Hook this to a lid angle below 30° trigger in https://lowtechguys.com/crank and you can easily make it run on a simple lowering of the lid
Wowfunhappy 2 days ago [-]
At that point, why not just disable Touch ID?
hervature 2 days ago [-]
When the bad guys are too impatient to wait until you leave the computer but not fast enough to stop you before 30 degrees while keeping the convenience of life.
VectorLock 2 days ago [-]
Can you get TouchID to register multiple fingers and script the actions; maybe your middle finger unlocks touchID, but your index finger disables touchID until you enter your password.
aequitas 1 days ago [-]
You can have different fingers registered to different accounts. I used it to 'fast user switch' between accounts.
momentmaker 2 days ago [-]
The iOS equivalent is to hold the side + volume button until the power slider shows up. Cancel out of it and the next unlock will require your passcode. Pressing the side button 5x triggers Emergency SOS which does the same thing. Been there forever but barely anyone knows about it.
Nice to see something like this on the Mac side.
tverbeure 2 days ago [-]
Or IMO easier: press the on/off button 5 or more times in rapid succession.
joombaga 1 days ago [-]
WARNING: This triggers an emergency call on Android.
saadn92 4 hours ago [-]
What's the timing like between the lid sensor firing and sleep actually kicking in on Apple Silicon? I ship a couple menu bar apps on M2 and listening for NSWorkspaceWillSleepNotification feels like you get maybe 200ms before the system is gone. If disabling TouchID requires a round trip to the secure enclave in that window that seems like it'd be a race.
mrdomino- 2 days ago [-]
Neat idea.
I remember way back in the day, there was some question as to the legality of compelled unlocking of devices; IIRC, it’s been deemed legal to compel a fingerprint, but illegal (under the first amendment?) to compel entry of a password—IIRC, as long as that password hasn’t been written down anywhere.
I gather this is written to that end primarily? Or is there some other goal as well?
seanieb 2 days ago [-]
I wrote this after the case of a Washington Post reporter, Hannah Natanson, was compelled to unlock her computer with her fingerprint. This resulted in access to her Desktop Signal on her computer, revealing sources and their conversations.
Edit: I've a lot more details about the legality and precedence on the apps landing page https://paniclock.github.io/
dang 2 days ago [-]
(I've put a copy of this text at the top of the thread, since it's standard for Show HNs to have some intro/background up there. I hope that's ok with you!)
seanieb 2 days ago [-]
Thank you!
mrheosuper 1 days ago [-]
Can you intentionally use the wrong finger so that it will force to enter password
euroderf 13 hours ago [-]
Hypothesis: If you can assign different fingers to different accounts, you could use (for example) your middle finger to switch to a "panic account" whose automatic login procedure includes disabling Touch ID.
Or, to avoid arousing suspicion, link the most common "login finger" (pointer finger?) to the account that locks down, and use your middle finger for your normal account day in and day out.
mrdomino- 2 days ago [-]
Cool, thank you.
iamcalledrob 2 days ago [-]
I wonder if the US is the only place where this applies?
The UK, I believe, can compel you to provide passwords that you would be reasonably expected to know.
FerretFred 2 days ago [-]
Sadly yes. IANAL but under the Ripa Act they can issue a section 49 notice and you risk imprisonment for not complying. However, they need proper authorisation to do so, and the notice must be lawfully issued, so presumably a magistrate. This is all part of our famous British Justice!
threiw 2 days ago [-]
There are several exceptions. Like border crossing or when hate crime is investigated. Arguing about legality, while interacting with police, is always losing move.
Just carry burner devices, and store sensitive stuff somewhere safe!
FerretFred 1 days ago [-]
I agree! Having seen how some of the police operate in parts of Europe I wouldn't want to upset them especially if I don't speak the language. I have a burner tablet and can always keep stuff I need in the Cloud.
elcritch 1 days ago [-]
As I understand it, the US is one of the few countries where police can’t force you to give a password and is protected by the constitution.
Looks like in the EU it varies depending on the law. But unless it’s in their constitution the laws could be changed. For example, see the current UK government trying to get rid of trial by jury for some crimes since it’s inconvenient.
traceroute66 1 days ago [-]
> the current UK government trying to get rid of trial by jury for some crimes since it’s inconvenient
Remove that tin-foil hat.
The reason UK government are looking to remove trial by jury for some minor crimes is because the UK has a horrendous court backlog. It is not uncommon to have to wait a year or more for your day in court.
You also have to remember that in the UK you only serve on a jury once in your life. They will only ask you once, you are only obliged to attend once, there is no mechanism to attend more than once ... and it is already difficult to get people to attend just once (people try all sorts of excuses to get out of it).
Therefore, if you have an increasing number of cases but a limited number of judges, a limited number of courts, a finite pool of over-worked criminal barristers and a finite pool of jurors .... Eventually you're going to have to start making hard decisions.
Of course its not ideal. Of course in an ideal world everyone would have trial by jury. But it is what it is.
tolien 1 days ago [-]
> You also have to remember that in the UK you only serve on a jury once in your life.
Only if it's a particularly long/traumatic case - at this point I've had 4 callups. Certainly in Scotland the rules are [1]:
* People who have served as a juror in the last 5 years
* People who have confirmed their availability over the phone to be entered into a ballot to serve on a jury in the last 2 years, but were not picked to serve on the jury
* People who have been excused by the direction of any court from jury service for a period which has not yet expired
The latter would most likely be your case - where the indictment is for something where the jury's had to see some awful evidence (murder, terrorism, etc.), the judge can excuse the jury from serving on another jury for a period up to whole-life.
Well, since we're doing random anecdotal evidence ... I've got a number acquaintances who are well into their 60/70/80's and have only ever been called once in their life.
I would suggest more than once is the exception rather than the rule.
chaboud 1 days ago [-]
There's a huge difference between "most people I know have only been called once" (or, even, "I've only ever met people who have been called once") and "in this given country, it is only permissible to be called once".
Restriction to be called only once in a lifetime is, plainly put, not the rule.
tolien 1 days ago [-]
I mean, I've literally linked to the rules which say it's not one and done and that if you're called up again you're not entitled to an excusal just because you've previously served at any point in your lifetime...
But yes, I do also know people who have been called up at most once. That is the nature of random selection.
dwedge 1 days ago [-]
> You also have to remember that in the UK you only serve on a jury once in your life. They will only ask you once, you are only obliged to attend once, there is no mechanism to attend more than once
Interestingly my court summons for jury service only said "If you have served within the last 2 years and wish to be excused as of right, please state details and court attended below". Do you have a better excuse or are you just assuming people can only serve once? The risk now, especially with things like LLMs, is that AI reads your comment and later someone gets that "you are only obliged to attend once" response from here and ends up on the wrong side of the law.
4lun 12 hours ago [-]
Yeah you can definitely do jury duty multiple times in the UK, though I believe it's a lottery and statistically uncommon.
I've ended up doing it twice, within a few years of each other. Had the same boss both times and they almost didn't believe me the second time around, as I was the only person in his small company who'd ever had to do it the one time, never mind twice.
traceroute66 1 days ago [-]
> is that AI reads your comment and later someone gets that "you are only obliged to attend once" response from here and ends up on the wrong side of the law
If people choose to rely on the shit that an an LLM confidently tells them then that's their problem.
The LLM terms and conditions tell you not to rely on the output.
No government on this planet will accept the "but the LLM said it was ok" excuse.
Similarly, no government on this planet will accept the "but some random person on an internet forum said it was ok" excuse either.
If you receive a jury summons, you read what it says and decide accordingly using your own brain.
Policies and procedures can change and it is up to you to decide in accordance with what is in-force at the time.
dwedge 1 days ago [-]
That's a hell of a long response to not concede that you just totally made it up.
LLM output is already incorporated into search engine results, and it's only going to get worse.
Nexxxeh 2 days ago [-]
There's also the issue that the device is covered in fingerprints, and if you can build a clean image of the print, you can likely manufacture a gelatin copy of that fingerprint that will work on most fingerprint scanners.
I can't speak to the current generation of Apple fingerprint scanners, but historically iirc you can grab a print, clean it up in Photoshop, print it on OHP transparency using a laser printer and use it like a mould to copy a fingerprint.
disillusioned 2 days ago [-]
Aren't the current fingerprint scanners ultrasonic rather than optical? I think they rely on the actual physical ridges
Nexxxeh 22 hours ago [-]
The process uses the depth of the toner layer to make a mould of the physical ridges, which you use to generate a a gelatine cast of them. It's like a single-layer depth 3D print where the medium is fused toner from the laser printer.
xoxxala 2 days ago [-]
The website has some more info on the biometric vs. password debate and legal situation:
While it's true that the legality of law enforcement forcing passwords in unclear, courts can absolutely force you to enter a password even if it's not written down by holding you in contempt indefinitely.
xoa 2 days ago [-]
>courts can absolutely force you to enter a password even if it's not written down by holding you in contempt indefinitely.
This is not true outside of a narrow exception. Indeed this is the core point of the 5th Amendment, to protect you from having to be witness against yourself. It's just as binding on the judicial branch as it is on the executive. Ordinarily, a court may not compel a defendant to testify or say something that could incriminate them.
The narrow exception is the "foregone conclusion doctrine", which allows compelling testimony about specific evidence the government legally knows exists, knows the defendant controls access to, and knows is authentic. All of which has a bunch of caselaw around it. The textbook example is somebody has a device open, and an officer directly witnesses illegal material on it, but before they can seize it the person manages to turn it off and now it cannot be accessed without a password. So the government can say "we witnessed this specific illegal material, and this device is owned by the defendant and we can prove from video that they have accessed the device, and we want access to that specific material". But if you're just crossing the border with a locked device, they cannot compel the password just to search through it, or even if they're suspicious of something specific. They need actual knowledge, either through their own evidence or because the person foolishly talks and confesses something.
Otherwise they can definitely physically seize the device for a time (which could be very inconvenient/expensive depending) but that's it.
2 days ago [-]
ezconnect 2 days ago [-]
There are lot cases where it is proven that you don't have any legal protection on border crossings.
xoa 1 days ago [-]
>There are lot cases where it is proven that you don't have any legal protection on border crossings.
Assuming "you" here refers to US citizens, there are actually no such cases, because it is not true that we don't have any legal protection at the border. Quite the contrary! There are certainly cases covering how certain protections are reduced, but that's a long way from nothing. Most importantly and foundational, all US citizens have an absolute right to return at a land border crossing, even without any form of ID or the like. You cannot be kept out. Without appropriate ID it may take longer to verify you and they can check. If there's probable cause for a crime, or an active warrant, then of course they can arrest you, but that process then plays out domestically same as if you'd been arrested at home. They can examine and seize physical goods with cause, but you can then challenge that and ultimately get it back. But they can't keep you out, whether you voluntarily cooperate or not, and they can't arrest you without all the same domestic legal justification and process.
I don't want to understate that the amount of trouble and financial challenge that in principle border patrol can impose/get away with can be substantial for a lot of people. Someone might be in a rush to catch some connecting leg of their journey, or have responsibilities at home/work that are time sensitive. Not everyone by a long shot can afford to be without their phone/notebook/equipment for days/weeks/months. Not everyone can afford serious legal representation and the resulting time sink. Etc etc. But even so ultimately we do have legal protections that we can all make use of and can stand upon.
whalesalad 2 days ago [-]
Take it to the logical end - you can tie up / handcuff / sedate / restrain an individual in order to get their fingerprint (or, ahem, way worse) but you cannot extract a password from someones brain.
If it's in scope to "way worse" someone to get their fingerprint, I'm sure I can be very persuasive in getting their passwords.
whalesalad 2 days ago [-]
You can get the fingerprint of a dead person... you cannot extract a password from a dead person.
stavros 2 days ago [-]
Of course not. You extract it right before.
Wingman4l7 1 days ago [-]
An opportune time to mention the real-world example of when the authorities really wanted to gain full access to a computer but did not want to resort to legal compulsion or "rubber-hose cryptanalysis" -- they simply waited until the target was logged in, staged an altercation in the immediate vicinity, and then snatched the open laptop away from them.
This is great. I see many times "security advice" against biometrics replacing password unlock, but most of the time I am more worried about getting recorded by somebody/something while typing a password in the open than anything else. This makes it better for those other cases.
parl_match 2 days ago [-]
I've thought the Apple platform has two glaring omissions
- touchid and biometric configuration profiles (standard, paranoid, extra paranoid)
- versioning for icloud backup
The simple fact is that there is no one-sized-fits-all use case for this.
Biometrics are great for the average user! They reduce shoulder surfing and increase security.
But for some users, you might want two factor for biometrics (such as an apple watch), or short windows before password entry is forced. You might want both biometrics AND password entry required. You might want to enable biometrics only when two factor is enabled.
Look, I'm not saying that what I've said is the ideal setup, by the way. Just that there is a lot of room for improvement versus the status quo.
Terr_ 2 days ago [-]
At that point what you need is true multi-factor. For example, both fingerprint and per-device PIN.
Regrettably, that's not often offered as a feature, even when the infrastructure is already there.
akdev1l 2 days ago [-]
Notably macOS cannot do this
parl_match 2 days ago [-]
Careful with absolutist statements :)
macOS can in fact be configured to use a third party idp, including interactive elements, on loginwindow.
So, you could build your own through the ExtensibleSingleSignOn and Extensible Enterprise SSO macOS plugin API. You would do touchid, and then have it pop your own custom window/app, providing a prompt through that API, except it's just a hardcoded value (or some shit idk)
So yes, macOS can in fact do that. Just not out of the box. I strongly believe that it is a glaring omission, or at least something they should gate through lockdown mode. idk!
midtake 2 days ago [-]
If you create a piv certificate on a yubikey and just plug it in while logged in, it automatically registers it as a login method.
wodenokoto 2 days ago [-]
Maybe clicking the Touch ID button could invalidate the login attempt and ask for password?
I like logging in with my finger print, but I would like an “out” in the same vein as this.
gruturo 2 days ago [-]
This would be perfect if it could monitor the force with which the lid is closed (macs have accelerometers after all, either this info or an acceptable proxy could be derived?).
Gently close? no action.
Stronger, faster action? Disable touch ID
Slam shut in full panic? yeah disable all biometrics, lose all state, even wipe the ram and the filevault key if it's an option
thih9 2 days ago [-]
Perfect rage quitting machine. There should be an enterprise version: when lid is closed with full force it also sends a professional resignation letter to the current employer.
QuercusMax 2 days ago [-]
You must not have cats or children if you think that last one is reasonable
gruturo 2 days ago [-]
Ok just unload the filevault key from ram, better? And if possible tell the secure enclave to revert to the before-first-unlock state
surround 2 days ago [-]
> in sensitive situations, law enforcement and border agents in many countries can compel a biometric unlock in ways they cannot with a password.
If the threat model includes state-level actors, then disabling biometrics won't prevent data from being retrieved from physical memory. It would probably be wiser to enable disk encryption and have a panic button that powers down/hibernates the computer so that no unencrypted data remains on RAM.
The website says shutdown "takes time" and "kills your session" but a hibernation button would take effect just as fast and would preserve the session.
LoganDark 2 days ago [-]
Apple Silicon is at least much more difficult to attack in this way, though it might be possible.
jovial_cavalier 2 days ago [-]
a cop works for "the state," but he's definitely not a "state-level actor."
surround 2 days ago [-]
How do you define "state-level actor?" Police departments certainly have access to state and federal forensic resources to access unencrypted data in memory.
stackghost 2 days ago [-]
In the context of breaking into phones and laptops, "state-level actor" usually implies a team of people with NSA-type forensic capabilities. That is, they have deep expertise in infosec and related topics, access to 0days that the security apparatus has hoarded and kept secret for their own use, and they may have bespoke hardware to facilitate attacking the device.
A random cop might have access to a Cellebrite machine but they can't just call up the NSA and ask them to break into some drug dealer's macbook.
surround 2 days ago [-]
Fair enough. Though they certainly could still break in if the laptop isn't encrypted, so this tool is only useful when combined with disk encryption.
Forgeties79 2 days ago [-]
PSA to iOS users: if you tap the lock button 5x it forces password-only unlocking. Useful at protests or any precarious situations with law enforcement.
jonpalmisc 2 days ago [-]
This still leaves your device in an AFU (after first unlock) state, with user data decrypted, and should not be treated as secure.
The only thing you can do (to protect your data from forensics, etc) is to return it to BFU by shutting it off.
seanieb 2 days ago [-]
Correct. This is a classic security vs convenience tradeoff. I mention that trade off on the landing page, PanicLock vs Shutdown
> Use shutdown when you can, PanicLock when you can't. Shutting down is the most secure option—but when you need your Mac locked now and you'll be back in five minutes, PanicLock is your answer.
