this post was submitted on 11 Jun 2024
204 points (97.7% liked)
Asklemmy
43942 readers
473 users here now
A loosely moderated place to ask open-ended questions
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Regarding biometrics, I’ve felt that one advantage is that if I’m in a public space, I don’t have to worry about someone watching me enter my password over my shoulder. If I got into a situation where someone is physically overpowering me to get my finger onto my device against my will, I’m probably going to give them whatever password they want so I don’t get a beat down.
That's a threat and risk assessment. You've decided you're willing to accept the risk of anyone being able to unlock your phone. For me, I'm not really worried about someone in the street strong arming me. I'm more worried about a state actor, border guard, police officer, etc demanding that I unlock my phone. They can physically compel you to unlock your phone by pointing it at your face or putting your finger on the pad but they cannot compel you to give them your password.
I’m probably preaching to the choir, but for those who don’t know, at least on an iPhone and I’m sure android has something similar, if you foresee the situation coming you can just hold the sleep/wake button for a few seconds (even while your phone is in your pocket) and it will require the passcode and not allow biometrics.
Edit: my memory, it’s the sleep/wake button and volume down. Similar to android as per the below.
For android it's power+volume up to bring up the power options menu (shutdown, restart, etc) and there is a "lock down" option that disables biometric unlock.
Wish I could do it with one hand, but good to know it's there.
I definitely see your perspective, but mostly wanted to make sure I wasn’t overlooking some obvious downside in my risk assessment.
I figure my chances are low that I will get into the situation where an authority demands access to my phone but I also don’t have the opportunity to lock out biometrics. Like if I get pulled over I just hold power and volume up buttons for three seconds and biometrics is off. That said, it certainly doesn’t eliminate my risk completely, and I wouldn’t consider anyone crazy for just opting out completely.
The other problem with biometrics is you can't change them. With the OPM breach a few years ago they lost 5.6 million finger prints. Those finger prints are now useless since they are in the wild and can't be changed. Not a problem for your average phone user but in my world that's a really big deal. In my world biometrics are a convenience and convenience is bad for security.
As long as you've considered and accepted the risks you're good.
Time to start using the middle finger, until the next data breach. Then the ring finger.
Can I use my dick head?
"You want me to unlock my phone? I used the head of my erect penis. I'm not going to get it up myself. Knock yourself the fuck out."