Cops Are Now Opening iPhones With Dead People's Fingerprints (forbes.com)

← Back to Stories (view on slashdot.org)

Cops Are Now Opening iPhones With Dead People's Fingerprints (forbes.com)

Posted by msmash on Monday March 26, 2018 @05:25AM from the how-about-that dept.

An anonymous reader shares a report: In November 2016, around seven hours after Abdul Razak Ali Artan had mowed down a group of people in his car, gone on a stabbing spree with a butcher's knife and been shot dead by a police officer on the grounds of Ohio State University, an FBI agent applied the bloodied body's index finger to the iPhone found on the deceased. The cops hoped it would help them access the Apple device to learn more about the assailant's motives and Artan himself.

This is according to FBI forensics specialist Bob Moledor, who detailed for Forbes the first known case of police using a deceased person's fingerprints in an attempt to get past the protections of Apple's Touch ID technology. Unfortunately for the FBI, Artan's lifeless fingerprint didn't unlock the device. In the hours between his death and the attempt to unlock, when the feds had to go through legal processes regarding access to the smartphone, the iPhone had gone to sleep and when reopened required a passcode, Moledor said. He sent the device to a forensics lab which managed to retrieve information from the iPhone, the FBI phone expert and a Columbus officer who worked the case confirmed. That data helped the authorities determine that Artan's failed attempt to murder innocents may have been a result of ISIS-inspired radicalization.

Where Moledor's attempt failed, others have succeeded. Separate sources close to local and federal police investigations in New York and Ohio, who asked to remain anonymous as they weren't authorized to speak on record, said it was now relatively common for fingerprints of the deceased to be depressed on the scanner of Apple iPhones, devices which have been wrapped up in increasingly powerful encryption over recent years. For instance, the technique has been used in overdose cases, said one source. In such instances, the victim's phone could contain information leading directly to the dealer.

212 comments

Min score:

Reason:

Sort:

Trigger happier cops by Chatterton · 2018-03-26 05:33 · Score: 0

Trigger happy cops will now be happier. The dead will not resist that caps use its fingerprints to unlock their phone...
Proof gathered this way should be invalidated or else cops will be more inclined to kill the suspects to access more easily their phones :(
1. Re:Trigger happier cops by Anonymous Coward · 2018-03-26 05:49 · Score: 1
  
  Yea, how dare they shoot a terrorist during on a killing spree ... I mean ... such a lovely person who just wanted to spread his message of harmony with his truck of peace and knife of cultural coexistence.
2. Re:Trigger happier cops by war4peace · 2018-03-26 05:54 · Score: 1
  
  spread his message of harmony with his truck of peace.
  Heh, this also applies to '60s hippies and all-time pedophiles.
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
3. Re:Trigger happier cops by Anonymous Coward · 2018-03-26 05:59 · Score: 0, Insightful
  
  Except Hippies didn't used to worship a prophet who fucked children, enslaved all races, sacked and destroyed cities, and had 64 war campaigns during which he committed war crime after war crime, good ol' Muhammad. At least the worst that Jesus Christ did was overturn a few tables, though that guy wouldn't be proud about what his followers became in their idiocy considering his Pacifism.
4. Re:Trigger happier cops by war4peace · 2018-03-26 06:12 · Score: 1
  
  I think you're confusing Muhammads. Just sayin'...
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
5. Re:Trigger happier cops by Anonymous Coward · 2018-03-26 06:12 · Score: 0
  
  I'm surprised that this works. I thought that modern fingerprint scanners checked for a pulse when doing the scan specifically to avoid this and manufactured fingerprint clones.
  That being said, this is one of the reasons why I don't use the finger print sensor on my phone. The other being that the police could get a court order to force me to put my finger on the sensor, even though they can't force me to disclose my password because of 5th amendment protections.
6. Re:Trigger happier cops by Actually,+I+do+RTFA · 2018-03-26 06:13 · Score: 1
  
  The dead will not resist that caps use its fingerprints to unlock their phone...
  Nor will the living. At least not successfully. The cops already will just hold your finger on the scanner if you refuse to do it when they tell you (and then charge you with obstruction.)
  
  --
  Your ad here. Ask me how!
7. Re:Trigger happier cops by bobbied · 2018-03-26 06:20 · Score: 1
  
  But the court CAN require your password and hold you in contempt (and toss you in jail for the duration) for not providing it. Pleading the 5th won't get you out of this.
  Also, My I-phone requires that the password be entered before the fingerprint scanner will work.... So if you are a criminal, just power down your phone if you fear you will have to interact with the cops and they won't be able to open your phone in case of your untimely death (or by physically forcing you to apply your finger).
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
8. Re:Trigger happier cops by SuricouRaven · 2018-03-26 06:31 · Score: 3, Informative
  
  Police have had a solution to that one for years. It's why the 'no knock' warrant exists - they just need to convince a judge there is reason to believe the suspect will destroy evidence if given the opportunity.
  If the police believe you have evidence at your home or on your person, they will get a warrant to search you. But if they believe the evidence is easily destroyed - a phone you can lock, or documents you can burn - then they will break into your home while you are at work. Or smash the door down and force everyone to the floor at gunpoint. Or you'll be walking down the street one moment, and the next two plainclothes officers have snuck up behind you and are pinning you against the wall while they get the cuffs on.
  Recall the Dread Pirate Roberts arrest? Police knew his laptop would lock if he closed the lid, so they had to arrest him while he had it open. They used an officer posing as a waitress to get close enough without arousing suspicion, who pinned him to the floor while another ran in to grab the laptop.
  This isn't something new. The legal system had had solutions for many years to address the problem of suspects who may destroy evidence if they know they are about to be arrested.
9. Re:Trigger happier cops by mark-t · 2018-03-26 06:32 · Score: 1
  
  Holding you in jail doesn't give them the password though... so locking you up doesn't give them anything to go on other than that you didn't want to give out your password. What I think would be particularly interesting is to tie some sort of dead-man's switch to the password so that if you have to surrender the device, then you no longer have the ability to unlock it for them either. Can they still hold you in contempt for that?
  
  --
  File under 'M' for 'Manic ranting'
10. Re:Trigger happier cops by Anonymous Coward · 2018-03-26 06:41 · Score: 1
  
  As of today, passwords have been deemed protected by the 5th while fingerprints have not. Passwords are a thing you know and as such, sharing them would be self incriminating. Fingerprints are a physical artifact and are not self incriminating.
11. Re:Trigger happier cops by Anonymous Coward · 2018-03-26 06:56 · Score: 0
  
  There's also the sticky issue of determining whether the person even knows the password in the first place. I'm sure there's at least some files around my place that I've either forgotten the passphrase for or no longer have the key necessary to open them with the correct passphrase.
  It doesn't matter what the penalty is, I wouldn't be able to decrypt those files to save my life.
12. Re:Trigger happier cops by bobbied · 2018-03-26 07:04 · Score: 1
  
  Thinking about this.... The problem is that YOU cannot destroy evidence once you become aware that it might be wanted by law enforcement or subject to civil lawsuit.
  IF your device is programed to do a secure erase after a given length of time w/o a successful login by you, I suppose that you could conceivably wait that length of time... The key would be that you'd have to specifically NOT take any action to erase the device (like entering the wrong password or something) and that you are not misrepresenting your ability to actually unlock the device. Basically, you would have to explain that the device was programmed to secure erase anytime it was out of your control for a specific duration.
  I'm no lawyer, but that *might* be sufficient to destroy the evidence w/o being held responsible for it, but I'm betting that it might not be a good idea in the long run. Better to just not keep any data on the portable device where it's obvious in the first place.
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
13. Re:Trigger happier cops by mark-t · 2018-03-26 07:34 · Score: 1
  
  Basically, you would have to explain that the device was programmed to secure erase anytime it was out of your control for a specific duration.
  But would you be obligated to explain that *before* they ask for the device or take it from you?
  
  --
  File under 'M' for 'Manic ranting'
14. Re:Trigger happier cops by Anonymous Coward · 2018-03-26 08:02 · Score: 0
  
  Nope. Right to remain silent.
15. Re:Trigger happier cops by bobbied · 2018-03-26 09:05 · Score: 1
  
  That's a question for your lawyer friend.. I do not know.
  The issue is that YOU have the responsibility to preserve any and all information that you reasonably know is relevant to criminal or civil legal actions if you can. You are afforded the right to delete any information as part of an automated processes and can legally delete any and all records/documents prior to becoming aware of the legal action and as long as you are taking reasonable care to preserve any data as soon as you are aware.
  The question you are asking has to do with the period between when you become aware of the data should be preserved and when you can turn off the automation that deletes it. Seems this would put this squarely in the grey area, where you cannot reach the device to turn off the automatic scrub but you know it will delete information. Your justification would be that you couldn't stop the automation because they had your device. I suppose they would argue you had an obligation to tell them but you would also be able to claim that you didn't have access to the device because they took it so you couldn't stop the process. I'm guessing the court would have to figure what side that falls on, which might be good, if you are trying to avoid criminal prosecution.
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
16. Re:Trigger happier cops by MoaDweeb · 2018-03-26 11:52 · Score: 1
  
  Was that far right, white, Christian bomber in Austin a terrorist then? Or is terrorist reserved only for those of other skin tones?
  
  --
  New Zealanders are well balanced with a chip on each shoulder. One represents Australia, the other the rest of the world
17. Re:Trigger happier cops by PCM2 · 2018-03-27 07:16 · Score: 1
  
  Recall the Dread Pirate Roberts arrest? Police knew his laptop would lock if he closed the lid, so they had to arrest him while he had it open. They used an officer posing as a waitress to get close enough without arousing suspicion, who pinned him to the floor while another ran in to grab the laptop.
  Considering that the so-called Dread Pirate Roberts was arrested at a library, your "waitress" story doesn't hold a lot of water.
  
  --
  Breakfast served all day!
18. Re:Trigger happier cops by SuricouRaven · 2018-03-27 18:27 · Score: 1
  
  I am quite sure I read it was a waitress at the time it was current news, but perhaps the news coverage made some mistakes in the rush to be first to report. Or it may be an error in my memory. In either case, the argument holds. Wired offers this rather dramatic account of the arrest: "At 3:14 pm, DPR was typing away, writing to Cirrus. Just then, a middle-aged woman and man came toward Ross, ambling along in the kind of semihomeless shuffle you might often see in a San Francisco library. “Fuck you!” the woman yelled when they were directly behind Ross’ chair. As if they were a deranged couple about to fight, the man grabbed the woman by the collar and raised his fist. Ross turned around for just a second, during which a hand reached across the table and grasped Ross’ Samsung. The petite, unassuming young Asian woman sitting across from Ross this whole time was, to everyone’s surprise, also an FBI agent. Ross lunged for his machine, a hair too late, as she turned like a quarterback for a quick handoff to Kiernan, who appeared out of nowhere—as instructed—to get the laptop. It took less than 10 seconds."
  The point of all this is that if the police believe their suspect may destroy the evidence if given even a few seconds warning, and they believe the suspect is important enough to be worth the expense, they have both the legal power and the history to take measures to prevent destruction of evidence - including ambush arrests by non-uniformed agents.
Is this a problem? by XxtraLarGe · 2018-03-26 05:34 · Score: 5, Interesting

I'm not sure there is a 4th amendment issue here if the suspect is dead, as they would no longer have an expectation of privacy, and the item was found after the commission of a crime. I'm open to the possibility that I'm wrong on this, looking forward to hear arguments.

--
Taking guns away from the 99% gives the 1% 100% of the power.
1. Re:Is this a problem? by TWX · 2018-03-26 06:17 · Score: 1
  
  Pathologists already would, depending on the degradation of the corpse, basically take the skin of the fingers off of the body and either put it on a mandrel or else would put it over their own gloved hands as a human-glove to get fingerprints.
  I am not surprised in the slightest that investigators would attempt to unlock biometric locks with the biometrics of the deceased. I would be more surprised if they didn't try it. I also wouldn't be surprised if they have to develop techniques to duplicate someone's fingerprint in a way that allows it to be applied with similar capacitance and temperature as their living body would have, to attempt to override any circumvention-blocks that look for that sort of thing.
  
  --
  Do not look into laser with remaining eye.
2. Re:Is this a problem? by Anonymous Coward · 2018-03-26 06:28 · Score: 0
  
  The fact that the police got in is the issue, not what they found. If they were able to get in using a dead person's fingerprints, that means that the device is susceptible to the use of severed fingers or possibly counterfeit fingerprints.
  Personally, those later things are far more troubling than the fact that they were able to conduct a search of a dead person's phone.
3. Re:Is this a problem? by Anonymous Coward · 2018-03-26 06:55 · Score: 0
  
  I don't think that is an issue whatsoever.
  If someone is in a position and willing to chop of your finger to get into your phone, they are also just willing to smack you with a wrench over and over again until you voluntarily put your finger on the phone.
4. Re:Is this a problem? by Anonymous Coward · 2018-03-26 07:03 · Score: 0
  
  Simple. I want your phone to "track your movements". I shoot you dead, claim you have no "right to privacy" due to being dead. Then unlock your phone and have my merry way.
  Still doesn't seem to be a violation of the fourth, to be secure in your papers *and person*?
  And if you think, that isn't happening; you know NOTHING, about the law.
5. Re:Is this a problem? by tattood · 2018-03-26 07:38 · Score: 1
  
  You don't need to be dead for the cops to force you to unlock your phone with your fingerprint.
  
  --
  WTB [sig], PST!!!
6. Re:Is this a problem? by Anonymous Coward · 2018-03-26 07:58 · Score: 0
  
  Does it mention anywhere it is for the living either?
7. Re:Is this a problem? by Anonymous Coward · 2018-03-26 08:05 · Score: 0
  
  And besides, if my expectations were known whilst I were alive that I wished for my dead body to be treated with RESPECT, then I think those expectations should be met. I believe that’s what wills also hope to achieve. I mean, the person is dead, why should they really still have a hold on this planet if they have no expectation of privacy to defend by being alive, then the whole will thing is null and void?
8. Re:Is this a problem? by lister+king+of+smeg · 2018-03-26 08:14 · Score: 1
  
  You don't need to be dead for the cops to force you to unlock your phone with your fingerprint.
  Sounds like fingerprint readers need to be repurposed into "reset to factory default" buttons, just use a pin all of the time when the cop forces you to "unlock" the phone he instead wipes it back.
  
  --
  ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
9. Re:Is this a problem? by AmiMoJo · 2018-03-26 08:15 · Score: 1
  
  In the EU it would fall under privacy rules. Even dead people have privacy rights, and of course their surviving family members do.
  It depends on the circumstances but there could be issues there.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
10. Re:Is this a problem? by Anonymous Coward · 2018-03-26 08:21 · Score: 0
  
  Simple. I want your phone to "track your movements". I shoot you dead, claim you have no "right to privacy" due to being dead. Then unlock your phone and have my merry way.
  Still doesn't seem to be a violation of the fourth, to be secure in your papers *and person*?
  And if you think, that isn't happening; you know NOTHING, about the law.
  And that has nothing to do with the parent post. It was about privacy, not about how to get the information.
11. Re:Is this a problem? by CanHasDIY · 2018-03-26 09:28 · Score: 1
  
  I'm not sure there is a 4th amendment issue here if the suspect is dead, as they would no longer have an expectation of privacy
  That sounds to me like a rationale for looting the property of the deceased; I think next-of-kin would argue the point.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
12. Re:Is this a problem? by CanHasDIY · 2018-03-26 09:29 · Score: 1
  
  In the EU it would fall under privacy rules. Even dead people have privacy rights, and of course their surviving family members do.
  That's the issue for me here as well - when a person dies the police can't legally start confiscating their former property, so why would it be any different with personal effects?
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
13. Re: Is this a problem? by Anonymous Coward · 2018-03-26 12:37 · Score: 0
  
  My damn phone unlock with my live finger can't imaging being dead would help.
14. Re:Is this a problem? by Anonymous Coward · 2018-03-26 21:14 · Score: 0
  
  Well the precedent now, is if the criminal is dead you can so to speak, have access to their stuff without asking or doing a plea deal.
  So if the criminal is near death, have complications that can be accelerated(possibly covertly) to death, or the situation important enough, it is speedier to just get the data after they die instead of non-torture interrogation for example.
Re:Wouldn't work with FaceID... by 110010001000 · 2018-03-26 05:35 · Score: 0, Troll

No, but a simple mask would. Oh you poor fanboys!
Would be nice if it automatically unlocked by OrangeTide · 2018-03-26 05:35 · Score: 1

It would be nice if these devices automatically unlocked after some time limit, like 1 year. At least we could get into a device after someone died or after the police confiscated a device long enough, without having to hand over some backdoor keys that compromises the security of all our devices.
There really is no perfect solution that protects our rights and provides security and allows law enforcement to do their job. Some reasonable compromise has to be found. I'm of the mind that our rights has the highest priority, followed by the security of millions of people, and then finally the needs of a small number of criminal investigators.

--
“Common sense is not so common.” — Voltaire
1. Re:Would be nice if it automatically unlocked by 110010001000 · 2018-03-26 05:39 · Score: 2
  
  You must be kidding. Why should anyone have access to anything you own after some arbitrary time limit? The mind boggles at the stupidity.
2. Re:Would be nice if it automatically unlocked by Anonymous Coward · 2018-03-26 05:45 · Score: 0
  
  There are a lot of things that you think you own that you don't really own. Try not paying your property taxes and see if you really own that house.
3. Re:Would be nice if it automatically unlocked by Anonymous Coward · 2018-03-26 05:59 · Score: 0
  
  Just because the government can take something from you in the future doesn't mean you don't currently own it.
4. Re:Would be nice if it automatically unlocked by mysidia · 2018-03-26 06:00 · Score: 3, Insightful
  
  It would be nice if these devices automatically unlocked after some time limit, like 1 year.
  That would imply an application Logic-based lock, but instead, these phones use cryptography so the passcode is required to decrypt the data; "Fingerprint" access only works while the key derived from the passcode is still in volatile memory, and once the phone sleeps or reboots or something, that memory is purged, and the decryption key needs to be supplied again.
  If they didn't encrypt the data ---- then everything on your phone could potentially be stolen by a criminal attacking either Apple's servers or the phone itself and finding a flaw in the Logic-based lock.
5. Re:Would be nice if it automatically unlocked by Anonymous Coward · 2018-03-26 06:06 · Score: 1
  
  This is one of the dumbest things I have read. You are comparing ownership of a tangible good that one can own free and clear vs land which is subject to a myriad of laws.
  What you said is as idiotic as saying "You cannot cut an orange because there are a lot of things you cannot cut. Try cutting a person sometime and see what the cops do to you."
6. Re:Would be nice if it automatically unlocked by OrangeTide · 2018-03-26 06:12 · Score: 3, Insightful
  
  I used to do TPM drivers for embedded systems, it's not that far fetched of a feature to time out when your TPM already has an NVRAM. From NVRAM it's simple to embed an RTC (simple but not free, increases costs by several cents and creates supply chain disruption by introduction of a new variant). There are other ways to deal with this problems as well, and I'm not married to this idea.
  My main point is the solution that most of the people on slashdot demand is not really feasible. That solution being to do nothing to disrupt the status quo and lock devices down so that nobody, not even law enforcement, can get into the device. If you can't trust your police and legal system to not violate your rights on your cellphone, how can you trust them in any other aspect of your life? Fix the real problem of corruption and public distrust.
  
  --
  “Common sense is not so common.” — Voltaire
7. Re:Would be nice if it automatically unlocked by Anonymous Coward · 2018-03-26 06:13 · Score: 1
  
  If anything it should be the other way around - if it was not successfully unlocked in 1 year, it should wipe itself and permabick blowing every internal fuse and overwriting any boot loader. What you are suggesting is like having your wallet on the table to go get some napkins and someone being free to just take it and use your id to pretend to be you.
8. Re:Would be nice if it automatically unlocked by Kjella · 2018-03-26 07:28 · Score: 1
  
  It would be nice if these devices automatically unlocked after some time limit, like 1 year.
  That would imply an application Logic-based lock, but instead, these phones use cryptography so the passcode is required to decrypt the data;
  Not really, the PIN is not the key and would not be needed if you could use brute force. And it enforces the timeouts somehow so it has a clock. If it doesn't work to have a one-year clock you have one "decrease unlock clock attempt" per day that always succeeds and if you do that 365 times it unlocks, technically it's not a problem to build it into the system But practically one year later is not a problem for somebody looking for celeb nudes on a stolen phone, the information is still valuable. All the pros and cons for keeping it locked down are still there a year later.
  
  --
  Live today, because you never know what tomorrow brings
9. Re:Would be nice if it automatically unlocked by Anonymous Coward · 2018-03-26 08:09 · Score: 0
  
  Make it longer than the statute of limitations or this is one of the dumbest ideas I've seen in a long time.
  Wait, no, scratch that, it is one of the dumbest ideas I've seen in a long time. My brain just went scrambling for some way to make it less gag inducing.
10. Re:Would be nice if it automatically unlocked by BitterOak · 2018-03-26 08:47 · Score: 1
  
  It would be nice if these devices automatically unlocked after some time limit, like 1 year. At least we could get into a device after someone died or after the police confiscated a device long enough, without having to hand over some backdoor keys that compromises the security of all our devices.
  The problem with that is that if someone wants to get your super-secret data, all they have to do is steal your phone, lock it in a safe for a year, and take it out and poof, it's unlocked. That doesn't sound very secure to me.
  
  --
  If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
11. Re:Would be nice if it automatically unlocked by jeff4747 · 2018-03-26 08:57 · Score: 1
  
  Include your passwords and PINs in a document that resides somewhere safe, like a safety deposit box. Your will confers access to it, and then your loved ones can unlock everything.
12. Re:Would be nice if it automatically unlocked by Anonymous Coward · 2018-03-26 16:28 · Score: 0
  
  But practically one year later is not a problem for somebody looking for celeb nudes on a stolen phone, the information is still valuable.
  Yes, my thought as well. Would life plus 75 years be better? It works for other IP,
13. Re:Would be nice if it automatically unlocked by david_thornley · 2018-03-27 09:15 · Score: 1
  
  I can't, by myself, fix the real problems of corruption and public distrust. That's a long-term goal for a large number of people. What I can do is disable the fingerprint sensor on my phone.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
14. Re:Would be nice if it automatically unlocked by david_thornley · 2018-03-27 09:17 · Score: 1
  
  iPhones are encrypted with AES-256, and brute-forcing that is impossible using only the resources of the Solar System.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Dead people tell no passwords by bettodavis · 2018-03-26 05:36 · Score: 1

That's why I never use finger print scanners, albeit Apple wants to shove those down everyone's throat by asking for a fingerprint every time you download an app, if you happened to register 1 finger print at least once.
1. Re:Dead people tell no passwords by WindBourne · 2018-03-26 05:48 · Score: 1
  
  Actually, for an app, it makes sense. Do not use it as a key for phone access. That is foolish.
  
  --
  I prefer the "u" in honour as it seems to be missing these days.
Re:Baloney by Anonymous Coward · 2018-03-26 05:39 · Score: 2, Insightful

I stopped reading Forbes articles when they started requiring me to disable my adblocker.
Is there anyone not ok with this? by DalM · 2018-03-26 05:39 · Score: 2

Tell you what. If I'm murdered and the cops think there might be something on my phone that would tell them who murdered me, I'm cool with them using my finger to unlock it.
1. Re:Is there anyone not ok with this? by Anonymous Coward · 2018-03-26 05:45 · Score: 0
  
  I wouldn't care since I'd be dead -- why would making a cop's life easier or advancing their career matter to me? It wouldn't bring me back, would it?
2. Re:Is there anyone not ok with this? by mysidia · 2018-03-26 06:04 · Score: 1
  
  Not only that.... but I would be happy to supply my passcode to an agent that would release it to only trusted individuals upon my death.
  If only such an agent could exist, and if only there were a place I could trust highly enough to secure my passcode with a strong assurance that the passcode could never be used against me or released prematurely, or against my wishes, or to anyone but highly-trustworthy individuals.....
3. Re:Is there anyone not ok with this? by bobbied · 2018-03-26 06:24 · Score: 1
  
  AND would be resistant to court orders or warrants?
  Good luck finding a way to do that.
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
4. Re:Is there anyone not ok with this? by SuricouRaven · 2018-03-26 06:34 · Score: 1
  
  Court orders, warrants, and the informal "we can't compel you, but it would be such a shame if you were to be arrested for something" warrant.
5. Re:Is there anyone not ok with this? by DalM · 2018-03-26 06:55 · Score: 1
  
  Give it to your wife or husband.
6. Re:Is there anyone not ok with this? by Holi · 2018-03-26 07:02 · Score: 1
  
  Too bad there isn't a system in place, where you have someone trained in the law, who has a duty to their client, and very powerful protections of their communications built into our legal system.
  
  I mean if we did we should call them Law-ers or something.
  
  --
  Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
7. Re:Is there anyone not ok with this? by R3d+M3rcury · 2018-03-26 07:26 · Score: 2
  
  Tell you what. If I'm murdered [...] I'm cool
  Yes. Yes you are.
8. Re:Is there anyone not ok with this? by Anonymous Coward · 2018-03-26 08:07 · Score: 1
  
  If you were murdered you would be room-temperature cool.
9. Re:Is there anyone not ok with this? by mysidia · 2018-03-26 08:15 · Score: 1
  
  Lots of people are single, including me. I have no wife or husband.
  And if I had one... I'm not sure it would be wise to entrust them with the passcode, since they would already be inherently trusted with almost everything else or soooo many other things, and there are things that exist called divorces and related risks of being betrayed; that there should be at least a FEW personal resources protected from a spouse... "just in case".
10. Re:Is there anyone not ok with this? by mysidia · 2018-03-26 08:26 · Score: 1
  
  and very powerful protections of their communications built into our legal system.
  It sounds great.... I don't know of any lawyers advertising an information filing/retention/release-on-event service that would make this possible though.
  Would you know of a service, where I could file documents with release instructions --
  and obtain said legal protections in addition to strong technical and physical access controls that would require 2 or 3 employees to be able to verify the authenticity of the request my signed document release requirements have been met,
  And provide decryption of the data in a manner that it's ensured only my authorized recipient will be able to read it?
11. Re:Is there anyone not ok with this? by Anonymous Coward · 2018-03-26 11:08 · Score: 0
  
  Sounds like you aren't actually ready for marriage anyway. Keeping secrets because you are on the fence about the relationship means you aren't able to truly trust and commit to this person.
  I actually made up a sheet with every possible password I have and printed it off so the wife would have an easier time accessing things. If you can't trust your husband or wife, then you married the wrong person.
  Or maybe you are not the kind of person someone ought to marry. Don't know you, can't say.
12. Re:Is there anyone not ok with this? by DalM · 2018-03-28 01:10 · Score: 1
  
  Sounds like you aren't actually ready for marriage anyway. ...Or maybe you are not the kind of person someone ought to marry.
  Not that either of those things are bad things.
Re:Wouldn't work with FaceID... by wonkey_monkey · 2018-03-26 05:40 · Score: 2

Why not?

--
systemd is Roko's Basilisk.
No. by Anonymous Coward · 2018-03-26 05:41 · Score: 3, Informative

Trigger happy cops will now be happier. The dead will not resist that caps use its fingerprints to unlock their phone...
Proof gathered this way should be invalidated or else cops will be more inclined to kill the suspects to access more easily their phones :(
Dude. No. No cop I've ever known would kill a drug user just to get a line on the dealer. Climb out of the youtube-hate.
1. Re:No. by burningcpu · 2018-03-26 05:54 · Score: 1
  
  I've interacted with police as well and I'm not as confident as you.
2. Re: No. by Anonymous Coward · 2018-03-26 06:12 · Score: 0
  
  Same here. I tracked down a vandal, smashing windshields, because the cops didn't care. When I finally got them to come out they said I was stupid and let the vandal go.
  Fuck the police.
3. Re:No. by Holi · 2018-03-26 06:21 · Score: 1
  
  I am sure you know all the police, but yeah sure no cop has ever murdered a drug dealer for any reason what so ever.
  
  --
  Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
4. Re:No. by nitehawk214 · 2018-03-26 06:52 · Score: 1
  
  Yeah, its much easier to get the drug user on charges, turn him into an informant, then give him no support when the drug dealer kills him.
  Much easier to convict on a murder charge than a drug dealing one.
  
  --
  I'm a good cook. I'm a fantastic eater. - Steven Brust
5. Re: No. by ScentCone · 2018-03-26 06:54 · Score: 1
  
  Same here. I tracked down a vandal, smashing windshields, because the cops didn't care. When I finally got them to come out they said I was stupid and let the vandal go.
  
  Fuck the police.
  Yes, that's a sure sign that that copy would kill somebody for evidence. You nailed it.
  
  --
  Don't disappoint your bird dog. Go to the range.
6. Re:No. by santiago · 2018-03-26 09:18 · Score: 1
  
  Yeah, c'mon, it's not like cops need an excuse to kill people. They can do it all they want already!
7. Re:No. by Anonymous Coward · 2018-03-26 11:55 · Score: 0
  
  A retired CHP officer friend once told me they are trained not to leave black suspects in the back of their car unattended in LA County. Why? Because LAPD once pulled the CHP's suspect from his car, beat him to death, and then put him back in the CHP vehicle and framed the CHP officer for the murder (CHP officer was away from the car, helping with the traffic accident.). He said it's happened MORE THAN ONCE and it became standard training to assume all LAPD officers were corrupt.
  So yeah, I am pretty sure the phone would just be a bonus.
Why is this even news? by Anonymous Coward · 2018-03-26 05:42 · Score: 0

The police are most likely covered by probable cause. Since the criminal was shot dead, he was obviously up to no good and the police had every right to search his phone for further threat, motive, accomplices, etc.
Moral of the story is don't go on killing spree. Or the cops might just use your dead fingers to unlock your phone.
1. Re: Why is this even news? by Anonymous Coward · 2018-03-26 05:54 · Score: 0
  
  Moral is: don't allow Mohammedists into country!
And the related question by Okian+Warrior · 2018-03-26 05:43 · Score: 5, Insightful

Tell you what. If I'm murdered and the cops think there might be something on my phone that would tell them who murdered me, I'm cool with them using my finger to unlock it.
Apropos of nothing, are you cool with them having an incentive for shooting you rather than taking you in, in order to get at your information?
1. Re:And the related question by OffTheLip · 2018-03-26 05:48 · Score: 1
  
  While an extreme interrogation technique no doubt it would be used in some cases.
2. Re:And the related question by DalM · 2018-03-26 05:48 · Score: 2
  
  No. But that's a really, really, really low view of cops that I don't share. I'm cynical on a lot of things, and I understand that cops have a history of being a bit trigger happy, especially with minorities, but I'm not at a place where I think a typical cop would intentionally murder a person just to get evidence for a case. That's a significant step further.
3. Re:And the related question by Anonymous Coward · 2018-03-26 05:52 · Score: 0
  
  If only there was a rule against cops being crooked.
4. Re:And the related question by war4peace · 2018-03-26 05:56 · Score: 1
  
  But we aren't talking about a typical cop here, nor about a typical scenario of phones being unlocked, are we?
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
5. Re:And the related question by Actually,+I+do+RTFA · 2018-03-26 06:15 · Score: 1
  
  Why do you think they won't just order you to use your finger to unlock the phone when alive? Police are already adept at physically forcing you to do things.
  
  --
  Your ad here. Ask me how!
6. Re:And the related question by qbast · 2018-03-26 06:20 · Score: 1
  
  They can just grab your finger and forcibly push it to the phone. Less mess and paperwork to clean up. And what are you going to do when cops testify that the phone was already unlocked when they took it?
7. Re:And the related question by Anonymous Coward · 2018-03-26 06:31 · Score: 0
  
  Tell you what. If I'm murdered and the cops think there might be something on my phone that would tell them who murdered me, I'm cool with them using my finger to unlock it.
  Apropos of nothing, are you cool with them having an incentive for shooting you rather than taking you in, in order to get at your information?
  Ironically, the media is already awash with stories of cops who shoot first & ask questions later.
  I know this isn't the majority of cops, but the "blue line" mentality implies that the majority are OK with their fellow officers being reckless with the public's lives. I know its a dangerous job, but shooting an unarmed person 20 times is inexcusable IMO. If Joe Public did that there'd be charges (and rightly so).
8. Re:And the related question by DalM · 2018-03-26 06:55 · Score: 1
  
  They actually can do that already.
9. Re:And the related question by Holi · 2018-03-26 06:59 · Score: 1
  
  " I know its a dangerous job."
  Compared to what?
  
  If you answer:
  Fisherman
  Logger
  Construction Worker
  Roofer
  Garbage Collector
  Truck Driver
  Pilot
  Farmer/Rancher
  Lineman
  Oil Well Operator.
  
  Then no, it is not really that dangerous at all.
  
  --
  Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
10. Re:And the related question by Anonymous Coward · 2018-03-26 07:45 · Score: 0
  
  No. But that's a really, really, really low view of cops that I don't share.
  You must be white then...
11. Re:And the related question by Anonymous Coward · 2018-03-26 08:08 · Score: 0
  
  If only there was a rule against cops being crooked.
  There are rules but crooked cops ignore them.
12. Re:And the related question by Anonymous Coward · 2018-03-26 08:08 · Score: 0
  
  We just need more sensible cop control.
13. Re:And the related question by jeff4747 · 2018-03-26 08:59 · Score: 1
  
  Apropos of nothing, are you cool with them having an incentive for shooting you rather than taking you in, in order to get at your information?
  They can already use your fingerprint to unlock a phone while you are alive. They don't need to kill you to gain access.
14. Re:And the related question by CanHasDIY · 2018-03-26 09:31 · Score: 1
  
  It's only dangerous to be a cop when cops act dangerously.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
15. Re:And the related question by Aristos+Mazer · 2018-03-26 14:04 · Score: 1
  
  I know of cases where cops have murdered to suppress information in a case. It wouldn't surprise me if the inverse exists. Low-level drug dealer refuses to testify against big-fish dealer? Kill low-level, take phone as evidence. Seems plausible. I think it is better to just remove the temptation and use a secure passcode with a 10-tries-then-wipe rule.
Not simple and would not work here by SuperKendall · 2018-03-26 05:43 · Score: 3, Informative

A simple mask wouldn't work either, you appear to know nothing about FaceiD or technology. Oh you poor Apple Haters!
The mask (singular) you read about unlocking an iPhone X? It was rather complex, requiring a full 3D scan, IR photos of the area round the eyes placed exactly right, which also require a living subject to capture... how are you going to get that photo after they are dead? Your "point" in the end is just more Hater bullshit, pointless in relation to the current article and doing more to highlight your own ignorance and ineptness than relevancy.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
1. Re:Not simple and would not work here by Anonymous Coward · 2018-03-26 05:48 · Score: 0
  
  It's been four months since they made that mask.
  Technology evolves.
  It's trivial to open a phone locked with Face ID. Just check out the dark web some time.
2. Re: Not simple and would not work here by Anonymous Coward · 2018-03-26 06:08 · Score: 0
  
  Just pass the phone around the office or a party. Someone's face will unlock it eventually.
3. Re:Not simple and would not work here by SuperKendall · 2018-03-26 06:10 · Score: 1
  
  So you say - with no links other than a mention of "the dark web". and none of it actually simple, as the original message alluded to.
  Yes, technology does involve - which means OS updates from Apple that also improve FaceID. What works today my not soon when iOS 11.3 comes out.
  I find it amusing you are so ashamed to own what you say, that you post this AC in hopes I might not notice you posting more misleading statements... sad.
  
  --
  "There is more worth loving than we have strength to love." - Brian Jay Stanley
4. Re:Not simple and would not work here by Anonymous Coward · 2018-03-26 06:26 · Score: 0
  
  Sorry, pal, but Face ID has been pretty well demolished at this point. It's just that since no one bought the iPhone X, it's kind of a useless party trick at this point.
  Although if you do lose your iPhone X, I'd make sure to disable any cards you might have linked with Apple Pay, because those are going to be drained in an instant. Just a heads up.
5. Re:Not simple and would not work here by DigiShaman · 2018-03-26 06:42 · Score: 1
  
  With the IR sensors used in FaceID, I honestly thought Apple would be using vascular bio-metrics (vein imaging). Why hasn't this been done? The hardware is there to do it, no? Would be far more secure and harder to fake.
  
  --
  Life is not for the lazy.
6. Re:Not simple and would not work here by Anonymous Coward · 2018-03-26 06:45 · Score: 0
  
  That's not likely. Creating a mask from a cadaver or photographs is one thing, but reverse-engineering a mask from nothing but a locked phone... no
7. Re:Not simple and would not work here by Anonymous Coward · 2018-03-26 06:47 · Score: 0, Informative
  
  lol buddy I think you might be getting faceid confused with some other facial unlock feature from a different manufacturer. There is only 1 exploit for faceid, and it requires the person to be alive and available, and to submit to a 3d infrared facial scan. The resulting mask that is created also needs to simulate specific temperatures at the specific points and still resemble the person.
  The resultant mask costs $50,000 and the hardware required to make it several hundred thousand.
  Oh yes and the target still has to voluntarily submit to a facial scan.
8. Re:Not simple and would not work here by Anonymous Coward · 2018-03-26 06:55 · Score: 0
  
  Settle down, Tim Cook. You're coming off as an irrational child.
9. Re:Not simple and would not work here by Anonymous Coward · 2018-03-26 07:02 · Score: 0
  
  The resultant mask costs $50,000 and the hardware required to make it several hundred thousand.
  you say that like you think that is expensive or something. the Govt has paid more than that to unlock the san bernardino phone if a govt wants in, a few hundred thousand isn't going to stop them.
10. Re:Not simple and would not work here by Holi · 2018-03-26 07:03 · Score: 1
  
  Just grab their kid.
  
  --
  Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
11. Re:Not simple and would not work here by sexconker · 2018-03-26 07:08 · Score: 1
  
  lol buddy I think you might be getting faceid confused with some other facial unlock feature from a different manufacturer. There is only 1 exploit for faceid, and it requires the person to be alive and available, and to submit to a 3d infrared facial scan. The resulting mask that is created also needs to simulate specific temperatures at the specific points and still resemble the person.
  The resultant mask costs $50,000 and the hardware required to make it several hundred thousand.
  Oh yes and the target still has to voluntarily submit to a facial scan.
  A 10 year old Kinect and a 4 year old FLIR One will copy any face well enough to fool Face ID in a couple of seconds.
  Making the mask is trivial. You 3D print a rough mold, then glob silicon on it and paint it. Recreating temperature zones is the "hard" part, but only because you need to actually build something to to that. It doesn't have to be very accurate or precise. FaceID's matching is incredibly fuzzy.
12. Re:Not simple and would not work here by sinij · 2018-03-26 07:12 · Score: 1
  
  Just slightly microwave the dead face to warm it up and it should work, right?
13. Re:Not simple and would not work here by Anonymous Coward · 2018-03-26 07:14 · Score: 0
  
  A 10 year old Kinect and a 4 year old FLIR One will copy any face well enough to fool Face ID in a couple of seconds.
  From a dead body?
14. Re:Not simple and would not work here by Anonymous Coward · 2018-03-26 07:33 · Score: 0
  
  LOL if you're on Facebook and can't figure out how to pull someone's identity from a locked phone and figure out how to make a 3D model of their face.
  Hint: Apple users are narcissists, narcissists post selfies on social media. A lot.
15. Re:Not simple and would not work here by Anonymous Coward · 2018-03-26 07:55 · Score: 1
  
  A friend of mine's daughter can open his wife's iphone using face ID. They look a lot alike, but are NOT identical. The face ID tech is obviously not perfect.
16. Re:Not simple and would not work here by Anonymous Coward · 2018-03-26 09:08 · Score: 0
  
  Right, because getting an IR picture of someone is sooooo hard. Wearing your password on your hand or your face is pretty equally bad.
17. Re:Not simple and would not work here by Anonymous Coward · 2018-03-26 09:11 · Score: 0
  
  You seem to think that it would be really difficult to come up with a close enough IR approximation. What evidence do you have of this? Just because they used an IR photo to construct that one doesn't mean one couldn't guess close enough to satisfy the unlock.
18. Re:Not simple and would not work here by Agent0013 · 2018-03-26 09:15 · Score: 1
  
  You seem to have forgotten about the try it on random people in the street exploit. About 1 out of 20 will open it or something. That isn't that hard to do.
  
  --
  
  -- ssoorrrryy,, dduupplleexx sswwiittcchh oonn.. -Quote found on actual fortune cookie.
19. Re:Not simple and would not work here by CanHasDIY · 2018-03-26 09:22 · Score: 1
  
  Apple’s Face ID security fooled by simple face mask
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
20. Re: Not simple and would not work here by Anonymous Coward · 2018-03-26 18:24 · Score: 0
  
  This sort of tech is often predicated on there not being two people who look very similar around. I.e. sensitive (to avoid frustration), but not so specific.
21. Re: Not simple and would not work here by q_e_t · 2018-03-26 18:41 · Score: 1
  
  Disclosure: I worked on this sort of face recognition fifteen years ago, using 3D imaging, with a similar use case.
22. Re: Not simple and would not work here by shilly · 2018-03-26 18:51 · Score: 2
  
  You must go to very big parties. The false positive rate is 1 in 1m.
23. Re:Not simple and would not work here by fisted · 2018-03-27 02:15 · Score: 1
  
  Oh yes and the target still has to voluntarily submit to a facial scan.
  Why does it have to be voluntarily?
  
  --
  CLI paste? paste.pr0.tips!
my wife thought I was crazy... by WindBourne · 2018-03-26 05:47 · Score: 2

when I said that we should NOT do the fingerprint lock on the phone. I have to say that it will actually encourage somebody killing you, and taking your hand, or such as the police using it.
HOWEVER, where it DOES make sense, is for app access. IOW, once you have unlocked the phone, but an app, say credit card needs to be unlocked again, the finger print makes sense. Kind of wish that we could do say 1-3 prints for the key. That would truly limit the likelihood of somebody being able to use it.

--
I prefer the "u" in honour as it seems to be missing these days.
1. Re:my wife thought I was crazy... by jwhyche · 2018-03-26 06:13 · Score: 2
  
  Well, my first question would be. Has there ever been a documented case of any one being killed so someone can use their finger to unlock their phone?
  I believe in being secure. My phone is locked most of the time, unlocked with a pin and a finger print. I also have nova launcher set so that I can lock it and disable the finger print scanner. It also unlocks at my home and if my wireless headphones are attached.
  None of these will keep a dedicated police search out of my phone. But they will keep someone from wandering by and just going through my phone. They will also thwart, a random search by the police in the street.
  To me, any thing else would just be paranoid. There is a fine point between being secure and being paranoid. I prefer not to cross that line as of yet.
  
  --
  I read at +2. If your post doesn't reach that level I will not see or respond to it.
2. Re:my wife thought I was crazy... by mysidia · 2018-03-26 06:23 · Score: 1
  
  This is where careful selection of hardware comes.... For instance in the Android ZTE Axon7's fingerprint sensor they reportedly chose to use Goodix's solution that uses Infrared imaging of the print on tissue beneath the surface of the finger which verifies liveness of the finger, and that the print presented is not a simple cosmetic mockup or disembodied finger.
  The only concern then is forced access..... Wouldn't TWO-Factor make sense?
  Option A quick access: FINGER + 4-digit PIN
  Option B one-time per boot or after idle for 48 hours: 4-digit PIN then Long passphrase
  In all cases, getting the 4-digit PIN wrong 6 times in a rough initiates automatic self-erasure.
3. Re:my wife thought I was crazy... by WindBourne · 2018-03-26 06:24 · Score: 1
  
  not sure about the first, however, in the Aurora, Co Mall, somebody had bought an iphone and another person running by grabbed it. Apparently, they tore a finger off the owner, and yet, the crook continued to run with it.
  Add to that, the fact that ppl DO have apps on the phones where they can access 100's of 1000s of $. Ppl kill for 100s of $, so, I would guess that if they know, or at least you look it, that you have 100,000+ accessible via your phone and all it takes is your finger to access it, it will make you a target. Not Good.
  
  As to security vs paranoid, I worked on Patriot act. Prior to that work, I would have said that I am now paranoid. After it, I continue to think that I am not secured enough. And I really am not. A simple pin really is not the right solution. Still, I find it interesting who we find security vs paranoia based on experience.
  
  --
  I prefer the "u" in honour as it seems to be missing these days.
4. Re:my wife thought I was crazy... by Anonymous Coward · 2018-03-26 06:29 · Score: 0
  
  As to security vs paranoid, I worked on Patriot act.
  I hope you and your family have a terribly painful demise.
5. Re:my wife thought I was crazy... by vux984 · 2018-03-26 06:34 · Score: 1
  
  "None of these will keep a dedicated police search out of my phone."
  Given that it unlocks itself at your home, I'd tend to agree.
  " But they will keep someone from wandering by and just going through my phone."
  Some of the people most likely to wander by and go through your phone are in your house (where its unlocked): family members, guests, roommates, your guests or THEIR guests.
  I'm not saying you should have any reason not to trust your wife, but your 16 your old's best friends' boyfriend my be less reliable.
6. Re:my wife thought I was crazy... by Anonymous Coward · 2018-03-26 07:09 · Score: 0
  
  I hope you get poop in your mouth. Although, you shouldn't wish bad things on other people, so I also hope you like the taste of poop.
7. Re:my wife thought I was crazy... by Anonymous Coward · 2018-03-26 07:20 · Score: 0
  
  Would the killer believe you if you say "my dead finger won't work".
8. Re:my wife thought I was crazy... by Anonymous Coward · 2018-03-26 07:28 · Score: 0
  
  That's the real issue... fingerprint passwords are only 1 digit long.
9. Re:my wife thought I was crazy... by Deep+Esophagus · 2018-03-26 09:47 · Score: 1
  
  in the Aurora, Co Mall, somebody had bought an iphone and another person running by grabbed it. Apparently, they tore a finger off the owner, and yet, the crook continued to run with it.
  I would have bet any amount of bitcoin that this was an urban legend, but here ya go.
  Although having said that, it sounds like the thief wasn't deliberately trying to steal the finger; it just got mangled by the cord wrapped around the victim's finger by the sudden pulling force. The thief didn't so much "take the finger" as take so much skin, doubtful that it could be used to reconstruct a fingerprint, that the finger had to be amputated.
10. Re:my wife thought I was crazy... by cmseagle · 2018-03-26 19:46 · Score: 1
  
  What do you have on your phone that someone would literally be willing to kill you to access it? Unless you work for a three-lettered government agency and for some reason have sensitive, un-encrypted data on your personal device, is that a real risk for the average person?
11. Re:my wife thought I was crazy... by WindBourne · 2018-03-27 02:52 · Score: 1
  
  Weird. Right? BUT, the thief continued on as well as tried to murder the victim, which is why he got 25 years.
  Basically, plenty of ppl in the world have so little care about others.
  But, I did get another thing wrong, which is that it was Cherry Creek, not Aurora Mall. Still, it is why I refuse to lock my phone via finger , retinal, or face scan, though I really like the idea of app locking via bio scans.
  
  --
  I prefer the "u" in honour as it seems to be missing these days.
12. Re:my wife thought I was crazy... by WindBourne · 2018-03-27 02:56 · Score: 1
  
  How many ppl in America make 6-8 figures a year and have apps on their phones for accessing their banks? MANY ppl. In fact, most of the none technical ones are going to be stupid enough to put bank apps on and then make it accessible via simple bio scans.
  I would expect even a few of the techs here will have the apps on their phones. Hopefully, they do not make it all bio-scan access.
  
  --
  I prefer the "u" in honour as it seems to be missing these days.
Re:Wouldn't work with FaceID... by 93+Escort+Wagon · 2018-03-26 05:53 · Score: 1

Why not?
I've heard people complaining that it doesn't always work right after they've been asleep... so it's not surprising it might not work after the Big Sleep.

--
#DeleteChrome
Re:Wouldn't work with FaceID... by Anonymous Coward · 2018-03-26 05:55 · Score: 5, Funny

Apple FaceID requires the person have that smug look of self-importance. Dead faces all appear as Windows users to FaceID.
I'm confused by Trailer+Trash · 2018-03-26 05:56 · Score: 0

after Abdul Razak Ali Artan had mowed down a group of people in his car, gone on a stabbing spree with a butcher's knife ... on the grounds of Ohio State University...
I'm confused - I thought guns were the problem.

--
Do you have ESP?
1. Re:I'm confused by cogeek · 2018-03-26 06:11 · Score: 1
  
  No, guns are the CURRENT problem. Once they've banned those and murders are still happening they'll get around to knives and trucks.
2. Re:I'm confused by qbast · 2018-03-26 06:15 · Score: 1
  
  Yes, you are very confused. His 'mowing down group of people' and 'stabbing spree' caused only injuries. The only person to die was Artan who got shot. Now compare the body count with typical shooting spree.
3. Re:I'm confused by Anonymous Coward · 2018-03-26 06:19 · Score: 0
  
  They are. That's why no one innocent died during the attack and the only person who did died at the hands of a gun-carrying LEO.
4. Re:I'm confused by Anonymous Coward · 2018-03-26 06:33 · Score: 0
  
  after Abdul Razak Ali Artan had mowed down a group of people in his car, gone on a stabbing spree with a butcher's knife ... on the grounds of Ohio State University...
  I'm confused - I thought guns were the problem.
  No, they're just a huge part of the problem.
5. Re:I'm confused by Anonymous Coward · 2018-03-26 06:40 · Score: 0
  
  Now compare the body count with typical shooting spree.
  https://www.pennmedicine.org/news/news-releases/2014/january/survival-rates-similar-for-gun
6. Re:I'm confused by Anonymous Coward · 2018-03-26 08:23 · Score: 0
  
  86?
  https://en.wikipedia.org/wiki/2016_Nice_attack
7. Re:I'm confused by CanHasDIY · 2018-03-26 09:33 · Score: 1
  
  Yes, you are very confused. His 'mowing down group of people' and 'stabbing spree' caused only injuries. The only person to die was Artan who got shot.
  So what you're saying is that a good guy with a gun...
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
8. Re:I'm confused by Trailer+Trash · 2018-03-26 10:39 · Score: 1
  
  Yes, you are very confused. His 'mowing down group of people' and 'stabbing spree' caused only injuries. The only person to die was Artan who got shot.
  So what you're saying is that a good guy with a gun...
  Be careful, little heads may explode if you finish that :)
  
  --
  Do you have ESP?
9. Re:I'm confused by qbast · 2018-03-26 18:46 · Score: 1
  
  Police officer to be exact. Which makes is pretty much a model case for advocating gun control.
10. Re:I'm confused by CanHasDIY · 2018-03-27 07:57 · Score: 1
  
  Because police officers are always good guys?
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
Re:Wouldn't work with FaceID... by thegarbz · 2018-03-26 06:02 · Score: 1

Just sayin'
Also wouldn't work with a 4 digit pin. Seems like we solved this problem long before it existed.
You don't need to get a payday loan to afford phone security anymore.
You're welcome.
It's The Ohio State University by Anonymous Coward · 2018-03-26 06:04 · Score: 1

OSU is always "The". always always
You can have access to my iPhone... by SeaFox · 2018-03-26 06:09 · Score: 5, Funny

...when you unlock it with my cold, dead hands.
Never liked finger-print unlocks by HeckRuler · 2018-03-26 06:12 · Score: 2

I don't want my dead fingers to be more useful to the cops than my living fingers. That's a bad-mojo sort of incentive brewing right there.
1. Re:Never liked finger-print unlocks by cogeek · 2018-03-26 06:20 · Score: 1
  
  It wouldn't be more useful. Arrested criminals can already be forced to give up passwords despite the 5th amendment and it's been upheld by the Supreme Court. A living finger works a lot easier than a dead one. Cops might have to break a few of the unnecessary fingers to get compliance, but they'll get it unlocked whether the hand is alive or not.
2. Re:Never liked finger-print unlocks by swillden · 2018-03-26 09:04 · Score: 1
  
  I don't want my dead fingers to be more useful to the cops than my living fingers. That's a bad-mojo sort of incentive brewing right there.
  They can make you put your living finger on the scanner, so your dead fingers would be equally useful, not more useful.
  As for theories that they might shoot you because they don't have probable cause to arrest you, it's much easier to manufacture probable cause than it is to justify shooting. Even if their probable cause gets tossed later, they can still use whatever evidence they got from the device, just not against you. And of course if they kill you they can't use the evidence against you, because you're dead. So there's really no advantage in killing you.
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
3. Re:Never liked finger-print unlocks by CanHasDIY · 2018-03-26 09:35 · Score: 1
  
  A lot of people seem to have forgotten that parallel construction is a thing.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
4. Re:Never liked finger-print unlocks by Aristos+Mazer · 2018-03-26 14:07 · Score: 1
  
  Apple should reduce to only 8 tries before wiping. Then you could pick, say, your ring finger, and have at least a chance that they're going to guess wrong. :-)
Re:Wouldn't work with FaceID... by Anonymous Coward · 2018-03-26 06:13 · Score: 0

Well, iPhones are not for poor people.
Hard to say by SuperKendall · 2018-03-26 06:13 · Score: 1

Also wouldn't work with a 4 digit pin.
Sure it would, if he had a friend or roommate or GF that knew the PIN (which most would). Lots more ways to get a PIN after someone is dead.
You don't need to get a payday loan to afford phone security anymore.
We live in a world where $40k cars are common now and you complain that a phone you could use for three to four years costs $1k? You use a phone every day. I use it vastly more often than my car. And you can get it free through some channels like carrier subsidy... there's a way for anyone to have an X that really wants one.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
1. Re:Hard to say by gnick · 2018-03-26 06:29 · Score: 1
  
  We live in a world where $40k cars are common now and you complain that a phone you could use for three to four years costs $1k? You use a phone every day. I use it vastly more often than my car.
  
  I use my coffee mug more than my phone and it cost me about $3. My phone has some features that my mug lacks, just like my car has some features that my phone lacks.
  
  --
  He's getting rather old, but he's a good mouse.
2. Re:Hard to say by Anonymous Coward · 2018-03-26 06:50 · Score: 0
  
  We live in a world where $40k cars are common now and you complain that a phone you could use for three to four years costs $1k? You use a phone every day. I use it vastly more often than my car.
  I use my coffee mug more than my phone and it cost me about $3. My phone has some features that my mug lacks, just like my car has some features that my phone lacks.
  Well obviously if you use a damn COFFE MUG more than a phone you could get by with a flip phone with no internet access.
  Most people use their phones hundreds of times a day for many hours. Most people use a coffee mug 1-2 times a day for maybe 30 minutes max.
3. Re:Hard to say by gnick · 2018-03-26 07:09 · Score: 2
  
  Most people use their phones hundreds of times a day for many hours. Most people use a coffee mug 1-2 times a day for maybe 30 minutes max.
  Who uses a coffee mug 1-2 times/day? Once to brew followed by one huge, scalding gulp? I use my coffee mug for about 8 hours a day. Part of that time I use it to sip coffee; the rest of the time I use it to hold coffee. I use my phone intermittently between 4-9 PM to play Words With Friends, browse Facebook, chat/SMS, and occasionally to make or receive a phone call. Am I that unusual?
  
  --
  He's getting rather old, but he's a good mouse.
4. Re:Hard to say by Anonymous Coward · 2018-03-26 07:28 · Score: 0
  
  Also wouldn't work with a 4 digit pin.
  Sure it would, if he had a friend or roommate or GF that knew the PIN (which most would).
  Who in their right might shares PINs with anyone? You may trust your roommate or grandfather, but where I come from, security means security.
5. Re:Hard to say by lister+king+of+smeg · 2018-03-26 08:06 · Score: 1
  
  Also wouldn't work with a 4 digit pin.
  Sure it would, if he had a friend or roommate or GF that knew the PIN (which most would).
  Who in their right might shares PINs with anyone? You may trust your roommate or grandfather, but where I come from, security means security.
  I know my parents pin number, and my wife in theory knows my pin number. degrees of trust.
  
  --
  ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
6. Re:Hard to say by Aristos+Mazer · 2018-03-26 13:58 · Score: 1
  
  If it is a spouse, likely ok, as they cannot be compelled to testify, at least in USA. Same with lawyer or priest. But roommates? That's idiotic security. And even if you do trust them, it puts them in an uncomfortable bind with a subpoena. Might be ok if you had linked pace makers -- if one of you goes down, so does the other.
7. Re:Hard to say by evil_aaronm · 2018-03-26 17:40 · Score: 1
  
  Of course you use your coffee mug 8 hours a day. You probably walk around Initech with that stupid mug, annoying people by passive-aggressive asking if they'd come in to work on Saturdays. Well, piss off, Lumbergh! And screw those stupid suspenders, too!
8. Re: Hard to say by Anonymous Coward · 2018-03-26 18:43 · Score: 0
  
  Iran?
9. Re: Hard to say by Anonymous Coward · 2018-03-26 19:22 · Score: 0
  
  You're not unusual. Just old
10. Re:Hard to say by thegarbz · 2018-03-26 21:56 · Score: 1
  
  We live in a world where $40k cars are common now and you complain that a phone you could use for three to four years costs $1k?
  We live in a world where people spend $300000 on a house, what do you mean they think that a $20 banana is frigging expensive and not worth the money!
  
  And you can get it free through some channels like carrier subsidy
  Oh my god. Please tell me you're not actually that stupid.
11. Re:Hard to say by gnick · 2018-03-27 14:50 · Score: 1
  
  Sounds like somebody has a case of the Mondays.
  
  --
  He's getting rather old, but he's a good mouse.
I don't think any cop would by rsilvergun · 2018-03-26 06:16 · Score: 1

Now our President? I'm not so sure anymore.

--
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Re:Baloney by powerlord · 2018-03-26 06:19 · Score: 1

Try uBlock Origin.
Lower memory/CPU footprint than a lot of the others, and lots of places don't detect it (like Forbes).

--
This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
Not thumb? by Anonymous Coward · 2018-03-26 06:19 · Score: 0

Index finger? Maybe they should have used the thumb.
Over my dead body! Oh wait... by foxalopex · 2018-03-26 06:21 · Score: 1

Heh, this certainly gives new meaning to that expression!
Get a warrant by some+old+guy · 2018-03-26 06:21 · Score: 4, Informative

Body dead too long? Too bad. Get a warrant.
Druggie too stoned to give consent? Get a warrant.
Want to access my phone FOR ANY REASON? Get a fucking WARRANT.

--
Scruting the inscrutable for over 50 years.
The good ol' password wins again by GameboyRMH · 2018-03-26 06:22 · Score: 2

You can't steal a password off someone's body, dead or alive.

--
"When information is power, privacy is freedom" - Jah-Wren Ryel
1. Re:The good ol' password wins again by sinij · 2018-03-26 07:14 · Score: 1
  
  You can't steal a password off someone's body, dead or alive.
  Rubber hose crypto analysis still applies.
2. Re:The good ol' password wins again by TimMD909 · 2018-03-26 08:15 · Score: 1
  
  You can't steal a password off someone's body, dead or alive.
  It's most definitely possible to get passwords out of someone who's alive.
3. Re:The good ol' password wins again by Anonymous Coward · 2018-03-26 14:10 · Score: 0
  
  In some cases, it would be like beating a dead nerd.
4. Re:The good ol' password wins again by Anonymous Coward · 2018-03-26 20:31 · Score: 0
  
  But you can steal it from the post-it note on their monitor...
Challenge Accepted by Anonymous Coward · 2018-03-26 06:33 · Score: 0

Privacy advocates: "Over my dead body!"
Police: "Challenge accepted!"
Easy attack [Re:Would be nice if it automatical... by Geoffrey.landis · 2018-03-26 06:36 · Score: 1

"It would be nice if these devices automatically unlocked after some time limit, like 1 year."
This gives you an easy attack vector: just reset the clock.

--
http://www.geoffreylandis.com
Non gender specific people, start your hashtags! by Applehu+Akbar · 2018-03-26 06:43 · Score: 1

Abdul Razak Ali Artan had mowed down a group of people in his car, gone on a stabbing spree with a butcher's knife and been shot dead by a police officer on the grounds of Ohio State University,
Attention, you millennial ornate hexagonal crystals of dihydrogen monoxide! For how much longer are we going to let people ride around in these personal weapons of mass destruction, wielding kitchen utensils that can kill silently at any time? The UK is taking knives away from people now, and so can we. #CarsKillKnivesKillBusesForAll
FBI agent applied the bloodied body's index finger by KingMotley · 2018-03-26 06:49 · Score: 1

Am I the only one who noticed?

an FBI agent applied the bloodied body's index finger
Uh... Perhaps using the thumbprint instead would have been better since that is what the iPhone uses?
what if a suspect lost a finger? by tatman · 2018-03-26 07:01 · Score: 1

What would happen if, say, during the commission of a crime, the suspects finger was lost (got ripped off ... something gross)? If the cops recovered it, could they use it to attempt an unlock? If that's the case, we are one step from suspects "accidentally" losing a finger, conveniently.

--
I've always said English was my second language. Had Romeo and Juliet been written in C, I might have understood it.
Biometrics: Uses and Abuses by Anonymous Coward · 2018-03-26 07:01 · Score: 0

Biometrics: Uses and Abuses by Bruce Schneier
TL;DR:
Biometrics are powerful and useful, but they are not keys.
But always keep in mind that biometrics are not secrets.
NOTE: Article is ~20 years old, but the advice is as timely as ever.
"I$I$-inspired?" It's called a drive-by. by Anonymous Coward · 2018-03-26 07:05 · Score: 0

Mmmm...k? He probably had brown people photos (family) in his phone and went on rants within social media like everyone else. Maybe he owned a few guns. What he did was called a drive-by folks, not terrorism, though I'm sure UK people would disagree given that a couple of guys with knives (in U.S. they'd have been shot in 5 minutes) qualify over there. The reality is that there are simply just crazy people in this world with no explanation because that's how crazy works. Him getting out of the car to stab people afterwards proves it. No inspiration needed. Wonder what kind of bonuses and promotions are handed out for labeling like this? I guess only white people go postal insane while the rest of the races are terrorists. Being named Andul probably doesn't help much either.
Re:Wouldn't work with FaceID... by Anonymous Coward · 2018-03-26 07:08 · Score: 2

In that case Martin Shkreli's face can probably unlock any apple phone with FaceID enabled.
*all* rights end at death by Lord+Bitman · 2018-03-26 07:12 · Score: 1

I don't care. If you're dead, you should have absolutely zero rights.

--
-- 'The' Lord and Master Bitman On High, Master Of All
1. Re:*all* rights end at death by R3d+M3rcury · 2018-03-26 07:29 · Score: 1
  
  So, when you die, I should be able to just walk into your house and take your stuff? Claim your bank account?
2. Re:*all* rights end at death by Anonymous Coward · 2018-03-26 07:33 · Score: 0
  
  I don't care. If you're dead, you should have absolutely zero rights.
  Screw that. The right to access my data, like any other documents, transfers to my next of kin, not to some random thug just because s/he has a badge and a gun.
3. Re:*all* rights end at death by Anonymous Coward · 2018-03-26 09:18 · Score: 0
  
  I don't care. If you're dead, you should have absolutely zero rights.
  So, when you die, I should be able to just walk into your house and take your stuff?
  That's exactly what's been said.
  He, Lord Bitman: try and give us a heads-up just before you die. I want your lawnmower. :)
4. Re:*all* rights end at death by CanHasDIY · 2018-03-26 09:38 · Score: 1
  
  What's your address? I want to be one of the first looters on site when you croak.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
5. Re:*all* rights end at death by Anonymous Coward · 2018-03-26 09:49 · Score: 0
  
  Of course not. That's a stupid question. Because that stuff still belongs to someone once that person dies. Could be his family, a friend, or someone else in a will. Lacking any of that it'd normally become property of the state. It's not like they die and it becomes a free for all even the dead person no longer (should) have rights.
Re:FBI agent applied the bloodied body's index fin by R3d+M3rcury · 2018-03-26 07:28 · Score: 1

Well, it can use any finger you register. I use a thumb and an index finger.
Of course, you only get so many attempts (fewer than 10) so you can't go through all fingers without getting a lockdown.
Re:Easy attack [Re:Would be nice if it automatical by mysidia · 2018-03-26 08:08 · Score: 1

I think you want to reply to the parent, as I have not suggested the time-based unlock is feasible in a secure smart phone.
However, the issue of resetting the clock can be mitigated by requiring the phone to be unlocked to access those settings. Alternatively the "mechanism to unlock after 1 year" could require a digitally signed request that is also countersigned by multiple secure timestamping authorities possessiong X509 security certificates from trusted Root CAs holding the timestamping role trusted by the smartphone that agree that the 1yr unlocking request has been submitted to them at exactly Y time.
There are good reasons for Apple's practices of purging the decryption key from RAM and requiring a full key be entered after some hours --- assuming an adversary has hijacked physical possession of the powered on phone but not managed to gain access; keeping the key in RAM increases the risk that the decryption key could be stolen by tampering with the device and reading the RAM directly: as time progresses, the chance of discovering a previously unknown unpatched "Unlocking" vulnerability grows --- the vulnerabilities cannot be safely fixed when the owner is not in physical possession of their device to authorize a code update.
Necromancy by ChatHuant · 2018-03-26 08:15 · Score: 1

High time too; thieves have been using Hands of Glory for hundreds of years now, it's nice to see the police finally catching up with modern necromantic technology...
All about context by Koreantoast · 2018-03-26 08:36 · Score: 1

Agreed in that it's all about circumstances. If a person was randomly found dead and was unidentifiable, I think it's perfectly reasonable to do this to try and identify who they were, reach out to next of kin. Same with a murder victim in that the fingerprint could help lead to their killer. However, if this is someone gunned down by police, or they find a victim who they can identify, unless there is an immediate threat as defined by the law (e.g. a bomb is planted and about to go off), I don't think there's any reason for police to be able to dig through their phone.
1. Re:All about context by Threni · 2018-03-26 19:01 · Score: 1
  
  > reach out to next of kin
  If they couldn't reach, would they move towards them? Perhaps they could shout?
This is why... by natex84 · 2018-03-26 09:07 · Score: 1

This is why I use my toes to unlock my phone!
1. Re:This is why... by CanHasDIY · 2018-03-26 09:39 · Score: 1
  
  If you're not using a scrotal imprint you're doing it wrong.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
Re:Wouldn't work with FaceID... by CanHasDIY · 2018-03-26 09:22 · Score: 1

From another source:

In theory, Apple’s Face ID authentication is supposed to require eye movement to work. But Marc Rogers, researcher and head of information security at Cloudflare, told Forbes that he’s recently discovered that photos of open eyes work just fine.
A few months ago, Vietnamese researchers did the same thing. With a mask.

--
An enigma, wrapped in a riddle, shrouded in bacon and cheese
Re:Wouldn't work with FaceID... by CanHasDIY · 2018-03-26 09:25 · Score: 1

Just sayin'
Also wouldn't work with a 4 digit pin.
Which has the added advantage that you can't be legally compelled to give up your PIN without a warrant.
Biometrics, not so much.

--
An enigma, wrapped in a riddle, shrouded in bacon and cheese
nice try, but irrelevant by Anonymous Coward · 2018-03-26 09:26 · Score: 0

The physical device hardly matters. Everything is in the "cloud" and can be subpoenaed. Hell you don't even need a subpoena, you can pay retail price for any Verizon customer's browsing history.
I see it! by AndyKron · 2018-03-26 09:28 · Score: 1

My phone is unlocked with no password required. If I had anything to hide it would be in plain sight.
Police! Unlock your phone, now! No? Look out, Gun! by Tristao · 2018-03-26 09:34 · Score: 1

- His phone looked like a gun to the officer who shot him. We did not find anything incriminating the deceased, but he did have the contact of another known suspect, which confirms our initial suspicions. At this point in time we will be asking the second suspect to provide us access to his phone, in order to continue the investigation.
Re:Wouldn't work with FaceID... by Anonymous Coward · 2018-03-26 12:43 · Score: 0

Apple FaceID requires the person have that smug look of self-importance. ...
Apple FaceID also requires a 5 o'clock shadow & bed-head to function correctly.
A fingerprint scanners.... by Anonymous Coward · 2018-03-26 13:59 · Score: 0

The idea that a fingerprint somehow is a "secret" is just unbearably fucking stupid.
A password is something kept inside your mind expressed by your will.
It is perfectly OK to use as a Login name.
Promise me... by Eric+Stratton · 2018-03-26 18:13 · Score: 1

Deathbed: "Promise me. Promise: You'll delete my browser history—"
Friend: "Yes. Browser history. Got it."
Deathbed: "And obliterate my index finger's prints."
Friend: "Yeah-yeah. Finger's prints. I promise."
Deathbed: "And destroy my burner phones."
Friend: "I prom—'phones'?"
Deathbed: "And disable my Coprophagy Friend Finder account."
Friend: "Say WHA—?"
Deathbed: "And delete my Amazon 'special intimates' wishlist."
Friend: "Just a darned minute—"
Deathbed: "You can have my Love Client Number Nine Platinum Card."
Friend: "Yeah. Uh-No..."
Police don't OWN items of the dead. by Anonymous Coward · 2018-03-26 21:46 · Score: 0

Upon the death of someone, their possessions transfer to their next of kin.
So the police ought to need authority from the new owner, or the executor of the deceased's will, or some other person who has assumed legal authority over the possessions.
Mod parent up, please by WindBourne · 2018-03-27 03:04 · Score: 1

U are SPOT on.
I leave my phone locked at all times for that very reason. In fact, because so many ppl are relaxed at home, they will tend to believe that there is no cause for concern. Wrong attitude.
In fact, Drive-bys happen all the time here where I live. I used to have a honey pot so that I could see what was happening in our area. Amazing how often I would get an alert and right in front of my house was a car parked across the street from the house, with the driver bent downwards and not aware that I had several cameras on him (and 1 her), and their plates.

--
I prefer the "u" in honour as it seems to be missing these days.
Re:Easy attack [Re:Would be nice if it automatical by JesseMcDonald · 2018-03-27 08:29 · Score: 1

Alternatively the "mechanism to unlock after 1 year" could require a digitally signed request that is also countersigned by multiple secure timestamping authorities possessiong X509 security certificates from trusted Root CAs holding the timestamping role trusted by the smartphone that agree that the 1yr unlocking request has been submitted to them at exactly Y time.
Or forget the CAs (which are vulnerable to hacking, of the technical, social, and political varieties) and instead require as input one year's worth of valid blocks from the Bitcoin blockchain, starting at a known checkpoint updated the last time the phone was online. Easy to do if a year has actually passed, cost-prohibitive otherwise. One thing proof-of-work blockchains are very good at is providing evidence of the passage of time.

--
"The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat