Rich Freeman on 6 Sep 2015 19:57:50 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Cheap Nexus 6

On Sun, Sep 6, 2015 at 12:51 PM, Eric H. Johnson
<> wrote:
> From the standpoint of privacy, there is a difference legally between a pin
> / passcode and a fingerprint. The Virginia circuit court held that the
> defendant in a particular case could not be compelled to reveal the passcode
> to his phone, but could be compelled to produce his fingerprint. The former
> constitutes revealing knowledge, and therefore is protected by the 5th
> amendment, while the latter is a physical attribute, and therefore is not.
> While technically, a fingerprint can potentially be more secure than a
> passcode, legally it would currently seem to be more vulnerable.

Aside from the legalities, the fact is that somebody can effectively
compel you to surrender a fingerprint but they can't compel you to
surrender a passcode (at least not using any technology I'm aware of).
If somebody wants to unlock your phone using a fingerprint they just
have to grab your finger and jam it against the reader.  That doesn't
work with a password.  They can of course lock you up until you die of
old age or until you give it up, but the choice is still yours.

However, that is only true of a strong password.  Your four-digit PIN
is probably useless against these kinds of attacks - they don't need
your consent to hack a PIN that short.  This is why I find Android's
design that uses the same PIN for screen unlock and storage encryption
so frustrating.  If it asked for a complex password on boot and then
used a short PIN after that (with only limited attempts before the
phone shuts down and forces you to use the long password) then that
would really be the best of both worlds.

The advantage of the fingerprint on android is that you can easily use
a really long password since you only have to enter it on power-on.
If you think somebody is going to compel you to unlock the phone
against your wishes just power the thing off and then your fingerprint
won't be sufficient at the next boot (assuming they still require the
password for decryption for the first unlock).

While I agree that security and convenience are usually at odds,
security that nobody uses is useless.  If my phone locks while I'm
driving I can't go entering a password that contains enough entropy
that it will resist brute-force attacks that don't have some kind of
rate-limiting on them.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --