The recent federal raid on the home of Washington Post reporter Hannah Natanson isn’t merely an attack by the Trump administration on the free press. It’s also a warning to anyone with a smartphone.
Included in the search and seizure warrant for the raid on Natanson’s home is a section titled “Biometric Unlock,” which explicitly authorized law enforcement personnel to obtain Natanson’s phone and both hold the device in front of her face and to forcibly use her fingers to unlock it. In other words, a judge gave the FBI permission to attempt to bypass biometrics: the convenient shortcuts that let you unlock your phone by scanning your fingerprint or face.-
It is not clear if Natanson used biometric authentication on her devices, or if the law enforcement personnel attempted to use her face or fingers to unlock her devices. Natanson and the Washington Post did not respond to multiple requests for comment. The FBI declined to comment.
The only safe phone is a phone with no data.
Otherwise there will be tools to gain full access.
Without forgetting the good old rubber hose attack
FWIW I think the only way to keep confidential information is hosted in another country, encrypted, with no credentials (or even the name of the server) cached, all on open sources stacks, with the infrastructure provider different from the operating system provider different from the application provider and encryption provider
Is this convenient? No Is this accessible to the average user? No
I just think something at certain point went extremely wrong in history. We accepted control in exchange of convenience
Relevant XKCD
Real world example
I would have thought it would be more accurate to say we accepted convenience at the expense of privacy and security…
Yes, of course, it was a mistake, I reworded that sentece
that’s not good enough anymore. decades ago the US put enough pressure on switzerland to end the use of anonymous banking and set up what’s called SWIFT and KYC. do you really think putting datacenters in other countries will be enough protection like banks in switzerland “was”?
Of course not! For this reason you need different providers and jurisdictions for datacenters, operating systems, encryption providers.
It’s the very same principle tor works: sure you can do traffic analysis and be able to “unmask” a tor user… and for this reason tor deliberately sends traffic across 3 different jurisdictions. Is it still possible to force 3 different nodes to cooperate for the unmasking? Sure… but you need 3 jurisdictions to collaborate with that.
Also, fun fact: bank secrecy is still in effect for Swiss residents (regardless of the citizenship) and people resident outside of the US and EU. Because things are always more nuanced than they seem 🙂
Alright, I already “umm, ackshually’d” someone in this thread but this post in particular hit a nerve with me. The Tor security model is based on 3 hops but does not guarantee 3 different jurisdictions. Their circuit building only takes into account “jurisdiction” in the way we’re using it here if you use guard nodes or specific cases when you cannot access the network directly or look like you’re exiting from a Tor node.
That said, it’s still a very strong project and security model. And everything you said about spreading out your providers without a single point of failure (or pressure) applies.
I haven’t looked in the tor protocol for more than a decade but if routing was done based on traditional networking parameters (ttl distance, ping, etc) pretty sure you would end up all your nodes in your jurisdiction.
If you were using pure random, routing may involve only US (where there are a significant percentage of nodes)
Instead you can see that rarely there are two nodes in the same jurisdiction.
Years ago there were a config file mapping countries to jurisdictions and maybe that has been ditched but still I don’t buy that it is pure random or using traditional routing criteria
“secrecy”
all it takes is a subpoena from any jurisdiction, and that secrecy disappears, proving it never existed.