Post
RE: https://infosec.exchange/@Laukidh/116026768953675644
Handy info to iPhone users:
When you go through an airport or meet the police, press the power button and either volume button for three seconds. This puts your phone in a state where it can only be unlocked with your passcode.
So if anyone ever tells you to hand over your phone, you can do this immediately and prevent them from unlocking it with your face.
@randahl I am considering setting up a seperate travel phone to use when going outside the EU. My real phone gets left at home. This phone would have a minimal amount of information in cases of a border check demanding I unlock the phone - I could then just comply without any real risk.
Does anyone have any experience with this?
@randahl on mine it’s just the volume down and power
@randahl better: do not use face ID….
@ZuilenV what do you think is a better alternative?
I do not like using an access code, because if I am in a public space, a thief could see me entering the access cod, then steal my phone and use the code to access it.
If I use face id, a thief can run off with my phone, but he cannot access my data.
This is more inconsistent and erratic on Androids, but usually volume-down and power, held down for a couple of seconds, does activate a screen where "Lockdown mode" can be turned on. If you don't hold them down, the same keypress may instead take a screenshot.
Exit lockdown with your passcode. Biometrics and voice activation are disabled, background apps stopped and notifications hidden while in lockdown.
@randahl
@randahl
In the US, I'd say: You're not getting my phone. There's no search warrant or demonstrable imminent danger. Otherwise, it'll be expensive, gentlemen, very expensive. Smartphones enjoy special protection in USA.
In Germany, all I get afterwards is a "Sorry!"
@randahl iOS settings also allow disabling biometric device unlock while still allowing biometric id for other actions like app logins
A migrant in a tt I watch told about a device that agents plug into a phone and then have full access and may create a complete copy of all the information.
Idk if agents have such a device.
In #Australia it's a criminal offences not to unlock your device.
Punishable by up to ten years in jail.
But then we are a criminal colony....still
@n_dimension only if the police has a warrant. An Australian police officer cannot just walk up to any random person and ask to see the contents of their phone.
Sorry, I meant at border crossings.
@n_dimension wow. So if I come as a tourist Australia requires access to my phone?
Its actually more nuanced (I looked it up) still not good news.
https://www.caldicottlawyers.com.au/border-force-customs-phone-search
@n_dimension glad to see it involves a warrant. Anything less would certainly hold me out of Australia.
@randahl If you use bio-metrics, you've already handed over the keys to someone out there - in the form of a finger print, your facial features, or your eye's (iris) blueprint. This is a false sense of security. People protect their Social Security Number with more vigor than a scanned finger print!
@randahl Or simply not use the face/thumbprint garbage in the first place.
@randahl On current Android phones a long press on the power button gives the option for "Lock down" mode. This turns off biometrics.
@randahl honestly, if someone demanded my phone, not only would I do this, I’d also forcefully drop it on the floor.
No one asks for wallets or purses, why on earth would I even chance someone having access to my entire life via my phone.
The hell with that.
@randahl I don’t use any biometrics but this is good advice for those who do.
