In-display fingerprint sensors have become commonplace in virtually all Android smartphones, for better or for worse, and five years later…

  • GBU_28@lemm.ee
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    5
    ·
    edit-2
    20 days ago

    If you don’t succeed in lockdown before seizure, or aren’t conscious, your biometrics can be used without your consent.

    Taking reasonable steps to improve your security doesn’t mean all efforts are all or nothing

    • socsa@piefed.social
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      1
      ·
      edit-2
      20 days ago

      For my threat profile, state actors compelling biometrics from my EDC phone is pretty low on my list of concerns. That shit is intentionally sterile because I know they will just push me a compromised “security update” if they want in.

      And in any case, I’d still rather be able to fight the collection in public, vs being compromised by anyone who paid the janitor $20 to plug a USB drive into my phone.

      • GBU_28@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        ·
        20 days ago

        Sure, as conversation, i’ve heard of thieves face unlocking phones they just stole.

        Indeed running as sterile an every day phone as possible is another great security approach by reducing risk.

        • socsa@piefed.social
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          20 days ago

          Yeah I don’t really care what a thief does with my phone after they brain me. It’s the skull damage which concerns me. My google account is locked down with a hardware key so there’s only so much damage they can do before I wipe the device. Unless I’m dead, in which case I guess it doesn’t matter. Also my wife knows how to handle this situation. I would strongly suggest investing in posthumous spouse security as early as possible.

          • GBU_28@lemm.ee
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            20 days ago

            Your last sentence is great.

            Regarding the prior stuff, that’s very “you specific”. There’s of course tons of caveats or gotchas to my broad statement, but it doesn’t make it untrue.

            Biometrics present a less secure access path to a device…

            • socsa@piefed.social
              link
              fedilink
              arrow-up
              4
              ·
              20 days ago

              My point is that they are separable threat profiles. If you are more concerned about your sketchy tinder date grabbing your lock screen password, biometrics are great. What I would love is a quick settings toggle for biometrics.

    • RvTV95XBeo@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      3
      ·
      20 days ago

      Jokes on them, my phones stupid fingerprint reader only works about 3% of the time. They’ll get frustrated and give up before finding anything, I know I usually do.

      • skuzz@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        16 days ago

        Phones are surprisingly hard to get into these days under normal conditions. Used to be able to ask a lost phone to call mom to find the owner. Now the voice profile doesn’t match.