
iOS 11 has a feature to temporarily disable Touch ID - Shank
https://www.theverge.com/2017/8/17/16161758/ios-11-touch-id-disable-emergency-services-lock
======
will_brown
On 08/05/17 I was kidnapped at gun point and at one point forced to turn over
my iPhone and on two occasions had to provide the gunman my passcode.

I learned about tapping the power button 5x's but still don't know what would
have occurred and if such a function would have endangered by life (I believe
it triggers a emergency services call, but that could have tipped off the
gunman if he heard an voice asking "911, what's your emergency?" From the
phone). So I believe the following would have been useful: an alternate
passcode that would have unknowingly triggered my location and activated the
mic to emergency services without the gunman being aware.

~~~
solotronics
wow, glad you are ok. could you please elaborate? Do you live in the States?
Would you mind talking about why you were kidnapped and what preventative
measures you will take going forward? I am involved in cryptocurrency and
worry about this quite a bit but luckily I live where citizens can concealed
carry so that at gives me a fighting chance.

~~~
will_brown
I live in Miami, FL (multiple time murder capital of the world) but was on my
way to a family timeshare/small beach town. This occurred in broad daylight at
a gas station and perhaps ironically ended in Fort Pierce, FL (8th safest city
in the US, according to one publication) after being forced to drive the
attacker at gunpoint.

After plenty of time to contemplate what action I would take (sorry can not
discuss my mental state further) I ultimately opened my driver door and
jumped/fell out while my car was in gear. The attacker managed to get into the
driver seat and flee.

Good news, my wi-fi only iPad was in the car and I got a location the next
morning, unfortunately I had to drive into a housing projects and verify both
my car and gunman before police went out and made the arrest. Another irony is
the police wouldn't get a warrant to get my iPad from the (last) known
location or even search for the gun (defendant didn't have it on him at time
of the arrest).

Truely the most horrific thing was actually the first sergeant on the scene
responding to my 911 call and the first words out of his mouth were "cut the
crap." Luckily the entire department was outfitted with body cams in June due
to prior police misconduct and recommendations from a grand jury, again 8th
safest city in the US. I have already made my public record request for the
video.

I'm not into guns, nor will I turn to one now, but that may change. It's
possible a gun would have only got me shot or in hindsight worse with the
police response (not all the responding officers responded similarly). I guess
I'm considering a dashcam for my car, I'm not sure that would have helped
prevent anything, but it's possible it may have deterred the attacker.

~~~
ryanwaggoner
I don't want to detract from your story, but just want to point out that you
may be misremembering what you've read about Miami. It was dangerous in the
80s, but is pretty safe today. And while it may have been the murder capitol
of the US decades ago, I seriously doubt it was ever the murder capitol of the
world.

I think the takeaway is that even safe locations require personal vigilance.

------
cmsimike
There is an option in iOS to allow you to use TouchID after you've logged into
your phone (so authenticating inside of apps, or using TouchID for the app
store) but to disable TouchID logging into your phone (so you're forced to use
the passcode). I've had this on since I discovered it and have been happy.

My concern around something like the what the article mentions (and the other
methods like force restarting your phone (I am not a lawyer so might not be an
actual concern)) would be any charges of destruction of evidence
([https://www.law.cornell.edu/uscode/text/18/1519](https://www.law.cornell.edu/uscode/text/18/1519))
or otherwise getting caught up in a law where they could use the fact that you
purposely disabled TouchID on your phone _after_ you have been caught or
something.

~~~
daenney
There's no destruction of evidence though, they just can't access it without
getting the password from you. Which is pretty much the same thing as when
they'd need you to unlock your computer etc. If you throw your phone on the
ground, drive over it with a truck and set it on fire, sure. But all you're
doing here is ensuring they can't grab your fingerprints and unlock the device
against your will and without a warrant.

~~~
sbierwagen
"Whoever knowingly alters, destroys, mutilates, conceals, covers up,
falsifies, or makes a false entry in any record, document, or tangible object
with the intent to impede, obstruct, or influence the investigation or proper
administration of any matter within the jurisdiction of any department or
agency of the United States or any case filed under title 11, or in relation
to or contemplation of any such matter or case, shall be fined under this
title, imprisoned not more than 20 years, or both."

Just because it's not _destruction_ of evidence doesn't mean you can't go to
jail for making the evidence hard to get at.

~~~
FireBeyond
>any record, document, or tangible object

Many of us here are programmers, so we might be mislead by 'record' or
'document', but this is not talking about software configuration, but tangible
objects. Faking bank statements, shredding accounting records, and the like.

