Hacker News new | past | comments | ask | show | jobs | submit login

I’m curious, if your phone is locked, were they ever able to demand that you unlock it so they could conduct a search?



They can demand, and you can refuse. However if you have Face ID or other biometric measures, they can (legally) force your finger onto the sensor or hold the phone up to your face to unlock it for their needs.

Passwords are personal data, faces and fingerprints are not, apparently.


>Passwords are personal data, faces and fingerprints are not, apparently.

The rulings you're referring to are based on the Fifth Amendment. They don't involve the privacy rights of the Fourth Amendment. Rather, they treat the act of revealing your password as testimonial: if you say "my password is hunter2", you are testifying; and the Fifth Amendment says you cannot be forced to testify against yourself; so you cannot be forced to reveal your password.

You can scan your fingerprint or face without speaking a word, so those acts are not testimonial, and forcing you to do them would not implicate the Fifth Amendment. Similarly, brute forcing your password, or searching for it written down in your notes, would not implicate the Fifth Amendment.


That’s like saying if my house is protected by a passcode lock, the cops can just break down my door and walk in. Sure, they can, but there are clear rules of when they can enter and search my property without my consent. So, sure, they can enter my phone, but that doesn’t mean they have the right to in the first place.


The comment you’re replying to specifically discusses Fifth Amendment rights. The police would not generally be violating those rights by entering your house without a warrant. That would be a Fourth Amendment issue.

(One might argue that breaking your door without due process of law would be a Fifth Amendment violation. I have no idea what existing precedent says about that.)


Five taps of power button on iPhone disables biometrics until you enter the passcode. I always do this before going through airport security


Android has something similar - in the power menu [1] there's a "Lockdown" button which will lock your phone, disable biometrics, and disable showing notifications until you unlock with password.

Depending on your version and flavour of Android you may need to enable this "Show Lockdown Option" in your settings.

[1] Opening this varies - my pixel is power + vol up, some phones are hold power, etc.


Just holding it down until it shows you the power off slider does the same. Easier to do in a panic.


For Face ID, just close your eyes.


There’s no delay. If it even sees you as you are closing your eyes, it unlocks. My son and I just tested this.


However, if you never actually look at the phone it will not unlock it. It requires your "attention" to unlock. I believe this is a togglable setting.


Then train it to recognize your face with your eyes closed, or winking, then keep both your eyes opened! ;)


Use the most obscure fork of Android possible, learn the most obscure language in Africa and set your UI to that language, ...


They just have to change the language back to English

What's the alternative? The guy paid $1000+ just to get there and spent 3+ hours at customs. Refusing is basically saying "ok I fly back home"


remove English from the OS


People that travel to the US usually want to actually get into the US. Why would they make it hard on themself?


People want to get into the US without having their personal thoughts searched. US citizens also have the right to enter the US without personal thoughts searched.


Nobody I know didn't expect to get searched deeper than they are comfortable with when they planned to enter the US for holidays or travel.

The US is known for giving a fuck about privacy and personal borders. That's literally the one thing they are known for


Nah, you bring a new phone with no contacts other than family and colleagues on it.


> Use the most obscure fork of Android possible

Why Android? Try GNU/Linux with SXMo instead: https://news.ycombinator.com/item?id=39155103


That sounds like a good recipe for getting pulled for secondary screening


Screen for what?

"Why do you use this OS"

"I like the OS"

"Why do you use this language"

"I like the language"

"Why did you buy GME shares"

"I like the stock"


Aaaaand with the bootloader unlocked, they'll just grab the Cellebrite and/or call up Cellebrite Professional Services for remote unlock assistance.

https://cellebrite.com/en/advanced-services/

The biggest thing is to set your device up on arrival to be powered OFF. Most of Cellebrite (and other security vendors) solutions rely on the phone having been unlocked once since first poweron (or "AFU").


Cellebrite has an extra column for GrapheneOS, as they seemingly can't unlock it (since ~2 years), compared to all other Android OEM Flavours.

And with GrapheneOS you can relock the bootloader, once you've installed it.

Source:

https://news.ycombinator.com/item?id=41072905

https://discuss.grapheneos.org/d/14344-cellebrite-premium-ju...


Even better would be to not even bring a phone in the first place, and get a temporary one after arrival. Or get a prepaid one beforehand with nothing on it, if you're confident that won't be suspicious.


Better at what? Painting yourself into a corner if something goes wrong and you don't have any local contacts that can help you?


Better at not having vulnerable data accessible to anyone that doesn't need it.


A new prepaid phone is what, $100? Sticky notes are essentially free.


That certainly won't look suspicious at all /s




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: