• Synapse@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    14 days ago

    Interesting idea!

    A bit different, is the Duress Password from GrapheneOS:

    GrapheneOS provides users with the ability to set a duress PIN/Password that will irreversibly wipe the device (along with any installed eSIMs) once entered anywhere where the device credentials are requested (on the lockscreen, along with any such prompt in the OS).

    The wipe does not require a reboot and cannot be interrupted.

    Features: Duress - GrapheneOS.org

    • lambalicious@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 days ago

      If they have physical access to the device, this won’t help.

      They can simply produce a binary copy of the (still encrypted) information inside, via specialized hardware or backdoors via the CIA / Israel, then if you given them a duress code all they lose is either the original or the copy.

      • Synapse@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        10 days ago

        It depends what the law is in your country, but wouldn’t it be illegal for police to take away your phone without a warrant? Also, I find it not so probable that any cop has access to the top-secret-deep-state-backdoor.

        • lambalicious@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 days ago

          For something to be illegal, the victim has to be able to press charges. And that doesn’t change the fact that once they got their hands on the device they’ve got the info, a mandate of law doesn’t make them “magically” forget the info.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      14 days ago

      I am not a lawyer, always consult with a lawyer in your local jurisdiction.

      I believe giving a duress password to the police, which destroys data, will definitely be a crime, destruction of evidence at the minimum. Or obstruction.

      I’m all for having a duress code, I just want to be clear about the trade-offs

      • Fuck spez@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        0
        ·
        14 days ago

        The burden is on them to prove that I didn’t confuse my two passwords accidentally. I have SO many passwords, officer. Silly me.

        • jet@hackertalks.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          14 days ago

          Only in theory… most likely they will load you up with at least 5 federal charges and offer you a Faustian plea bargain where you admit guilt to avoid a lifetime in jail.

          Now if you had a list of codes in your wallet, one of which was a duress code… it’s not your fault they tried the code while you exercise your right to remain silent.