Oddbean

Cops can force suspect to unlock phone with thumbprint, US court rules Ruling: Thumbprint scan is like a "blood draw or fingerprint taken at booking." "The US Constitution's Fifth Amendment protection against self-incrimination does not prohibit police officers from forcing a suspect to unlock a phone with a thumbprint scan, a federal appeals court ruled yesterday. The ruling does not apply to all cases in which biometrics are used to unlock an electronic device but is a significant decision in an unsettled area of the law." #cybersecgirl #privacy #law https://arstechnica.com/tech-policy/2024/04/cops-can-force-suspect-to-unlock-phone-with-thumbprint-us-court-rules/

"Yesterday's ruling from the 9th Circuit also rejected Payne's argument that California Highway Patrol violated his Fourth Amendment rights. The Fourth Amendment dispute involved a special search condition in Payne's parole "requiring him to surrender any electronic device and provide a pass key or code, but not requiring him to provide a biometric identifier to unlock the device," the ruling said."

Didn’t know anyone thought this was unsettled. I’ve been bringing it up for years. Biometrics are not covered by the fifth. Passwords are. And a parolee does not have those rights to begin with. Consenting to a search at any time is a condition of parole. The Supreme Court has already ruled parolees are technically still incarcerated.

Unfortunate. Part of me would not be upset if they limited this power to only cases of suspected kidnapping or murder. If opening a suspect’s phone led to a victim being rescued or murderer being caught, then I wouldn’t be mad. However, I do understand the repercussions of a ruling like this.

Most devices require a password or passcode upon first startup so that would be fine. But it would be an issue if you had already logged in once, which they could force fingerprint or facial recognition authentication.

Yup. Well said. And another reason I love #GrapheneOS. Auto-reboot function puts the phone back into BUL (before unlock) mode so if your device is taken, it's only a matter of time before it reboots into BUL mode. And there's lockdown mode if you think your phone might soon be taken. Just longpress on the power button and choose lockdown and the phone will go into BUL state. Afaiu there are also some other things like a duress feature where you enter a different unlock pin that will erase the contents of the phone. I also highly recommend setting up PIN scrambling to mitigate against "over the shoulder" pin extraction :)

Lockdown only locks the device and disables fingerprint as an unlock method for the next lock. Data is still not at rest and remains in AFU. If you're using a user profile then the End Session button (GrapheneOS feature) purges keys and puts that specific user profile back at rest / in a BFU state! It's just a frill to prevent someone unlocking your phone with your finger while you sleep or something, it doesn't prevent much, may be possible to rename or remove this upstream feature to avoid misleading people. Chain of custody and device seizure processes typically instruct the device needs to be contained in a faraday bag as soon as possible and sent to a lab handled by a professional. Keeping a phone in the open exposed to any networks is very bad for them as it means someone could erase the device remotely. Labs can come in different degrees of capability and they can be moved to better labs if the current lab fails to extract evidence. Good example is a local PD to an FBI lab. Some may be instructed to go directly to higher levels. I'm aware the FBI has a few national labs called Regional Computer Forensics Laboratory (RCFL) who get involved with serious crime seizures or more advanced/risky seizure targets. They do some pretty weird stuff! By that time the phone moves to a lab the auto-reboot should have triggered unless you're so high priority they make the move to a lab and ask for that fingerprint on the same day. If they are aware of the nature of the device, they could try getting to work immediately in a portable lab as well which changes the circumstances... but they would need to know you're using GrapheneOS. FBI do a lot of surveillance work so they'd watch you to make sure they can figure out your PIN. Using a fingerprint protects this from happening. The duress PIN / password is in the works, and also work towards a second-factor PIN for fingerprint unlocks have been quite steady and is heading towards the late stage. It's likely to combine these features too. While they are good benefits, it also means that they will treat the device differently if they know this feature is present on your phone before they get it. They won't make you touch the device at all, but with auto-reboot that could also be a blessing.

@final [GrapheneOS] 📱👁️‍🗨️ Thank you for the clarification. I agree, it would likely be good to rename it or just have it actually perform an end session lockdown, and yes 💯 a Faraday bag is a must. Looking forward to the duress feature :)

*note: surveiling a target to know their PIN isn't really something they usually do because they usually expect the device they seize to be exploited and brute forced open... Think a Ross Ulbricht degree of suspect, you'd need to be known as high-profile, high-risk. How you act on that depends on threat model. They know about GrapheneOS so if I was in their shoes this would be my go-to for a GrapheneOS user every time... but it's not.

Also, USB-C port controls to disable the port or it's data transfer lines. Possibly the biggest feature against a physical threat except autoreboot. You could write about almost every feature/enhancement we have and an example on how it protects against a forensics threat. 🤔 Well, I could anyway.

Disabling entirely is an extreme move of course... but the option is there for the extreme people 🤔. Charging still works when off or in bootloader modes like Fastboot. I find myself using Charging-only the most. Future Pixels are *alleged* to have Qi2 wireless charging with magents, if it's true then then someone could charge with that and never use the port at all, and since it's magnetic you shouldn't need to stop using the device to charge it.