Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
IOS Iphone Operating Systems Privacy Security Software Apple Hardware Technology

iOS 11 Has a Feature To Temporarily Disable Touch ID (cultofmac.com) 138

A new feature baked into iOS 11 lets you quickly disable Touch ID, which could come in handy if you're ever in a situation where someone (a cop) might force you to unlock your device. Cult of Mac reports: To temporarily disable Touch ID, you simply press the power button quickly five times. This presents you with the "Emergency SOS" option, which you can swipe to call the emergency services. It also prevents your iPhone from being unlocked without the passcode. Until now, there were other ways to temporarily disable Touch ID, but they weren't quick and simply. You either had to restart your iPhone, let it sit idle for a few days until Touch ID was temporarily disabled by itself, or scan the wrong finger several times. The police, or any government agency, cannot force you to hand over your iPhone's passcode. However, they can force you to unlock your device with your fingerprint. That doesn't work if your fingerprint scanner has been disabled.
This discussion has been archived. No new comments can be posted.

iOS 11 Has a Feature To Temporarily Disable Touch ID

Comments Filter:
  • Ain't it grand that with the 8, all someone will have to do is shove the phone in your face.

    • If that rumoured feature is there, then pretty obviously it would be programmed to also deactivate after the 5 presses on the home button.

  • by sad_ ( 7868 ) on Friday August 18, 2017 @06:02AM (#55039659) Homepage

    is that unlocking your phone with a password is considered different from using a fingerprint according to the law/police.

    • Agreed, what is the difference if the police ask you to unlock your phone and you refuse?
      • by bsDaemon ( 87307 ) on Friday August 18, 2017 @06:32AM (#55039727)

        The difference is that the cops are already going to physically take your hand , stick it in ink, and force it onto paper if they have arrested you. They're going to go through your possessions and if they find keys, can try them on locks they also find on you.

        They can't make you say anything though. In fact, they will specifically advise you of your right NOT to talk.

        This is one of the reasons why biometrics make terrible single-factor authentication. If not for yubikey or smartcard as 2fa, I wouldn't use finger print on my laptop. Biometrics are better replacements for usernames than passwords, imo, especially given the limited ability to change most of them, and the fact that anyone who is in physical possession of both you and the device doesn't need your cooperation.

        • There's also the plausible deniability factor. "Gee, officer, you've got me so flustered, I can't remember the password."

          • by JBMcB ( 73720 )

            That works with police. It doesn't work with the courts, apparently.

          • by Anonymous Coward

            There's also the plausible deniability factor. "Gee, officer, you've got me so flustered, I can't remember the password."

            Just a side note, but it is generally accepted in law that lying to a law enforcement officer or a judge is in and of itself a crime.

            Yes such a thing can be quite difficult to prove in an acceptable way, but why take that risk when you don't need to?

            If you lie about not remembering the password, if it later can at all be shown that isn't at all likely to have been possible, you'll either get in more trouble than before, or possibly get in trouble where you wouldn't have otherwise.

            If you simply respond that

        • They can make you use your fingers, but you don't have to tell them which finger is the right one. Unfortunately, it doesn't look like you can force the iPhone to only accept one attempt before requiring a passcode, so they've got multiple tries at guessing which one is the correct one.

      • by Anubis IV ( 1279820 ) on Friday August 18, 2017 @02:03PM (#55042829)

        what is the difference if the police ask you to unlock your phone and you refuse?

        It's similar to the distinction we make in cryptography between what you know and what you have.

        Generally speaking, what you know is protected by the 5th Amendment. They cannot compel you to testify against yourself. What you have is not protected by the 5th Amendment. It's material evidence that can be used against you in a court of law.

        Provided they have a valid warrant, the police still need a means to execute a search that doesn't rely on compelling you to share something you know. For years, that meant they had nothing they could ask us for, since all we had were passcodes, and they couldn't compel us to turn those over (which led to the false belief that they couldn't compel us to turn over anything at all that would allow access). But the police have the right to collect material evidence, such as a fingerprint, and use it in the pursuit of their investigation. And they have a right to access the contents of the phone. If it just so happens that your device is locked by something material, that's a shame for you, but it's not testimony: it's simply evidence that can be used against you. It's no different than having a key on you that can open a safe.

        And really, when you think about it, this all makes sense. If the police weren't allowed to use material evidence that you were forced to provide against your will, we'd find ourselves in a bizarre world where pretty much any material evidence collected from a defendant (e.g. DNA, fingerprint, blood, etc.) would be inadmissible. After all, who would consent to "testifying against themselves" by allowing a DNA sample or fingerprint to be collected that could place them at the scene of the crime? In fact, it'd be so far reaching that we wouldn't even be able to seat the defendant in the courtroom against their will, since the jury may recognize that the person in the security footage is the same as the person sitting at the defendant's table, or an eyewitness may be able to point at them to confirm that they are the same person. They would, effectively, be "testifying against themselves" by being forced to provide something they have—their physical appearance—that can be used against them.

        Thankfully, this is a case where common sense won out in the courts, since the courts have repeatedly held that material evidence is not testimonial in nature, and thus is not protected so far as the 5th is concerned. In fact, most of those examples I just gave are ones that the Supreme Court or appellate courts have mentioned in the major cases addressing the topic of what is or isn't covered by the 5th (usual disclaimer: IANAL).

        All of which is to say, the courts have made a pretty clear distinction between testimonial and material evidence. Passcodes are protected under the 5th because they're testimonial in nature, whereas biometrics are protected solely under the 4th because they are material in nature. You can use either method to lock your phone, but the 4th is a significantly weaker form of legal protection than the 5th, so which you choose to use will come down to how you balance security and convenience.

    • by msauve ( 701917 ) on Friday August 18, 2017 @07:54AM (#55039999)
      "unlocking your phone with a password is considered different from using a fingerprint according to the law/police."

      A fingerprint is physical, like a key. The taking of fingerprints does not fall within the category of either communication or testimony so as to be protected by the Fifth Amendment privilege. United States v. Wade, supra.

      A PIN is knowledge, and protected.
    • That's the US legal system for you. Obtaining textual type information - words, letters, numbers - is considered a form of speech, even when written. Law enforcement cannot coerce speech out of a person, spoken or written. Physical evidence and physical searches are allowed, and apparently courts are allowing the use of biometrics to access things fall into that category. At least for now until higher courts rule on this and provide proper guidance.

      • This is going to get really bad if/when we get the tech to meaningfully read minds.

        "You have the right to remain silent, but there's no point because we'll just read what you're thinking straight out of your brain, which is a physical object that we can look at as much as we want."

        I'd hope that's obviously crazy, but as you say... US legal system.

    • by decep ( 137319 )

      From a legal perspective, there is not much difference. The law can compel you to provide a fingerprint or password. The difference is that they can physically force you to provide a fingerprint by simply manhandling you. For a password, there is no way for them to force you to provide it.

      It does not mean you cannot be put in jail for failing to provide the password, but providing the information is always 100% voluntary.

      If it exists in the physical world, the law can force you to provide it.

  • by Thor Ablestar ( 321949 ) on Friday August 18, 2017 @06:08AM (#55039671)

    The Russian tourist asks a British cop: Sir, can I? - Cop: Yes, you can!
    No, Sir, I mean, may I? No, you may not.

    The cops MAY NOT force you to hand over your passcode, but they CAN.

  • Simple PIN unlock (not just finger print as an easy option, something that works right out of the shower) and long password to unencrypt for booting.

    I have android, but the if I want a secure phone (long boot password), my only easy unlock option is the fingerprint, which doesn't work with touch screen gloves, and doesn't work with post shower fingers.

    Then, make the five button click reboot rather than disable touch.

    • Hmm, every Android phone I've had, out of the box, has a simple passcode unlock (or pattern unlock) available if you want it.

