Discussion:
[whispersystems] Fwd: Passcode
Sam Kierstead
2015-09-30 19:17:00 UTC
Permalink
See below

Sent from my iPhone
Date: September 30, 2015 at 3:13:48 PM EDT
Subject: Passcode
Hey there,
I'd like to propose a passcode feature upon opening of the app. While encryption is great to avoid sigint data collection, I'm more worried about the police confiscating the phone and scrolling through messages. That's what people are in danger of from day to day. Maybe the fingerprint is a security option but I haven't figured out how to use it.
Very best,
Sam
Sent from my iPhone
Laurence Berland
2015-09-30 19:22:09 UTC
Permalink
Why not just put protection on the whole phone?
Post by Sam Kierstead
See below
Sent from my iPhone
*Date:* September 30, 2015 at 3:13:48 PM EDT
*Subject:* *Passcode*
Hey there,
I'd like to propose a passcode feature upon opening of the app. While
encryption is great to avoid sigint data collection, I'm more worried about
the police confiscating the phone and scrolling through messages. That's
what people are in danger of from day to day. Maybe the fingerprint is a
security option but I haven't figured out how to use it.
Very best,
Sam
Sent from my iPhone
James Firth
2015-09-30 19:23:32 UTC
Permalink
Does Signal allow you to set a passcode timeout in the settings? TextSecure
on Android allows you to do this which is close to what you would like.

Also if your threat model includes the police you would not want to use a
fingerprint to protect your device.

From my understanding it is much easier for police to legally force you to
give over a fingerprint than it is for them to force you to give them a
password. This would vary from area to area of course and I'm not a lawyer,
this is just the bits of info I've picked up.
Post by Sam Kierstead
See below
Sent from my iPhone
*Date:* September 30, 2015 at 3:13:48 PM EDT
*Subject:* *Passcode*
Hey there,
I'd like to propose a passcode feature upon opening of the app. While
encryption is great to avoid sigint data collection, I'm more worried about
the police confiscating the phone and scrolling through messages. That's
what people are in danger of from day to day. Maybe the fingerprint is a
security option but I haven't figured out how to use it.
Very best,
Sam
Sent from my iPhone
Moxie Marlinspike
2015-09-30 20:04:07 UTC
Permalink
Hey Sam, thanks but we're not going to do this. Apple's native iOS
screenlock and FDE should serve you well for this purpose.

Thanks,

- moxie
Post by Sam Kierstead
See below
Sent from my iPhone
Post by Sam Kierstead
*Date:* September 30, 2015 at 3:13:48 PM EDT
*Subject:* *Passcode*
Hey there,
I'd like to propose a passcode feature upon opening of the app. While
encryption is great to avoid sigint data collection, I'm more worried
about the police confiscating the phone and scrolling through
messages. That's what people are in danger of from day to day. Maybe
the fingerprint is a security option but I haven't figured out how to
use it.
Very best,
Sam
Sent from my iPhone
--
http://www.thoughtcrime.org
Christopher Sheats
2015-09-30 21:30:33 UTC
Permalink
At many border crossings (airports or regional borders), it is now
probable that if you are suspect of anything, you will be forced to not
only turn on your devices to make sure they are real deices, but to
unlock them for inspection.

Presently, in the USA, the fourth amendment does not apply at the borders.

Christopher
Post by Moxie Marlinspike
Hey Sam, thanks but we're not going to do this. Apple's native iOS
screenlock and FDE should serve you well for this purpose.
Thanks,
- moxie
Post by Sam Kierstead
See below
Sent from my iPhone
Post by Sam Kierstead
*Date:* September 30, 2015 at 3:13:48 PM EDT
*Subject:* *Passcode*
Hey there,
I'd like to propose a passcode feature upon opening of the app. While
encryption is great to avoid sigint data collection, I'm more worried
about the police confiscating the phone and scrolling through
messages. That's what people are in danger of from day to day. Maybe
the fingerprint is a security option but I haven't figured out how to
use it.
Very best,
Sam
Sent from my iPhone
Laurence Berland
2015-09-30 21:36:21 UTC
Permalink
Wouldn't anyone compelling you to unlock your phone simply also compel you
to unlock TextSecure/signal?

The only reason I can think of why a passcode is better than a fingerprint
is that you can physically force someone's finger into the reader, but if
this is your concern, why not just turn off fingerprint unlock entirely?
Post by Christopher Sheats
At many border crossings (airports or regional borders), it is now
probable that if you are suspect of anything, you will be forced to not
only turn on your devices to make sure they are real deices, but to
unlock them for inspection.
Presently, in the USA, the fourth amendment does not apply at the borders.
Christopher
Post by Moxie Marlinspike
Hey Sam, thanks but we're not going to do this. Apple's native iOS
screenlock and FDE should serve you well for this purpose.
Thanks,
- moxie
Post by Sam Kierstead
See below
Sent from my iPhone
Post by Sam Kierstead
*Date:* September 30, 2015 at 3:13:48 PM EDT
*Subject:* *Passcode*
Hey there,
I'd like to propose a passcode feature upon opening of the app. While
encryption is great to avoid sigint data collection, I'm more worried
about the police confiscating the phone and scrolling through
messages. That's what people are in danger of from day to day. Maybe
the fingerprint is a security option but I haven't figured out how to
use it.
Very best,
Sam
Sent from my iPhone
Christopher Sheats
2015-09-30 21:43:25 UTC
Permalink
1. defense in depth

2. on iOS, Signal is secondary to messenger. If they know to look
specifically for Signal, one's individualized threat model needs to
include not using devices or to give their devices up without opening them.

3. Signal has opt-in screen protection (preventing screen grabs of the
app) where this is opt-out on Android. Why not, at the very least, allow
opt-in password protect (aka database access) on iOS?

Christopher
Post by Laurence Berland
Wouldn't anyone compelling you to unlock your phone simply also compel you
to unlock TextSecure/signal?
The only reason I can think of why a passcode is better than a fingerprint
is that you can physically force someone's finger into the reader, but if
this is your concern, why not just turn off fingerprint unlock entirely?
Post by Christopher Sheats
At many border crossings (airports or regional borders), it is now
probable that if you are suspect of anything, you will be forced to not
only turn on your devices to make sure they are real deices, but to
unlock them for inspection.
Presently, in the USA, the fourth amendment does not apply at the borders.
Christopher
Post by Moxie Marlinspike
Hey Sam, thanks but we're not going to do this. Apple's native iOS
screenlock and FDE should serve you well for this purpose.
Thanks,
- moxie
Post by Sam Kierstead
See below
Sent from my iPhone
Post by Sam Kierstead
*Date:* September 30, 2015 at 3:13:48 PM EDT
*Subject:* *Passcode*
Hey there,
I'd like to propose a passcode feature upon opening of the app. While
encryption is great to avoid sigint data collection, I'm more worried
about the police confiscating the phone and scrolling through
messages. That's what people are in danger of from day to day. Maybe
the fingerprint is a security option but I haven't figured out how to
use it.
Very best,
Sam
Sent from my iPhone
Laurence Berland
2015-09-30 21:48:44 UTC
Permalink
Post by Christopher Sheats
1. defense in depth
2. on iOS, Signal is secondary to messenger. If they know to look
specifically for Signal, one's individualized threat model needs to
include not using devices or to give their devices up without opening them.
3. Signal has opt-in screen protection (preventing screen grabs of the
app) where this is opt-out on Android. Why not, at the very least, allow
opt-in password protect (aka database access) on iOS?
The only down side I can see is the added complexity, which I don't mind
personally but which ows is pretty aggressively against from what I can
tell.
Post by Christopher Sheats
Christopher
Post by Laurence Berland
Wouldn't anyone compelling you to unlock your phone simply also compel you
to unlock TextSecure/signal?
The only reason I can think of why a passcode is better than a fingerprint
is that you can physically force someone's finger into the reader, but if
this is your concern, why not just turn off fingerprint unlock entirely?
Post by Christopher Sheats
At many border crossings (airports or regional borders), it is now
probable that if you are suspect of anything, you will be forced to not
only turn on your devices to make sure they are real deices, but to
unlock them for inspection.
Presently, in the USA, the fourth amendment does not apply at the borders.
Christopher
Post by Moxie Marlinspike
Hey Sam, thanks but we're not going to do this. Apple's native iOS
screenlock and FDE should serve you well for this purpose.
Thanks,
- moxie
Post by Sam Kierstead
See below
Sent from my iPhone
Post by Sam Kierstead
*Date:* September 30, 2015 at 3:13:48 PM EDT
*Subject:* *Passcode*
Hey there,
I'd like to propose a passcode feature upon opening of the app. While
encryption is great to avoid sigint data collection, I'm more worried
about the police confiscating the phone and scrolling through
messages. That's what people are in danger of from day to day. Maybe
the fingerprint is a security option but I haven't figured out how to
use it.
Very best,
Sam
Sent from my iPhone
#359
2015-09-30 21:46:52 UTC
Permalink
1. make encrypted nandroid backup of your device
2. system reset your device
3. pass through border control
4. reatore your device from nandroid backup

(your device shold be encrypted from the beginning, you'll probably have to disable TS messaging prior to system reset and reenable it later)
Post by Christopher Sheats
At many border crossings (airports or regional borders), it is now
probable that if you are suspect of anything, you will be forced to not
only turn on your devices to make sure they are real deices, but to
unlock them for inspection.
Presently, in the USA, the fourth amendment does not apply at the borders.
Christopher
Post by Moxie Marlinspike
Hey Sam, thanks but we're not going to do this. Apple's native iOS
screenlock and FDE should serve you well for this purpose.
Thanks,
- moxie
Post by Sam Kierstead
See below
Sent from my iPhone
Post by Sam Kierstead
*Date:* September 30, 2015 at 3:13:48 PM EDT
*Subject:* *Passcode*
Hey there,
I'd like to propose a passcode feature upon opening of the app.
While
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
encryption is great to avoid sigint data collection, I'm more
worried
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
about the police confiscating the phone and scrolling through
messages. That's what people are in danger of from day to day.
Maybe
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
the fingerprint is a security option but I haven't figured out how
to
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
use it.
Very best,
Sam
Sent from my iPhone
- 359
Christopher Sheats
2015-09-30 21:53:36 UTC
Permalink
Minorities, targeted at border crossings and airports, should not lose
privacy over their Signal messages because of this form of passive
surveillance (racism). That's one of the main points of strong transport
security, right? To evade passive surveillance? Why not include the
ability to protect one more layer of personal communication.

Telling non-technical immigrants, activists, journalists etc that they,
instead of using this feature, need to make encrypted backups and
restores a standard part of their travel plans? No.

Christopher
Post by #359
1. make encrypted nandroid backup of your device
2. system reset your device
3. pass through border control
4. reatore your device from nandroid backup
(your device shold be encrypted from the beginning, you'll probably have to disable TS messaging prior to system reset and reenable it later)
Post by Christopher Sheats
At many border crossings (airports or regional borders), it is now
probable that if you are suspect of anything, you will be forced to not
only turn on your devices to make sure they are real deices, but to
unlock them for inspection.
Presently, in the USA, the fourth amendment does not apply at the borders.
Christopher
Post by Moxie Marlinspike
Hey Sam, thanks but we're not going to do this. Apple's native iOS
screenlock and FDE should serve you well for this purpose.
Thanks,
- moxie
Post by Sam Kierstead
See below
Sent from my iPhone
Post by Sam Kierstead
*Date:* September 30, 2015 at 3:13:48 PM EDT
*Subject:* *Passcode*
Hey there,
I'd like to propose a passcode feature upon opening of the app.
While
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
encryption is great to avoid sigint data collection, I'm more
worried
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
about the police confiscating the phone and scrolling through
messages. That's what people are in danger of from day to day.
Maybe
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
the fingerprint is a security option but I haven't figured out how
to
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
use it.
Very best,
Sam
Sent from my iPhone
- 359
#359
2015-09-30 22:03:42 UTC
Permalink
if the fuckers get into my phone is the even bigger shit as if they get into my TS/Signal. they get my mails, my files... it's all or nothing for me.
Post by Christopher Sheats
Minorities, targeted at border crossings and airports, should not lose
privacy over their Signal messages because of this form of passive
surveillance (racism). That's one of the main points of strong
transport
security, right? To evade passive surveillance? Why not include the
ability to protect one more layer of personal communication.
Telling non-technical immigrants, activists, journalists etc that they,
instead of using this feature, need to make encrypted backups and
restores a standard part of their travel plans? No.
Christopher
Post by #359
1. make encrypted nandroid backup of your device
2. system reset your device
3. pass through border control
4. reatore your device from nandroid backup
(your device shold be encrypted from the beginning, you'll probably
have to disable TS messaging prior to system reset and reenable it
later)
Post by #359
On September 30, 2015 11:30:33 PM GMT+02:00, Christopher Sheats
Post by Christopher Sheats
At many border crossings (airports or regional borders), it is now
probable that if you are suspect of anything, you will be forced to
not
Post by #359
Post by Christopher Sheats
only turn on your devices to make sure they are real deices, but to
unlock them for inspection.
Presently, in the USA, the fourth amendment does not apply at the borders.
Christopher
Post by Moxie Marlinspike
Hey Sam, thanks but we're not going to do this. Apple's native iOS
screenlock and FDE should serve you well for this purpose.
Thanks,
- moxie
Post by Sam Kierstead
See below
Sent from my iPhone
Post by Sam Kierstead
*Date:* September 30, 2015 at 3:13:48 PM EDT
*Subject:* *Passcode*
Hey there,
I'd like to propose a passcode feature upon opening of the app.
While
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
encryption is great to avoid sigint data collection, I'm more
worried
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
about the police confiscating the phone and scrolling through
messages. That's what people are in danger of from day to day.
Maybe
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
the fingerprint is a security option but I haven't figured out
how
Post by #359
Post by Christopher Sheats
to
Post by Moxie Marlinspike
Post by Sam Kierstead
Post by Sam Kierstead
use it.
Very best,
Sam
Sent from my iPhone
- 359
- 359

Loading...