Friday, November 18, 2016

Digital Privacy - Part 1 - Phone Unlocks

For Part 1 of this series we're going to look at phone unlocks.

There is room for you to make different decisions with your own stuff, but the TLDR is that I think the appropriate measures are to:

1) Make your phone require a passcode to unlock.
2) Do not use a biometric unlock.  If you have one, remove it.
3) Use either a 6-digit code or an alphanumeric code for your unlock.
4) Do not use easily guessed passcodes.
5) Set your phone to lock immediately.
6) Set your phone to delete all data after 10 (or some other number of) failed attempts to unlock it.

You can find details on setting up Android here, and on setting up iPhone here.

Protecting your phone can protect your emails, your texts, the emails and texts of people who have communicated with you, videos or pictures that the police might want to delete, or any of your other data.  It is yours, and you have a right to take measures to secure your own privacy and to refuse to consent to any searches.

U.S. Courts have found that you can be compelled to unlock your phone with a fingerprint (with a warrant), but you cannot be compelled to provide a passcode.  You have a 5th Amendment right to refuse to provide the passcode.  Your biometric unlock is not protected this way under current law. This article from Android suggests that you can still use it and just shut your phone off if you see blue lights.  But that removes your ability to, for example, film the police and then quickly lock your phone at the last moment.

Item # 3 in this article lists commonly used 4-digit passcodes.   Here they are:
1234 9999 1111 3333 0000 5555 1212 6666 7777 1122 1004 1313 2000 8888 4444 4321 2222 2001 6969 1010
You can see the pattern to them and avoid it in your 6-digit passcode, if you use that.  If you use an alphanumeric password just follow good password practices. You should also assume that an attacker will do their homework and try things like your birthday, anniversary, the birthdays of your children or spouse, your social, etc.  These are not good passcodes.

I was reluctant to enable the data deletion on my phone because I have a toddler who loves to play with it and one can easily imagine disaster.  But as you have more and more failed attempts the iPhone will force you to wait longer and longer between unlock attempts, making it very unlikely that 10 failed attempts would accumulate by accident.  A malicious person could do it to you but they would need access to your phone for hours.  Android has an app that will allow you to set the number of tries before a data wipe.

You can, in any case, restore your phone from a backup if you have one.  So just backup your phone and enable the data wipe on too many failed logins.

If someone can't easily guess your password, and they can't guess at it indefinitely without wiping the data they want, and they cannot compel you even with a warrant to unlock the phone, then it becomes difficult for them to obtain the data.

It should be noted that none of this is perfect.  The operating system of the phone may have bugs that defeat some of this security, as this older version of iOS did.  And in a case that became very public, the FBI was taking Apple to court to force them to provide a backdoor to someone's phone.  The case was dropped when the FBI claimed to have found a way to unlock it without Apple's help.  No one is sure what method they used or whether it has been or can be patched.  It may even be that it is now trivial for the FBI to unlock your iPhone, I just don't know.

That's a lesson that applies to this entire series.  Your privacy is going to be good.  It's not going to be impenetrable, and you should not assume that it is.

No comments:

Post a Comment