      If you're willing to root, it's pretty easy to set up the device to be encrypted and require a password in order to boot. Even without rooting, install Tasker and you can set up any special button sequence you want and make it perform pretty much any action you want, including shutting down or rebooting.

      • Do they allow password boot and pin unlock?

        Every android device post encryption I've used couldn't do that (pretty encryption it's irrelevant, I don't recall).

        • If rooted, yes. You can make it behave however you like. I don't know about stock Android behavior on this point, though.

          • by AvitarX ( 172628 )

            OK, I just checked.

            I can do PIN, Password, Swipe to boot, and then pair either of them with fingerprint optionally for unlocking.

            I'd like to do Password to boot, then PIN, or Finger to unlock.

            Finger print fails to work often enough that it's pretty useful as an only unlock method (and if my password is a long password entered rarely, it effectively is not an option for normal use).

  • oblig. xkcd (Score:5, Funny)

    by Anonymous Coward on Friday August 18, 2017 @06:34AM (#55039733)
  • by Anonymous Coward

    Officer learns about new feature of iOS 11
    Officer sees you tap iphone quickly five times
    Officer arrests you for terrorism offences

  • by schwit1 ( 797399 ) on Friday August 18, 2017 @07:39AM (#55039931)
    I'm not saying it will pass legal muster. Prosecutors use the pain of the process to wear down defendants. You will be vindicated in the end but be out thousands of dollars in attorney's fees and time spent incarcerated.
    • I'm not saying it will pass legal muster. Prosecutors use the pain of the process to wear down defendants. You will be vindicated in the end but be out thousands of dollars in attorney's fees and time spent incarcerated.

      You don't get it. When a cop arrests you, he can take a look at your personal possessions. Mostly to make sure you don't carry knifes, guns, spray cans, anything dangerous. Looking at your personal possessions includes your unlocked phone. And it includes putting your finger on the finger print scanner of your locked phone. That's prevented. And in that situation, you cannot be forced to reveal a passcode or use it to unlock your phone.

      What you are talking about is cops with warrants, or being in court.

  • by Anonymous Coward

    A lot of comments on the 5th amendment here, buy taking proactive action to prevent access to evidence would likely be seen as obstruction of justice. Basically, if it is reasonable to a judge that knew an investigation was about to happen and you do something like this, it is no different than wiping your hard drive or burning your flash paper. It would be best not to use touch id at all.

  • I don't even lock my phone these days. If the cops want to access your data, they will. At least, by not securing my phone, I can remote lock it down if it is stolen. With no lock, I think cops will be at a loss to access the phone. "What is your access key? Me: what access key?"
  • There is some hope for the Fourth and Fifth Amendments!

    Not that Apple actually intended this. I would not be surprised if this feature goes away. Soon.

  • by david_thornley ( 598059 ) on Friday August 18, 2017 @10:57AM (#55041007)

    I used an option in Settings to disable the fingerprint scanning on my phone quite some time ago. If the idea is that you set your phone up in advance, that's nothing new. If the idea is that you can quickly do it when being arrested, that's legally risky.

    • by green1 ( 322787 )

      Not to mention highly unreliable. You have to be able to perform the action, if the cop handcuffs you and then removes the phone from your pocket, how are you going to tap the button 5 times? And yes, cops are likely to do it in that order, they don't want to give you the opportunity to go for a weapon.

      So I'm really not sure what this brings to the table. If you have access to your device to do this, you could have simply long-pressed the power button to reboot the phone and force a password instead.

      • by tlhIngan ( 30335 )

        Not to mention highly unreliable. You have to be able to perform the action, if the cop handcuffs you and then removes the phone from your pocket, how are you going to tap the button 5 times? And yes, cops are likely to do it in that order, they don't want to give you the opportunity to go for a weapon.

        So I'm really not sure what this brings to the table. If you have access to your device to do this, you could have simply long-pressed the power button to reboot the phone and force a password instead.

