Further advice regarding civil disobedience:

LEAVE YOUR PHONES AT HOME. Write down some numbers in case you get arrested—or better yet, memorize them. There are journalists there for documenting. And there will be plenty of other people that don’t follow this advice. Leave anything they could use as leverage over you and your cohorts away. Don’t bring ID. Don’t bring anything except what you need for the action. It’s not worth the risk.

ETA: also, any of you with a new car? DONT DRIVE THAT SHIT TO ANY MEETING OR PROTEST. They’re spying on you. Don’t post about it. Don’t use any unencrypted messaging service to coordinate it—WhatsApp is not safe. Signal and probably some other less common ones are the only ones safe enough. Ride a bike there, stash it in a conveniently hidden spot. Bring a change of clothes, plan escape routes, plant the change of clothes either hidden on your escape route or wear them under your plain clothes. Cover tattoos. Leftist activists are not safe. And literally the rest of your life could depend upon how well protected you have made yourself.

https://www.theguardian.com/us-news/2022/feb/10/felony-charges-pipeline-protesters-line-3

So many states have pretty quietly passed laws to make you a felon for protesting. Even peacefully. And to make you a fuckin corpse. In the south especially, a few states were writing “go ahead, run over any protester in the road” laws.

Be smart. Be safe. Have a plan. Have a contingency plan. This isn’t “fuck around with the blunt end of the justice system and find out” territory, in 2024 US, it’s time to be as safe as you can while doing what’s right. Because doing what’s right is criminalized. Heavily.

Last week, the 9th Circuit Court of Appeals in California released a ruling that concluded state highway police were acting lawfully when they forcibly unlocked a suspect’s phone using their fingerprint.

You can turn that and Face ID off on iOS by mashing the power button 5 times- it locks everything down.

The article pretty plainly says the guy was coerced into entering his password. So the headline feels a bit manipulative.

FYI Androids have a feature for this. If you are ever forced to interact with a cop you can press the side button and volume up(might be different on other phones) to select lockdown which will force your phone to only be opened with the password. Its gross that we need this feature, but now you know.

Maybe don’t live in a fucking dystopia. The US is a police state and you have no freedom left.

Terrible article. Even worse advice.

On iOS at least, if you’re concerned about police breaking into your phone, you should be using a high entropy password, not a numeric PIN, and biometric auth is the best way to keep your convenience (and sanity) intact without compromising your security. This is because there is software that can break into a locked phone (even one that has biometrics disabled) by brute forcing the PIN, bypassing the 10 attempts limit if set, as well as not triggering iOS’s brute force protections, like forcing delays between attempts. If your password is sufficiently complex, then you’re more likely to be safe against such an attack.

I suspect the same is true on Android.

Such a search is supposed to require a warrant, but the tool itself doesn’t check for it, so you have to trust the individual LEOs in question to follow the law. And given that any 6 digit PIN can be brute forced in under 11 hours (40 ms per entry), this means that if you were arrested (even for a spurious charge) and held overnight, they could search your phone without you knowing.

With a password that has the same entropy as 10 random digits, assuming no further vulnerabilities allowing them to speed up the process, it could take up to 12 and a half years to brute force it. Make it alphanumeric (and still random) and it’s millions of years - infeasible within our lifetime - it’s basically a question of whether another vulnerability is already known or is discovered that enables bypassing the password entirely / much faster rates of entry.

If you’re in a situation where you expect to interact with law enforcement, then disable biometrics. Practice ahead of time to make sure you know how to do it on your phone.

It's frustrating to no end that fingerprints and face ID are treated like passwords when they should be treated like usernames.

https://analognowhere.com/_/ismegh/

## How to disable Face ID through the Power Off screen

1. Hold down both the Side Button and either Volume Button at the same time for three seconds.
2. The Power Off slider should appear. Tap Cancel.

You actually don't need to hit cancel, you can just hit lock, so you can do this whole thing with your phone in your pocket.

https://appleinsider.com/inside/iphone/tips/how-to-quickly-disable-face-id

This is easier and less intrusive than the lock-button-5-times method because it doesn't start making a phone call that you have to quickly cancel.

On pixel, if you ever need to - press and hold the power button, select "lockdown".

(It might apply to other androids too, I don't know.)

You will now need a pin to unlock the phone. This disables the lock screen shortcut (camera, light, etc) as well.

Why disable your convence features for an scenerio that is not likely and can be quickly and easily be prevented.

Universal: You could also just the tap the sensor with a "wrong" finger a few time, and the pin will be required.

Maybe don't do this one in front the cops...if you find your self in a postion where they are trying to unlock your phone, you probably don't want to piss them off. .

Edit: I'm surprised no one called me out on "if you're ever need to". The sentence was going to be "if you're even in a situation that needs...", but that was getting too long. Forgot to change you're to you.

No.

A stipulation of Payne’s parole agreement was that he be willing to provide a passcode to his devices, though that agreement didn’t explicitly refer to biometric data. However, the panel said the evidence from his phone was lawfully acquired “because it required no cognitive exertion, placing it in the same category as a blood draw or a fingerprint taken at booking, and merely provided [police] with access to a source of potential information.”

These both seem like bad calls. You have a right to privacy, right? And for police to access your files/home/phone tap requires obtaining a warrant.

Fingerprints at booking gives access to public records. Not your own personal private data. Pretty sure drawing blood is justified suspicion of DUI.