Originally published at: http://boingboing.net/2016/12/05/uk-cops-beat-phone-encryption.html
…
A dead-man’s switch for high-risk users that prompted users to enter a passphrase every five minutes? I can see how that would get old pretty fast.
Not as fast as getting mugged and railroaded would.
Make it a feature that requires a password to deactivate, but can be easily activated if the user believes they’re in danger of losing possession of their phone while it’s unlocked. With the iPhone that’s about the best you’re going to be able to do.
With a truly user-controlled phone you could repartition the memory to hold any sensitive data in a separate encrypted partition you unlock only as needed, but the rest of the memory would be accessible by simply unlocking the phone. For that matter, if I were designing a phone to be truly user-friendly, I’d have a separate physical partition for sensitive data.
Alternatively, require the fingerprint reader (I refuse to call it a biometric sensor until it can perform a nice holographic scan of my spleen) to detect the user to keep it unlocked, instead of just anyone swiping at it.
A phone that only stays unlocked while your finger is on the sensor, immediately locks on removal?
Probably the easiest defense would be a bluetooth “range switch”. A bluetooth transmitter that you wear on a bracelet or carry in your pocket transmits a “stay awake” beacon every 10 seconds. If the phone misses more than 1 or 2, it locks. It isn’t that hard for the cops to defeat if they know what they are looking for, but but it is easy to make a mistake and the phone gets locked.
But honestly, I am not really worried about this sort of attack. This only happens when the police have already decided to arrest you. Either they have already done investigation and have some sort of evidence against you, or they have given up pretending to care about due process and all that – either way, them getting your phone is not the biggest concern. I definitely think there should still be protections – the police should be able to image the phone to prevent encryption, but should require a warrant to search the image if they want to use it as evidence, but on the whole, this is a targeted attack that is much less worrisome than mandated backdoors or mass surveillance. I don’t object to the cops being able to search suspects encrypted phones – I just don’t want to do so in a way that makes everyone insecure, or searching all phones to identify suspects.
So… the cops weren’t smart enough to just change the sleep settings, once they had the phone?
Yeesh, the lengths you guys will go to to keep your dick pics safe…
Also, looks like we need to update or add to this classic xkcd comic.
Came to this thread looking for this cartoon, was not disappointed.
This already exists in some apps as far as i believe but definitely this is the most straightforward way to solve the issue.
That’s pretty much my phone anyway. Wouldn’t help in this situation though.
I’m not sure about an iPhone but with Android + Tasker you could probably rig a dead-man’s switch via NFC, bluetooth, and/or the fingerprint reader. There are advantages and disadvantages to each approach. Some courts have ruled that you can be compelled to bypass fingerprint locks. Bluetooth would only trigger when the paired device goes out of range, which may not have happened in this situation. NFC triggers on things coming into range, so you’d have to emulate losing the connection. If you were paranoid to do this, you wouldn’t want to set up to unlock via NFC alone in case you lost the other device. Can you set up two-factor authentication? (e.g. NFC ring + PIN?)
Alternately, set up a voice command to lock your phone. The police would know what you were doing, of course, but I don’t think they could do anything about it (in the legal sense).
Maybe they’re just adrenaline junkies who love the thrill of the unknown–that at any moment it could go to sleep!
I approve of the “mugging” solution for the police. No demanding extra powers, and it’s something they have to be sure is worthwhile to expend the manpower to implement, with a warrant. Plus, most importantly, the widespread utilization of this strategy really bumps up the tension and drama in detective shows.
Sure, anything’s possible, I suppose.
As he’s being cuffed, he shouts “Siri, wipe my iPhone!”
iOS doesn’t let you set the sleep time to more than 5 minutes (and, obviously, requires the password to change the unlock condition), though you can achieve the same result by playing a video / slideshow / etc. Which, thinking about it, is a security flaw; if the phone hasn’t been touched for X minutes, it should behave as “locked” regardless of whether it’s been asleep. I mean, this particular scenario is rare and hard to get around, but people often leave their phone unguarded around potential jerks.
Which BTW is the way to frame phone security. People don’t fear the government like they should, but everyone is aware of the threat from their spouse / parents / that bitch Shelley etc.
As someone brought up above, there’s a way to have a hidden encrypted partition on a phone and a dummy one. Both use separate unlock codes, one could use the dummy one for calls when out and about to make sure shenanigans like getting the phone snatched. It’s an easier solution than having NFC and whatnot.
Wrist strap attached to the phone case so it can’t be grabbed and run off with so easily?
In Android it’s called “Smart Lock”, I’m assuming it would work fine with my Pebble if I bothered to turn it on.
Nope and nope. I’m running the latest version of iOS, and I can set “Auto-Lock” to a duration of “Never” without having to enter my passcode. My phone’s been on for 20 minutes now.
Didn’t they use this exact tactic to grab Dread Pirate Roberts? Except that was a laptop, not a phone.