OpSec ~ Cellphone Fingerprint Unlocking ~

It occured to me that in a sticky situation where LE wanted to access my locked, encrypted device, that they could (would) likely use force to use my fingerprint to unlock my device without my consent. A strong password gets around this, but what would be better is a sort of 2FA for unlocking my phone. 2/3 Textpassword:Fingerprint:Voicepassword would be required to unlock...is this possible from an android coding perspective?


Comments


[2 Points] loxsey:

Androids are almost impossible to completely secure, LE technicians can access it no matter how secure you make it.


[1 Points] None:

[removed]


[1 Points] stormfayn:

There's backdoors in both software and chips in almost every smartphone. Get a dumbphone if you really want to stay safe.


[1 Points] None:

Use force touse my fingerprint to unlock my device

That is the dumbest shit ever and that's exaclty the kind of thing they'll say to trick stupid people to unlocking it themselves for fear of the cops becoming aggressive.

Don't do illegal shit with your phone if you're afraid of it being unlocked!


[1 Points] None:

There was a burn notice* about how people always leave their fingerprints on the scanner and it can be easily undone that way, but I doubt civil forfeiture allows them rights to decrypt encrypted information. Still password is better.


[1 Points] maddaddam90:

Are we talking about in America? If so, that would be highly likely to be illegal. While they might do it anyway, I think recent case law would suggest that any evidence from doing so would be inadmissable in court. Didn't the Supreme Court rule that you couldn't be forced to give up a password (or in this case, fingerprint) to unlock your phone for the purposes of just browsing through everything on it for evidence? I believe a warrant must be issued for a phone to be unlocked, and that would have to be a warrant for very specific things, not an all-purpose "browse through everything on my phone" warrant (or a "general warrant").


[1 Points] Theeconomist1:

Can't you just disable using your fingerprint to login? iPhones let you do this, I assume android would as well?? One thing to note is that while passwords have been held up to be protected by the 5th amendment, biometric data is not necesarily protected by the 5th Amendment. I'm sure at some point SCOTUS will hear a case related to it, but as of now, there is legal precedent to force a perp to give up biometric data to access a device.

See: http://blogs.wsj.com/digits/2014/10/31/judge-rules-suspect-can-be-required-to-unlock-phone-with-fingerprint/


[1 Points] SrslyNotACop:

Dude even if the cops told you to unlock your phone w/ your finger and were forcing you to or some weird ass crazy shit you could just use the opposite thumb and lock your phone up.


[1 Points] 2005C:

SIRI! SIRI WIPE THE PHONE!!


[0 Points] None:

Why do you need to sexure a phone?