        The thi

        • by green1 ( 322787 )

          By the time you see the cop, they often have a gun pointed at you and are telling you not to move. reaching for your phone at that time would be a very bad idea. And if you CAN press the power button rapidly 5 times, why can you not also simply long press it once? That reboots the phone causing it to also require a password.

  • by ErichTheRed ( 39327 ) on Friday August 18, 2017 @11:02AM (#55041051)

    Usually, the high-profile "phone unlocking" cases you hear of lately are terrorism or drug-related. Your average iPhone owner is most likely looking to protect his contact list, evidence of dealings, etc. than planning an attack. I'd say Apple aimed this feature squarely at their core demographic -- affluent Millenials:
    - Locking up your phone when high/drunk prevents people from using your fingerprint without your knowledge to get access to the phone
    - If you're stopped for a minor offense (traffic stop, DWI, etc.) it could prevent the police from finding anything else to make your situation worse if they are suspicious
    - Almost all non-violent interactions with the police involve traffic issues or drugs. If a cop catches you in possession of a small amount of drugs, they may or may not be more willing to just let you go if they have to go through a whole search warrant process, take you in and fill out paperwork to see what's on your phone.

    What would be an even more interesting feature is if you held down a certain key sequence (three long, three short, three long sounds good...SOS) and the phone instantly wiped itself by shorting out the flash memory and destroying itself. You wouldn't have your $1000 computer in your pocket anymore, but you'd have to decide if that was worth less than the evidence the police could have obtained.

    I guarantee this is going to get challenged in court to sort it out. 200+ years ago, and even in the Miranda era, no one was carrying a device capable of storing every personal detail of their lives in their pocket. The best you'd ever get is a drug dealer's notebook with their contacts. Phones are interesting in that they're extensions of the people who carry them.

    • What would be an even more interesting feature is if you held down a certain key sequence (three long, three short, three long sounds good...SOS) and the phone instantly wiped itself by shorting out the flash memory and destroying itself. You wouldn't have your $1000 computer in your pocket anymore, but you'd have to decide if that was worth less than the evidence the police could have obtained.

      That could be possible proof that you destroyed evidence though. I think I'd rather see something like multiple passcodes combined with a way to mark files or features as "special encrypted". One pass code unlocks everything while another unlocks everything but the specially marked items. Of course, such a system would have to obfuscate that there are multiple passcodes and encrypted items while also no overwriting the protected spaces while not fully unlocked.

    • What would be an even more interesting feature is if you held down a certain key sequence (three long, three short, three long sounds good...SOS)

      Just saying... Three long, three short, three long is "OSO", not "SOS".

  • They need a compromised password feature like VeraCrypt so that if you have to give a password, you can but it only shows what you want them to see. This way, you not some poor guy held up in a jail cell for not cooperating. You technically gave them access. Matter of fact, I'd argue that password protected apps don't count in the same way as unlocking your phone. There are ways to lock any app on an iPhone if jailbroken.
  • I thought about this, and when the phone is "cop locked" it shouldn't be totally locked down. FIngerprint should open it into "dumb phone" mode. In dumbphone mode, you should be able to make calls and send texts, but without the address book or call history; you should be able to receive calls, but only from people on the "all circumstances receive" list; you should be able to record photos, audio, and video, but not review that content. You should be able to play some fiddly little game that doesn't keep s
    • I thought about this, and when the phone is "cop locked" it shouldn't be totally locked down.

      Actually, a locked iPhone _can_ do certain things, like calling emergency services, taking photos (and deleting photos taken while locked), and some other things.

      • The deleting photos taken while locked doesn't sound good. Someone who physically overpowers a witness and rips the phone from hir hand shouldn't be able to delete photos. Also, if I can remember the number and dial it on a numpad, the phone should allow me to call the friend who can notify my attorney with only my fingerprint for permission, not just only call the local government's emergency services.
  • They should offer a 2 factor option of PIN and fingerprint.

Felson's Law: To steal ideas from one person is plagiarism; to steal from many is research.

Working...