With the news of what #Cellebrite is capable of with phones, it's a good reminder that ultimately, you just cannot secure a phone like you can a desktop PC. Sure, some people are able to use a custom ROM but for the majority of people, that's not viable (unfortunately).

While you can certainly lock down your phone and exercise your constitutional rights (NEVER use biometrics), it's far from foolproof. #security #smartphone #FOSS

@FiveEyeTea Interesting - never use biometrics? I'd have mine require a passcode and my fingerprint, but Samsung doesn't seem to offer the option...

@golemwire Yeah, biometrics aren't a good idea if you're interested in exercising your constitutional rights. It's bizarre but biometrics aren't protected under the fourth amendment. Cops can legally force you to unlock a device that uses biometrics. Meanwhile, passwords and PINs are protected because police forcing you to give up your password/PIN can be considered potential self-incrimination (which falls under the fifth amendment).

Follow

@FiveEyeTea I had heard something like that. I'll remember that, thanks.

@golemwire Sure thing. As always, it depends on threat modeling. Biometrics are definitely better than nothing for the average person that doesn't care so much about privacy and freedom, but for those of us who do, it's hard to justify using it except out of convenience.

@FiveEyeTea I like the idea of my devices requiring both a passcode *and* a fingerprint, since fingerprints can't be stolen by "shoulder-surfing" and security footage, and copies of your passcode aren't left on everything you touch (e.g. more or less like fingerprints), and it is hard to force someone to give up their passcode if they *really* don't want to (unlike with fingerprints).

@golemwire Certainly, that would be ideal! I wish we had enough people to push for legislative protections over biometrics because if we did, having a two-factor unlock like that would be fantastic.

Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml