Mika RautioSep 29
Pasi Salenius

Another thought of the day.

Why don’t phones come with a security feature that lets you set up an alternative unlock code that does open the device but presents a false dummy interface with content that looks real but is not yours? This could save lives at US border control today.

Sep 29 at 4:09pmWeb
Show threadGabriel NOct 1

@pasi probably because it's too much work to maintain a believable copy. Or at least it was before LLM's, now it seems like generating a bunch of fake but realistic looking texts to mom would be feasible so it might work.

GrapheneOS has a duress feature where a special lock code will wipe your phone, but that feels like a good way to get detained for being suspicious.

In a normal circumstance, acting suspicious is generally not a problem but at the US border it seems like a sure-fire way to get detained and/or refused entry.

Show threadPasi SaleniusOct 1

@gnyman Yeah after thinking about that a little longer it does feel somewhat risky. The border control would come up with a set of tactics to recognize faked up phone setups.

Still, I do think this would be doable if enough resources were put into implementing it.

Show threadBytebro πŸ‡¬πŸ‡§ πŸ‡ΊπŸ‡¦ πŸ‡¬πŸ‡±Oct 1

@pasi

Yup. I'd go for that.
Account full of cat pics on a quiet masto instance, a few innocuous emails (to a backup address), a token amount of porn for veracity, and a photo of dead partner on the wallpaper. job done. And disable all biometrics - PIN-only.

Show threadPasi SaleniusOct 1
@bytebro You can always say it’s a new phone that you just took to use. I bet it’d help in many scenarios.
Show threadBytebro πŸ‡¬πŸ‡§ πŸ‡ΊπŸ‡¦ πŸ‡¬πŸ‡±Oct 1

@pasi

but I love the 'alternative PIN' idea. "Sure, let me unlock my phone?".

Thinking about it, it would need to decrypt only the fake account (for when they plug your phone into their scanner thing to rip the content), and that would be hard, I suspect.

Show threadPasi SaleniusOct 1
@bytebro There would need to be some fairly low level support from the OS for this. But I’m sure it could be done if given the proper resourcing.
Show threadBytebro πŸ‡¬πŸ‡§ πŸ‡ΊπŸ‡¦ πŸ‡¬πŸ‡±Oct 1
@pasi
Mate, i think we just came up with a brilliant idea for a new Android fork. Where do we sign up for the Venture Capital millions? πŸ˜‚ 🀣
Show threadPasi SaleniusOct 1
@bytebro I was thinking more iOS but having this either side is good!
Show threadRustyRingOct 2

@pasi

I've got a better idea. Get real law. That kind of invasion of privacy would have been unthinkable before the Oughts. I remember when anything involving phones was a total third rail for enforcement departments. They needed stacks of specific warrants for the least little incursion.

Reinstating that principle will work permanently, instead of yet another tech fix that the flying monkeys will simply break in a matter of days.