By John Gruber
Kolide ensures only secure devices can access your cloud apps.
It’s Zero Trust for Okta.
I’ve written about this — e.g. here and here — but because I consider it one of the single most important things to know about iOS, I should write about it more often. Even if you’re not the sort of person who typically shares iPhone tips with your friends and relatives, this is one that you should spread the word about.
The problem is this: if you use Face ID or Touch ID on your device (and you almost certainly should), what happens if law enforcement (or anyone else for that matter) takes your device and physically forces you to unlock it biometrically? There is some legal precedent supporting the notion that police can force you to do this, but can’t force you to provide them with a passcode or passphrase.
Here are two essential things everyone should know.
The first is hard-locking. When you hard-lock your iPhone or iPad, it enters a mode that requires the device passcode to unlock. With recent iPhones and iPads, you enter this mode the same way that you turn off the device: by pressing and holding the power button and either of the volume buttons for about two seconds.1 You’ll know when you’ve pressed the buttons long enough because there’s haptic feedback.2 This takes you to the screen where you see a slider to power down the device, and on iPhones, where you can initiate an Emergency SOS call or view the device owner’s Medical ID (if they have one). The important thing to note is that you don’t have to do anything on this screen to hard-lock your device — once you’ve gotten to this screen, the device is already hard-locked and will require the passcode to unlock. You can’t use Face ID or Touch ID again until the passcode has been entered. This is important because it means you can easily hard-lock your iPhone without even looking at it, or removing it from your pocket or purse. That you can do this surreptitiously is very much by design.
Just press and hold the buttons on both sides. Remember that. Try it now. Don’t just memorize it, internalize it, so that you’ll be able to do it without much thought while under duress, like if you’re confronted by a police officer. Remember to do this every time you’re separated from your phone, like when going through the magnetometer at any security checkpoint, especially airports. As soon as you see a metal detector ahead of you, you should think, “Hard-lock my iPhone”.
The second thing is to know your rights. Never ever hand your phone to a cop or anyone vaguely cop-like, like the rent-a-cops working for TSA. If they tell you that you must, refuse. They can and will lie to you about this. If you really need to hand it over, they’ll take it from you. And they won’t get anything from it, because you’ll have already hard-locked it, and you’ll know that you cannot be required to give them your passcode.
You can also do the same thing by quickly pressing the side button alone five times. On older iPhones (iPhone 7 and earlier), rapidly pressing the side button five times will immediately initiate the SOS phone call to emergency services; on iPhone 8 and later it just takes you to the same lock screen as when you press and hold the side button along with a volume button. I find the press-and-hold method easier to remember. I think of it as squeezing my iPhone for a moment to protect its contents. ↩︎
This haptic feedback/confirmation only occurs if “Vibrate on Ring” is turned on in Settings → Sounds & Haptics. I feel like this haptic feedback should occur regardless of this setting. ↩︎︎
|Previous:||Two New Apps I Wanted to Flag for You|
|Next:||The New Prohibition|