For similar reasons to the situation where you can't be compelled to give up a
password (a record in the IT sense, but not in this sense), I think it'd be a
very hard sell to classify this in this sense.

Obligatory: IANAL.

~~~
Retric
You can be compelled to give up passwords.

~~~
Xylakant
Depends. In the UK, yes, in then US I don't know, but in germany you can't.
And it cannot be held against you.

------
amelius
> The new iOS 11 feature is even more relevant when you consider that Apple is
> expected to introduce face unlocking with the next iPhone.

I read that as "fake unlocking".

Which would be a really cool option: a cop or TSA tries to unlock your phone
but gets instead a sandboxed environment which makes them think they actually
unlocked the phone.

~~~
gruez
>Which would be a really cool option: a cop or TSA tries to unlock your phone
but gets instead a sandboxed environment which makes them think they actually
unlocked the phone.

after a few months of that being popular, TSA will institute a policy where
the agent will ask a standard question of "are you using a decoy account or
otherwise trying to hide the true contents of your phone" every time they
inspect a phone. answer yes, they ask for the real account, answer no, and you
committed a felony by lying.

~~~
TheSoftwareGuy
But if you refuse to answer, that's a 5th amendment right

~~~
QuotedForTruth
Your 5th amendment right not to incriminate yourself of course. But that
doesn't mean the TSA have to let you fly. They would just turn you away for
not cooperating. Just like they would turn you away if you said they couldn't
search your bag because of your 4th amendment right to not be searched without
probable cause.

------
xoa
I guess this is better then nothing as a quick fix, a very mild improvement
over simply shutting off/rebooting the phone. But Apple has the elements in
place for much, much more effective methods such as a touch-based coercion
code system. While in current stock iOS any finger registered with Touch ID is
equivalent from a user's perspective, internally all of them are registered as
separate events. Via jailbreaking it has therefore been possible to have
different actions triggered by different fingers, which allowed a normal Touch
ID action to additionally run any script, reboot the phone, or even wipe the
phone, with zero apparent trigger by the user.

Now that jailbreaking is mostly dead that's no longer an option, but Apple
could of course implement this even better, with both Touch ID and actual
alternative passcode options. Apple could offer not merely disable/wipe
options, but more transparent hiding (via encryption) of apps and data a user
deems sensitive. This is one area where the extremely heavily sandboxed nature
of iOS and hardware key system offers a significant potential advantage not
merely to infosec but to opsec as well. It is far more feasible to hide
sensitive data without leaving fingerprints or shadows in other apps or the
system itself. Temporal and geographic location conditions could also be taken
into account as possible triggers in intuitive and user friendly ways. Of
course, if bandwidth is known to be sufficient on each end of a trip, a "high
risk area transit mode" that completely clears the device of all data except
user-designated travel essentials (wallet, ticket information and such) could
be another option. If WiFi sync/restore was fixed to be more reliable then
users and organizations could even do that themselves via VPN back to their
own core systems.

At any rate I hope Apple gets more aggressive here, the potential is exciting
and they're in a real position to do a lot of good for personal privacy, and
critically in a way that's highly accessible to even non-technical users. This
isn't even remotely just about corrupt or overbearing law enforcement either,
in many parts of the world "high risk" applies to a lot of other trips where
one might encounter criminal elements. Just as one wouldn't carry tens of
thousands in cash through those areas or even debit cards with access to the
same, carrying any other device that's a close equivalent is a bad idea, yet a
smartphone is also a powerful safety and communication tool at the same time.
If effectively it can use temporal, geographic and user-memory stored
conditions to change itself on the fly that'd be great.

------
leereeves
> With fears over access to devices at border control points around the world,
> this quick trick will at least prevent Touch ID from being used until a
> passcode is entered.

This won't help much at borders. Customs will require you to unlock the phone
before you can enter the country (or just refuse to allow you to bring the
phone, if you're a citizen).

~~~
jasonjei
Just an idea, if you're really afraid of customs checking your phone, couldn't
you bring 2 phones, and hide your real phone deep in your luggage, and bring a
moderately used/old smartphone with you? I feel like customs only wants to see
a phone, and as long as you present them what they want to see...

~~~
celticninja
better yet just bring one phone, wipe it to factory settings before the
flight, when you land log into dropbox and restore from backup. No hiding
phones (makes it look really suspicious) and easy to comply with their
requests.

~~~
ceejayoz
Customs is likely to consider "I wiped my phone, so there's nothing on it"
suspicious too.

~~~
eridius
If you're a US citizen it doesn't matter, they won't bar you from entering
just because you choose to cross with a factory-reset phone.

If you're not a citizen, then I have no idea. I've seen people claim they'll
block you from entering the US if you do this, but I'm pretty sure that's just
speculation.

~~~
NamTaf
The only solution for a non-US citizen is to simply not travel to the US. This
is far less of a loss than it seems to many; it's a large and fascinating
world out there and there's many other wonderful places to visit instead.

------
IgorPartola
You know it occurred to me while on a trail run the other day, that TouchID is
actually a very interesting feature in my case. I bring my phone for three
reasons:

1\. Music. But I can get that from a much much smaller device.

2\. GPS. I use RunKeeper. But I could totally use a GPS watch, or even a
pedometer for this. I run the same trails after all and know the distances.

3\. For emergencies. This is the big one. If I trip and break or sprain
something, I want to be able to call for help. Even scarier, if I pass out
suddenly and someone finds me, I want them to call for help.

It occurred to me that in that third category, if I pass out and someone finds
me with my phone (and if they don't just rob me blind and leave me), they can
use my thumb to unlock my phone, then call or text one of my contacts. I don't
need to be conscious for that.

P.S.: How great would have Pebble Core been? And why hasn't anyone else tried
it? Come on Apple, give us a cell-network connected, GPS equipped iPod Nano!

~~~
Simon_says
If you're unconscious, the only contact that needs to be called is emergency
services.

~~~
IgorPartola
I mean of course. But if I am 3 miles into a wooded trail, they will be
waiting a while. Aside from CPR I'd such is needed, not much to do. I'd
certainly appreciate a call or a message being sent in that case.

------
StavrosK
Wouldn't that be an anti-cop button, if you're worried that the police will
force you to use your fingerprint?

~~~
TurkTurkleton
"Cop button", by analogy with "boss key":
[https://en.wikipedia.org/wiki/Boss_key](https://en.wikipedia.org/wiki/Boss_key)

~~~
StavrosK
Makes sense, thanks.

------
puzzle
On Android, you can do the same by running Google's Find My Device app and
locking the phone. It will then require a password/passcode to unlock. It
feels a bit funny to lock the very device you are holding in your hands, but
it's simple and effective.

~~~
RKearney
Find my iPhone works the same way. You can put a device in "Lost Mode" and it
will lock the device, enable low power mode, and disable TouchID.

The problem is, once you're device is sized I'm fairly certain it's standard
operating procedure to put the phone in a faraday cage or airplane mode,
rendering remote activation of this feature useless.

~~~
puzzle
I meant that you do it on the device itself, not remotely. The article is
about temporarily disabling fingerprint unlocking and that's what you can
achieve with the Android app (does Apple's let you lock the device you're
holding in your hands? It might have a sanity check that only allows you to do
it with your other devices).

The alternative would be to remove manually all your fingerprints, then readd
them later.

------
pasbesoin
Finally. I can't believe it's taken this long.

I can't be the only one who thought this would be an obvious, and increasingly
needed, feature.

Hope Google steps up, with Android. And that it is a feature that
manufacturers and carriers cannot bury nor turn off.

------
arrty88
If you want to disable touch ID on the fly as is today (iOS 10), just use a
finger that it doesn't recognize a couple of times in a row and then "Oops it
wants my full passcode now"

~~~
madvoid
I just tried this. On iOS 11 on my iPad, putting the wrong finger three times
in a row prompts for a passcode, but, you can hit cancel and then use a
correct finger and it will still unlock. So I don’t know if that helps you
because it doesn’t require a password after three incorrect tries, just
prompts you for one.

~~~
jacobwil
Five incorrect/bad fingerprint reads will require passcode.

------
Others
This title is so misleading... It makes it sound like this is a button for
cops to get into a phone, but it's really a button you press to turn off Touch
ID until a password is entered.

~~~
sctb
We've removed ‘cop button’ from the title, which is ridiculous.

------
tillinghast
The article title is suspiciously ambiguous. It's almost as if they _wanted_
to encourage outrage and motivate people to click through...

------
ksk
While its great that Apple continues to focus on users, realistically what
percentage of the user base even requires this feature? Okay sure, maybe this
is just whining about stuff I don't personally care about. But, if you have a
finite development budget, why not focus even more on trimming the OS so it
doesn't slow down after every update, or tracking edge case bugs (which are
rare, but when they do occur, their impact is very high) like the music
library disappearing from the phone(I was affected by this bug twice) at a
seemingly random time.

~~~
kstrauser
I would be willing to bet that Touch ID, OS optimization, and iTunes are
managed by separate teams.

