cross-posted from: https://lemmy.zip/post/13875589
Ruling: Thumbprint scan is like a “blood draw or fingerprint taken at booking.”
cross-posted from: https://lemmy.zip/post/13875589
Ruling: Thumbprint scan is like a “blood draw or fingerprint taken at booking.”
Do not use biometrics.
Period.
Full stop.
Use biometrics - just know the tools at your disposal to lockdown your phone.
I use tasker to put my phone in lockdown mode whenever it senses a sharp tap (acceleration change) or Bluetooth disconnects. I figure that if I get pulled from my car or slammed to the ground, I’m going to want to require a PIN, password, or pattern to unlock. A quick tap on my pocket or just setting it down too aggressively does the same.
Tasker is great for that. I also love the “send a keyword and tasker will text back with current GPS location” feature.
Mine is send a key word and tasker sets an alarm one minute from now. Although I have a whole list of keywords I can use, including for GPS location, that one is far and away the one I use the most.
Mostly because if my phone is on silent the alarm will still ring
Genius. That’s such a good idea to find your phone.
Bails me out so hard
Biometrics are ease of access, not security. They make it easy for you (and low skilled strong arm attackers, skilled hackers, nation state actors, and neo-Nazi police state border and police thugs) to unlock your phone. As long as you’re good with making it easy for them to unlock your phone by all means, use biometrics.
Using biometrics to provide access to personal data is asinine.
Using biometrics to provide access to any amount of sensitive data is criminally negligent.
Biometrics cannot be changed. Once you’ve given your palm biometrics, or facial biometrics, or fingerprints, or iris or retinal scans, or facial biometrics to any company or government they are no longer useful.
Just as the 5.6 million people whose fingerprints were lost in the OPM hack in 2015.
But whatever…you do you. If you want to make it easy for people to access your device, go ahead and use biometrics.
It takes one button press and one tap to disable biometrics on my phone at which point it reverts to a strong password.
*Getting handcuffed*
“Hey officer can I press a couple buttons on my phone first? :)”
Lol if it takes until there’s literal handcuffs on you, you’re a little physically challenged. Not to mention the phone will auto lockdown after 24hrs. There’s also nothing stopping you from initiating the lockdown if they were at the point of forcing you to open it.
So… show your PIN to everybody around you? Or should everybody type in a full blown password to just unlock their phone?
GrapheneOS has PIN scrambling where the number layout is different each time.
Along with the ability to disable the PIN button press visual feedback. Stock Android makes it super obvious what you’re typing in.
Draw a pattern with the dots? There’s several ways to protect your privacy and thumbprints are by far one of the laziest and easiest to exploit options available
Biometrics are ease of access, not security. They make it easy for you (and low skilled strong arm attackers, skilled hackers, nation state actors, and neo-Nazi police state border and police thugs) to unlock your phone. As long as you’re good with making it easy for them to unlock your phone by all means, use biometrics.
Using biometrics to provide access to personal data is asinine.
Using biometrics to provide access to any amount of sensitive data is criminally negligent.
Biometrics cannot be changed. Once you’ve given your palm biometrics, or facial biometrics, or fingerprints, or iris or retinal scans, or facial biometrics to any company or government they are no longer useful.
Just as the 5.6 million people whose fingerprints were lost in the OPM hack in 2015.
But whatever…you do you. If you want to make it easy for people to access your device, go ahead and use biometrics.