_kitty@sopuli.xyz 6 points 10 months ago
[-] Asudox@lemmy.world 13 points 10 months ago

He sounds like android just got this feature.

[-] Rai@lemmy.dbzer0.com 4 points 10 months ago
[-] guacupado@lemmy.world 2 points 10 months ago* (last edited 10 months ago)

On Reddit, people say "Redd say Apple bad." Maybe it's not Reddit or Lemmy. Maybe it's just people in general. I have an iPhone, I just hate that stupid response "On X platform, people hate Y" and they say it on every platform.

[-] Rai@lemmy.dbzer0.com 2 points 10 months ago

I don’t care about Reddit, though? I’m just making a statement that there’s a heavily anti-Apple sentiment on this platform.

[-] Appoxo@lemmy.dbzer0.com 1 points 10 months ago

First you'd need to activate it.

this post was submitted on 16 Dec 2023
623 points (99.4% liked)

Technology

59066 readers
4390 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS