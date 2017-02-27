Ask Slashdot: Would You Use A Cellphone With A Kill Code? 247
Slashdot reader gordo3000 writes: Given all the recent headlines about border patrol getting up close and personal with phones, I've been wondering why phone manufacturers don't offer a second emergency pin that you can enter that wipes all private information on the phone? In theory, it should be pretty easy to just input a different pin (or unlock pattern) that opens up a factory reset screen on the phone and in the background begins deleting all personal information.
I'd expect that same code could also lock out the USB port until it is finished deleting the data, to help prevent many of the tools they now have to copy out everything on your phone. This nicely prevents you from having to back up and wipe your phone before every trip but leaves you with a safety measure if you get harassed at the border.
It could be built into the operating system, added by the manufacturer, or perhaps sideloaded as a custom mod -- but that begs the question of whether it'd really be a popular feature. So leave your own thoughts in the comments. Would you use a cellphone with a kill code?
I'd expect that same code could also lock out the USB port until it is finished deleting the data, to help prevent many of the tools they now have to copy out everything on your phone. This nicely prevents you from having to back up and wipe your phone before every trip but leaves you with a safety measure if you get harassed at the border.
It could be built into the operating system, added by the manufacturer, or perhaps sideloaded as a custom mod -- but that begs the question of whether it'd really be a popular feature. So leave your own thoughts in the comments. Would you use a cellphone with a kill code?
Mandatory (Score:3, Informative)
Yes.
Re:Mandatory (Score:5, Informative)
There's no need to lock any ports, though: wiping an encrypted phone can be done in less than a millisecond. All you need to do is destroy the encryption key. That's what iPhones do when you enter the wrong pin multiple times, and the effect is instant and irreversible. It would be trivial for Apple to add a feature that wipes the phone for a specific pin chosen by the user.
Law enforcement can sometimes retrieve a password. But that password only serves to decode the actual decryption key, which is a random sequence of bits. If that key is gone, it would take billions of years to decode the device.
Re: Mandatory (Score:5, Interesting)
Let me just throw out a few other "dumb ideas" you almost never use... Airbags. Fire Extinguishers. Life insurance. Parachutes. Seatbelts. Fire Departments. Just because they're an extreme response and you don't use them very often doesn't make them a "dumb idea".
Friend of mine proved you wrong last year. His wife got home after a craaazy day at work and put in the wrong PIN on her home alarm. 15 minutes later there's a knock on the door from a guy in a white coat and the entire backdrop is full of cops. "What is this? I disarmed my alarm?" "yes, m'am but you used the *duress code* to do it." "oh..." So a bunch of boys in blue came in and swept the entire house while she was outside talking with the cops. Yes there will be false alarms, but the feature serves a function. They had that option enabled because someone they knew a few years back had been forced to disarm their car alarm at knifepoint so they knew the risk was real.
At first I thought you meant "four taps on the home button" but I don't find that feature anywhere. (link?) If you mean going into settings to erase it, I'm pretty sure any competent LEA will grab the phone out of your hands the instant they see you've finished unlocking the phone. You don't just leave volatile evidence in the hands of a suspect to meddle with before confiscating it. If you have touch id, they can actually use the federally-allowed fingerprints they took from you when you were booked to create a silicon finger and use THAT to unlock the phone, you never get near it again to nuke it. (and yes, there's been at least one documented case of that being done) I'd much rather have two fingers that unlock it and eight that nuke it, let them play routlette if they're feeling froggy. And there's no way a 4 digit nuke code takes any longer to enter than a 4 digit unlock code??
If you have your phone synced with your computer or cloud, if you accidentally erase it you can restore it from there. If they're THAT aggressively pursuing you that they will get search warrants for your house or cloud data, okay, you can have it. I think this discussion is more aimed at discouraging "fishing expeditions" of "We have just barely enough evidence to arrest them and take them to jail for an hour, lets see if we can find anything on their phone that will convince a judge to give us some search warrants..." To me anyway this is more about curbing illegal search and seizure than it is about trying to bypass the lawful search warrant process.
Re: (Score:2)
Let me just throw out a few other "dumb ideas" you almost never use... Airbags. Fire Extinguishers. Life insurance. Parachutes. Seatbelts. Fire Departments. Just because they're an extreme response and you don't use them very often doesn't make them a "dumb idea".
Friend of mine proved you wrong last year. His wife got home after a craaazy day at work and put in the wrong PIN on her home alarm. 15 minutes later there's a knock on the door from a guy in a white coat and the entire backdrop is full of cops. "What is this? I disarmed my alarm?" "yes, m'am but you used the *duress code* to do it." "oh..." So a bunch of boys in blue came in and swept the entire house while she was outside talking with the cops. Yes there will be false alarms, but the feature serves a function. They had that option enabled because someone they knew a few years back had been forced to disarm their car alarm at knifepoint so they knew the risk was real.
My home security system has the same feature, and it's easy to remember the "panic" code. It's just one number less than your "real" code.
Re: (Score:3)
My home security system has the same feature, and it's easy to remember the "panic" code. It's just one number less than your "real" code.
It's whatever the installer sets it to. The installers around here typically set it to your street address - the added bonus is a dumb robber might try that to disarm your alarm and it'll appear to work until the cops show up.
Re: (Score:3)
Huh? If you're using an alarm system with codes that aren't end-user defined, then you're doing it WAY fucking wrong.
Re: (Score:2)
Huh? If you're using an alarm system with codes that aren't end-user defined, then you're doing it WAY fucking wrong.
During installation, the installer can set the master code. What the guys around here do is call me over, type in the setup and then have me type my code in twice while they walk to the other side of the room and look away. Same thing with the duress code. They suggest the street address. I guess I should have been more specific about the exact steps taken. And, yes, I can change my master code at any time (of course, I have the installer code as well so I can change *anything*).
Re: Mandatory (Score:3)
Why not use thumb for regular login, middle finger for wipe, seems apropo
Re: Mandatory (Score:5, Funny)
I love these letters to Penthouse Forum.
Re: (Score:3)
Now try remembering that code you set up 3 years ago and never used [...]
1234.
Re: (Score:2)
It depends what you're trying to protect. One might be more interested in protecting company secrets than hiding evidence. Sort of like the case a while back where a NASA engineer (might have been a difference agency - don't recall exactly) had his device searched at the border. He hadn't committed a crime, but there were secrets on his phone that might need to be protected from unauthorized access.
Why not a fake account? (Score:4, Interesting)
Re:Why not a fake account? (Score:5, Insightful)
Why not have a second PIN that opens a sanitized, but seemingly fully normal, home page? Missing a few critical apps, or having versions signed into a different account.
Because if the device is confiscated, a simple dump of the memory will reveal everything.
Re: (Score:3)
What you really want is a "destroy adopted storage decryption key + zerofill SD card" option on the recovery menu.
At least for Android devices anyway.
Re: (Score:2)
What you really want is a "destroy adopted storage decryption key + zerofill SD card" option on the recovery menu.
At least for Android devices anyway.
The SD card can be encrypted too.
Re: (Score:3)
Re: (Score:2)
Zero-filling the SD card will take forever and, by the time the device is grabbed, most of the data on the card will be intact with the partial zero-fill being obvious evidence of you trying to destroy the contents of the card. Much better to keep the whole SD card encrypted and just destroy the key there, too.
Re: (Score:2, Redundant)
Samsung Knox does what the parent wants. If the device gets compromised the Knox subsystem will blow a physical fuse and destroy the data permanently.
Re: (Score:3)
If the device is compromised in a technical sense.
Knox doesn't do anything at all for your password/PIN being compromised.
Re: (Score:2)
An can have an application blow the fuse.
Re: (Score:2)
Why yes (Score:5, Insightful)
It would be *very* easy to have smartphones with adequate security from all sorts of perspectives. Secure key storage, secure storage, secure communications, secure boot, secure containers, secure remote management, secure (multiple factor) authentication, secure arbitration of what hardware can access what memory etc. The thing is: if your target audience is largely 15 year old girls, then you probably have commercial priorities elsewhere.
Re:Why yes (Score:5, Insightful)
It would be *very* easy to have smartphones with adequate security from all sorts of perspectives. Secure key storage, secure storage, secure communications, secure boot, secure containers, secure remote management, secure (multiple factor) authentication, secure arbitration of what hardware can access what memory etc.
It would be *very* easy for citizens to give a shit enough about their privacy to not carry around their entire lives in a cellular tracking device too.
Simple fact is, they don't give a shit, convenience trumps privacy every time, and it's gonna take a hell of a lot more than a dozen border patrol searches gone overboard to change human behavior.
The thing is: if your target audience is largely 15 year old girls, then you probably have commercial priorities elsewhere.
Yeah right. Everyone from 7 - 70 years old uses a cellular device these days, and the models are hardly different no matter who is using it. Governments rather enjoy insecure civilian communications and devices. They also know you will gladly surrender your Rights in exchange for giving back the precious confiscated cell phone. Addiction is often an easy exploit in order to enforce Control.
Re: (Score:3, Interesting)
People don't want super-tight security.
They don't want to enter passwords everytime they need to use their phone, especially not long/string passwords.
They want to be able to recover their password in case they forget it.
They want their apps to communicate : share a picture in one click, have their contact book shared between multiple services.
Some want to be able to customize their device, add features, etc...
Securing a device while taking into account user needs for a general purpose computer (this is wha
Re: (Score:2)
Lots of phones have that level of security now. Their target audience is business users and consumers who care about privacy. 15 year olds don't really buy many phones, having little disposable income and only one birthday/xmas a year.
Re: (Score:2)
You could have phones with great security that even the 15 year old girls would be fine with. The priorities toward non-securirty come from the the data harvesting interests of the phone manufacturers, carriers, advertising companies, and (comparatively distantly) snooping governments.
Seriously... the most common phone OS is developed by an advertising company and it's a surprise that security and privacy are low priorities?
No. (Score:5, Insightful)
Re: (Score:2)
From my experience it seems that the reason for most phone searches on the Canadian side are to make sure that you aren't dodging taxes when you bring something in to the country.
Actually, no. It's generally for two other purposes -
1) People who claim they are not coming to Canada to work / move here, but who are entering the country with all of their worldly belongings. The CBSA will search a phone to find emailed job offers, texts from friends saying "Have a great new life in Canada!", photos from
Re: (Score:2)
It's almost like some countries think borders are important to maintain and control.
What the fuck is wrong with them? Aren't they just letting people come in with no checking, oversight, or vetting at all? That is what we are supposed to do, you know.
Easy to do with an iPhone (Score:2)
Put in a PIN code. Set the phone to wipe after 3 incorrect attempts.
When the phone goes to wipe itself, it just deletes the crypto key to the main storage, thereby rendering it completely scrambled in an instant. No need to lock out the Lightning port while this occurs, it happens too quickly.
Re: (Score:2, Redundant)
I would gladly have a phone that would have a self-wipe feature after both a multiple failed attempts and with an alternate code or different fingerprint entered. That last one being especially important with the police forcing people to unlock phone with their fingerprints. This would allow you to use your fingerprint on the phone but instead of unlocking it, it would wipe. Now, you'd be facing destruction of evidence of obstruction of justice charges but, that is probably better than what you would hav
Re: (Score:2)
Yeah, if I go to the USA again at any stage in the foreseeable future, I'm seriously considering just wiping my phone on the plane and then restoring from a cloud backup as soon as I've cleared customs.
Re: (Score:2)
oh, fuck it. just stay home. it's better. really.
No, you don't need to go to that extreme. If you're a non-American, it's simple: there's dozens of civilized, developed nations that you can travel to without worrying about Nazi-like interrogations at the airport. Just go to any of those for your vacation.
Re: (Score:2)
Don't take anything through customs with you but ship them to where you are staying using a courier. The last day you are there you ship everything home with a courier. If you aren't driving then remember to take a book or a couple of magazines for the trip or else it's going to get boring.
This doesn't work if you are going for a day trip or an overnight stay but hopefully you can live without a phone for a day.
Re:Easy to do with an iPhone (Score:5, Insightful)
...Now, you'd be facing destruction of evidence of obstruction of justice charges but, that is probably better than what you would have been facing had the phone been unlocked.
Fucking seriously?
Unless you're engaged in some seriously illegal activity that you rather enjoy conducting on your smartphone, perhaps you should *really* sit and think about those charges before making such a statement. Gut feeling is a criminal record will impact you a hell of a lot more than your Facebook data being confiscated.
Re: (Score:2)
Unless you're engaged in some seriously illegal activity that you rather enjoy conducting on your smartphone, perhaps you should *really* sit and think about those charges before making such a statement. Gut feeling is a criminal record will impact you a hell of a lot more than your Facebook data being confiscated.
> If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.
> -- Richelieu
Re: (Score:2)
If you give me a phone unlocked by the hand of the most honest of men, I will find something in it which will hang him.
- Cardinal Richelieu
Re:Easy to do with an iPhone (Score:5, Interesting)
Index finger fingerprint = open phone. Middle finger fingerprint = delete or randomize encryption key. Maybe require a second fingerprint (middle finger on other hand) just to be sure.
Re: (Score:2)
Best to use something other than the tip of your finger for fingerprint unlock. How many phones will let you use, say, a knuckle or partial palm print? Basically anywhere that the police don't normally make a copy of, which is generally just the tips of your fingers.
Re: (Score:2)
Conveniently, this particular biosignature becomes inactive for 36-48 hours after an "enhanced" search.
Re:Easy to do with an iPhone (Score:4, Insightful)
I thought you were being detained and your phone searched without due process, because you're in one of those legal "grey zones" not technically in the US. If you can't be protected by the laws there, why would you be subject to charges?
Customs and boarder crossing is becoming more and more the a little mini US GITMO.
This won't fly. (Score:3)
People will accidentally wipe the phones.
There would be 10 legitimate use and 10,000,000 acciddental customers with lost data and liability claims.
I, as a phone / OS provider, would fight this feature.
I, as a phone user, would fight this feature.
Imagine a prankster or a drunk friend or a child getting your phone and trying this out.
Re: (Score:2)
Re:This won't fly. (Score:5, Interesting)
you would actually want three pin codes. One to open the phone, one to clear the phone and one to open the phone and call the police and leave the microphone open but shut down the speaker. Obviously the code for normal open would be the most complex but the other two codes could be simple and easy to remember and distinct eg 1235 and 0070.
Re: (Score:2)
The iphone is 4 taps to get to the wipe screen if use TouchID to unlock, which is probably comparable effort to a duress wipe pin.
Effort isn't the issue here - apparent compliance to instructions while being watched is.
Re: (Score:2)
I, as a phone user, would fight this feature.
How would you fight it? By moaning loudly on internet forums?
The proposal is only a wipe. If this happened accidentally you can log back into icloud or your google account and resync. Crisis averted.
Personally I have no need for it, but if manufacturers built it in I wouldn't complain. It doesn't have to be compulsory, like most features it could be disabled.
Imagine a prankster or a drunk friend or a child getting your phone and trying this out.
How would they know the code?
Re: (Score:2)
The proposal is only a wipe. If this happened accidentally you can log back into icloud or your google account and resync. Crisis averted.
So to protect all your information, put it in the cloud. The NSA loves you.
How would they know the code?
Well what should happen when you type the wrong code over and over? Here it's company mandated that four wrong attempts = wipe. Somebody's figured out the hard way what happens when the kid gets hold of your phone, bye bye vacation photos (abroad, too expensive to cloud sync).
Re: (Score:2)
His code is 0000.
Re: (Score:2)
People will accidentally wipe the phones. There would be 10 legitimate use and 10,000,000 acciddental customers with lost data and liability claims.
There would be zero liability claims, and you would agree to that in the EULA you never read.
I, as a phone / OS provider, would fight this feature. I, as a phone user, would fight this feature.
Of course you would.
So would the rest of society, because privacy is the concept that "won't fly" anymore.
If you wipe your phone - you're a suspect (Score:3, Insightful)
Well, you wipe your phone when trying to enter - it means that you have something to hide and should be detained and not allowed in.
Re: (Score:2)
Re: (Score:2)
“They said, ‘Next time you come through, don’t have a cleared phone,'" [boardingarea.com]
Re: (Score:2)
The next thing will be if you have a phone that is capable of being wiped it will mean that you have something to hide and should be detained and not allowed in.
It should always be mutual (Score:2)
It can be improved (Score:5, Funny)
Theory good, practice bad (Score:2)
Please ask yourself: would you remember a pin you set half-year ago and never used it? Although most people will not use it (thus why invest in development), those that know it, 90%(so I won't repeat "most") will forget the wipe PIN and would not rememeber it when needed. You have to be extremely well organised+great memory to be able to use it.
Re: (Score:2)
Yes, I certainly would and Ive not got a great memory, but I can remember my grandfathers phone number, and he died 30 years ago!
001144928575213.
Re: (Score:2)
your pin: 12345
safety pin: 12344
Not too hard, surely?
Been there, done that (Score:2)
Already exists (Score:2)
Re: (Score:2)
Hah.. double hah
Re: (Score:2)
Right. Because cell phone service is ubiquitous and unblockable and there's absolutely no way to turn off the cell-phone radios.
Oh wait...Airplane mode.
Nice but useless (Score:2)
Availability of this feature would result in new regulations which make it illegal to nuke your phone when asked to hand it over to a border agent/law enforcement officer. Add something like 1 year in prison etc and the functionality is practically useless.
Change your PIN (Score:2)
Re: (Score:2)
Re: (Score:2)
"I don't know it *now*, but I will know it in the future" would be a new defence. Whilst I'd be inclined to agree with you, it might be a new technicality. Not sure I'm ready to risk my liberty to try it out though.
This is getting ridiculous (Score:4, Interesting)
You are in a foreign country.
Upload your data to a foreign server.
I recommend a one-time key for encryption.
Erase it from your phone.
Enter the U.S.A.
Retrieve the data. Erase it from server.
End of problem.
Avoids border hassles.
All perfectly legal.
Re: (Score:2)
You don't call "encrypt and upload all your data, reset your device, restore data" a "hassle"?
Consumers disagree.
Re: (Score:2)
Re: (Score:2)
Surely...
Upload your data to foreign server
...would be less hassle.
Take a burner phone, or indeed no phone at all (and buy one on arrivial)
Copy data from server to new phone, or just reference it on server
Re: (Score:2)
You are in a foreign country.
...
Upload your data to a foreign server.
Seems to me that an easier solution is to just buy a cheap pay-as-you go burner flip phone. Bring a camera if you want to take photos.
18 USC 1503 (Score:4, Informative)
18 USC 1503 : Federal Obstruction of Justice.
10 years in a Federal pound-you-in-the-ass prison.
Your new cellmate is named "Bubba".
Re: (Score:2)
I thought US law was suspended at the border. Otherwise the protections of the Constitution would apply.
Avast supposedly already has all that (Score:2)
The problem is not big enough for most people (Score:2)
Most people may not like having their phones perused, but they also don't mind terribly, and don't travel so often.
If you do mind, you already have two phones, one for home and one for traveling. That's a safer solution, even if you have to keep both updated.
The real problem will come when not having a Facebook account will make you lose your flight, marking you as a suspect element.
The real issue is ... (Score:2)
The real issue is that you are storing sensitive information on a device on which you don't have root.
If you don't have root then how could you trust your phone to keep that data safe in the first place?
Also, the sensitive info that authorities are after are your phone book, your call history and your photos.
The phone should be configured to not store those on the phone itself, either not store them at all to have them on a secure server somewhere.
Re: (Score:2)
This ^^
Heck, even with root, are you sure you can trust the manufacturers enough not to be keeping something and sharing it with "the authorities". SIM cards, SOC, hidden hardware functionality. Do we really know what those devices are/aren't doing below the OS level?
No, I wouldn't build a zombie apocalypse moat, eit (Score:2)
Anything designed for "war" can be hacked, or can accidentally go off. I'm happy with a reasonable level of security and a realistic understanding of the risks. Most phones provide the first and most users completely fail to get the second. Just give me a padlock that will keep out the vast majority of casual identity thieves.
Kill Code will get you busted in USA (Score:2)
Re: (Score:2)
This is the real danger of using a kill or wipe code.
Still better than handing over your phone. The first rule of criminal law if that you never, ever talk to police without your lawyer present. Never. No matter how innocent or how innocuous the situation is, if you are being questioned you must have your lawyer. Personally, I have nothing to hide, but I'd still wipe my phone if I were detained by TSA or law enforcement.
Re: (Score:2)
That works in a perfect world where the police respect you. A lot of people on this site are not in that perfect world and have a choice of talking very politely to police or suffering consequences, sometimes physical ones, if they are silent.
People with nothing to hide, such as a 70 year old children's book author this week (on her 116th trip to
Self Destruct PINs already exist (Score:2)
For those worried about hackers remotely wiping your phone - such a mechanism already exists. If you mis-enter your pin X times, most phones will automatically lock or wipe as an anti-theft protection. If you're concerted about a hacker entering your wipe code, you should be more concerned about the same hacker entering 5/10/12 incorrect PINs and locking you out or using the iOS or Android Find My Phone functionality to remotely wipe the phone.
Duress pin (Score:2)
I'd like a duress pin instead. It lets the phone function totally as normal, except it fires an email with my location, and an email that I'm being forced to unlock my phone to my lawyer or (for my work phone) my corporate legal dept. If I'm being forced to unlock my phone, I want to make it tough to disappear me, no matter what the circumstances are.
If you want, have it fire a user-defined script too, that way if you want to fry your crypto memory, have at it, or wipe your lastpass storage, or whatever.
M
Re: (Score:2)
I'd like a duress pin instead. It lets the phone function totally as normal, except it fires an email with my location, and an email that I'm being forced to unlock my phone to my lawyer or (for my work phone) my corporate legal dept.
That's a great idea - until they start operating Stingray equipment at all borders so they can control your phone's data traffic and prevent any such 'security breaches'.
use a burner phone... leave your real one at home. (Score:2)
Re: (Score:2)
Our sales reps take factory wiped burner phones and laptops with them when they go on trips to the USA...
How long will it be before 'clean' devices like that will be sufficient cause for being denied entry? For the "nothing to hide, nothing to fear" crowd running things now, anything suggesting that you value your own privacy enough to take precautions, makes you at least an object of suspicion, and possibly even a criminal or a terrorist.
How about this instead? (Score:4, Insightful)
Wouldn't it be better to start holding our governments accountable to us, the people who elected the leaders of said governments, and the people who ultimately pay all their salaries? Yeah, I know, corporations own the governments, you can't fight city hall, etc. But really, fuck this nonsense of either taking inconvenient, expensive, extraordinary, and unreliable countermeasures to protect ourselves from our own elected and paid for governments, or taking it up the a** from same! It's time to start organizing and fighting for change, the way civil rights activists did decades ago. Our civil rights are being violated, and it's time to politely but firmly say "No!" to sitting at the back of our own goddamned bus!
Why not wipe it in advance? (Score:3)
If you're worried about the border patrol, it seems pretty easy to know when you're approaching a border. You can just wipe the phone in advance using the built in feature to wipe the phone and return it to the factory settings.
The whole thing gets more complicated if we're assuming the police just start confiscating phones of random people without a warrant, but I'd imagine that would face a stronger 4th amendment challenge. And really, at that point, I don't think a kill switch would be good enough. I'd want manufacturers to rethink the whole security design, probably limiting the information stored on the phone in the first place.
Buy a Burner Phone (Score:2)
I'd love to see the look on the security person's face when they try to figure that device out. It'll be insanely hilarious.
No (Score:3)
Because I'd lose my Candy Crush high score.
Yes, I'd use one, however I wouldn't buy one (Score:3)
2. I wouldn't buy a smartphone, for the reasons stated in #1
3. If I found I had no choice but to own a smartphone, all Internet access would be disabled by intentional misconfigure of network settings (and NO, I don't care)
4. #1 through #3 having been said: If I was travelling internationally, I would NEVER bring my actual phone with me, I would get a cheap prepaid phone, put nothing at all on it, and if it was taken to be 'examined' by customs officials or law enforcement, I'd destroy the SIM card and throw the phone away immediately, and get a new one if necessary.
Seriously, folks, if you're going to travel internationally, leave your real phone at home and buy a cheap porepaid phone to take with you. Then the whole issue of having your privacy invaded and/or your phone compromised and/or your phone confiscated becomes moot. Would cost you all of $50 at most plus however many minutes you want to put on it.
wiping screen is the last thing you want (Score:2)
I was with you until you said it brings up a wiping screen. I doubt very much that the feds/TSA really give a crap that your last facebook post said you think Trump is an Ahole, otherwise they'd be detaining about 50% of everyone travelling, but the moment they see your phone is wiping itself they will assume you must have something to far more significant to hide.
A much better bet would be to have a removeable SD card and/or a password that silently logs in to a second environment which just has a bunch of
Simple, secure privacy centric design (Score:2)
Physical wipes are worthless because they take way too long and expose users to liability WRT destruction of evidence.
What I would like to see are mobile computers sporting encrypted file systems designed for deniability. Availability of data depends on key(s) entered by users.
You could elect to enter a "duress" key that only reveals bullshit.
Or you could enter your normal key yet elect not to enter additional keys to reveal additional data. For example a work key that unlocks proprietary data related to
It's called Obstruction (Score:2)
The problem with your plan is it would be obstruction. You are destroying information the government has requested you provide obstructing their investigation. If you wipe the phone prior to the government requesting it you've done nothing wrong.
If you're concerned about the government accessing your cell phone or computer while you cross the border, wipe it and restore it at your destination.
You could do better than that ... (Score:2)
Rather than having a PIN that erases everything, just make one that unlocks a totally different filesystem.
You've got 32 GB of space on your phone, so dedicate 8 GB of that to an alternate system (and make sure the phone doesn't say 32 GB on the outside) and when you give it the alternate PIN you log into the alternate setup that has no access whatsoever to the main setup. You can even install apps and stuff in this alternate setup, so it looks real but it only has the things you've deemed to be OK.
This wo
Re: (Score:2)
There are a number of automatic backup apps which can run on a schedule. Many applications themselves have options to back up to cloud services. For those paranoid, several android phones have removable uSD cards which can be set to be the default location for application storage. If you're travelling and don't have the necessary network for backups, you can remove the uSD and store it somewhere unlikely to be found or searched - or just drop it in the mail to yourself on the way to the airport.
When interdi
Witness Immunization from Procurement of Evidence (Score:2)
Total destruction seems excessive. If your phone is (properly) encrypted, a simple deletion of the key is sufficient. I think a WIPE (Witness Immunization from Procurement of Evidence) PIN would be a fabulous addition to both Android and iOS.
If nothing else, the existence of such a PIN would stop law enforcement from requesting/requiring your PIN, as they could receive the wrong one.
Re: (Score:3)
Either you have Constitutional rights and won't have to hand over your phone, or you're not under US law at the US border and there's no law to charge you with. There's no legitimate way to charge with a crime at the border like that.
Re: (Score:2)
I was thinking something along the same lines...not "would you...?" but "do you really need to....?"
You can be all protectionist about your personal data to the point that you'd rather nuke it on the phone than let a government official see it, but that throws up other issues. Once it's gone, it's gone, so how do you convince someone that you just deleted a load of personal photos that you're very protective of, and not some horrible and incriminating terror-related material?
Re: (Score:2)
1. Seven photographs of some artwork at a museum in Portland, Oregon
2. Seventy phone numbers of family, friends, my drycleaners, my welding supply places, my jewelry wholsaler, my doctor, my dentist, my eyedoctor, my friends (none foreign), my church, my electronics parts wholsaler, my sewing machine repairman, seventeen fabric stores between Portland, Orego