this post was submitted on 16 Oct 2024
97 points (97.1% liked)

Privacy

1136 readers
91 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 1 year ago
MODERATORS
Ategon
danielintempesta
97
Police want the password to your phone (reason.com)
submitted 1 day ago by [email protected] to c/privacy
37 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 1 day ago (2 children)

Vaguely recall reading about a way to set your phone with two PINs, your normal one, and a security one that's like a completely separate user account. So just install some BS apps on it, take some photos, and give that PIN when you need to.

[–] [email protected] 25 points 1 day ago (1 children)

Interesting idea!

A bit different, is the Duress Password from GrapheneOS:

GrapheneOS provides users with the ability to set a duress PIN/Password that will irreversibly wipe the device (along with any installed eSIMs) once entered anywhere where the device credentials are requested (on the lockscreen, along with any such prompt in the OS).

The wipe does not require a reboot and cannot be interrupted.

Features: Duress - GrapheneOS.org

[–] [email protected] 7 points 1 day ago (3 children)

I am not a lawyer, always consult with a lawyer in your local jurisdiction.

I believe giving a duress password to the police, which destroys data, will definitely be a crime, destruction of evidence at the minimum. Or obstruction.

I'm all for having a duress code, I just want to be clear about the trade-offs

[–] [email protected] 5 points 23 hours ago (1 children)

Perhaps one could set the duress pin to something easily guessable if they were worried about a brute force

[–] [email protected] 3 points 23 hours ago

That's a great idea

[–] [email protected] 2 points 1 day ago* (last edited 1 day ago)

The way around this could be a duress profile where it deletes everything on the phone except a premade profile with a few apps installed and a picture or two.

[–] [email protected] 4 points 1 day ago (2 children)

The burden is on them to prove that I didn't confuse my two passwords accidentally. I have SO many passwords, officer. Silly me.

[–] [email protected] 6 points 1 day ago

Only in theory... most likely they will load you up with at least 5 federal charges and offer you a Faustian plea bargain where you admit guilt to avoid a lifetime in jail.

Now if you had a list of codes in your wallet, one of which was a duress code... it's not your fault they tried the code while you exercise your right to remain silent.

[–] [email protected] 3 points 1 day ago

i tried to share an article from a decade ago of a man who used a defense like this and the judge held him jail in contempt for several years; but both the internet or i have have a short memory and my only point was to be prepared to spend a couple of years behind bars if you do this and have a shitty judge (like most are).

[–] [email protected] 3 points 1 day ago* (last edited 1 day ago)

That’s been around for awhile on the PC encryption side under https://veracrypt.eu/en/Hidden%20Volume.html