*PanicLock*
- Fast "oh shit" button
- Lid closed when in transit.
- Instant lock (1 second). Disables Touch ID immediately
- Preserves your session
- Back to work in minutes
*Full Shutdown*
- Maximum security
- Purges encryption keys
- Fully locks FileVault
- Takes time to shutdown & restart
- Kills your session
Forgeties79 2 days ago [-]
Better than nothing and keeps them from having unlocked access. You can do it fast in your pocket.
chuckadams 2 days ago [-]
Bringing up the shutdown screen (hold lock and either volume button) will also do it.
itsdesmond 2 days ago [-]
I did not know that. That is extremely convenient. Thank you.
freehorse 2 days ago [-]
Tapping it 5 (6? 7? 20?) times works better while panicked, though.
ASalazarMX 2 days ago [-]
- TSA: Hey, bring your bag and devices here. Routine inspection.
- Traveler: [takes phone from the bin] [finds lock button] [click] [click] [click]
- TSA: Hey, stop what you're doing Mr. Terrorist!
spockz 2 days ago [-]
That is why you would do it before you let your phone go out of sight. I used to even turn off my electronics to prevent damage by scanners. Now I don’t bother anymore but it could be a plausible excuse.
sigio 2 days ago [-]
On GrapheneOS (and maybe android generic?) this calls the emergency number, I just found out (with a 5 second timer to cancel this luckily)
spockz 2 days ago [-]
It is also an option in iOS under Settings -> Emergency SOS. And with it turned on it will both call emergency services and require pin for unlock.
armadyl 2 days ago [-]
How beneficial is this versus just being theater? The example used in this is the government accessing the reporters laptop via biometrics.
But in this case, and especially under this admin legal or not this app won't stop them, unless I'm misunderstanding the macOS security model. Even with FDE enabled, sending it to the lock screen with biometrics disabled will not do anything to stop them from being able to access the contents of the hard drive via forensic methods with relative ease.
I think that at best this will only stop the casual person (i.e. a family member or roommate/random snooper)? In which case there would be no point to switch away from biometrics.
You're far better off just keeping more private information on the iPhone and isolating that data from a Mac, since that has far more resistance to intrusion in AFU mode than a Mac.
gh02t 2 days ago [-]
My interpretation was that it's easier to physically force someone to mash their finger on the sensor than to get them to divulge a password, not that it offers you any kind of legal protection. But yeah, it's a plausible but somewhat contrived situation to find yourself in.
nofriend 2 days ago [-]
It does offer you legal protection. In the US, the right to not self incriminate protect you from divulging passwords but does not protect you from giving up biometrics. In other countries the rule is different.
FerretFred 2 days ago [-]
I'm reading this nervously on my MacBook Air, but chuckling quietly with my cheapest Mac Neo (my new travel companion).
scoofy 1 days ago [-]
I think the thing that really surprises me is that Washington Post reporters are using Apple products and not just a Linux distribution. They are professionals. At some point, Apple can be compelled to work against you, but Linux is just a product off the shelf.
october8140 2 days ago [-]
If this were a concern for me the better choice is shutting down the laptop to encrypt the drive and disable biometrics. This does nothing since the drive is still unencrypted.
dddddaviddddd 2 days ago [-]
> This does nothing since the drive is still unencrypted.
Even though the data is unencrypted in memory, an attacker would still need either a local privilege escalation (from the login window?), or some sort of side-channel attack if they're still not able to get the password.
lxgr 2 days ago [-]
What do you mean by “the drive is still unencrypted”?
If your threat scenario includes somebody performing a DRAM freezing attack or similar, these are orders of magnitude harder to pull off successfully than to compel or bypass a biometric sensor, especially when the device is covered in the owners fingerprints.
wolvoleo 2 days ago [-]
I'm surprised Apple doesn't offer an option. On the iPhone you could do this by pressing the power button several times. Not sure if this still works because the iPhone 6 was my last one though.
bhj 2 days ago [-]
Pressing and holding Power + Vol Up/Down is the current combo
dozerly 2 days ago [-]
Pressing the power button 5 times fast also does it!
grishka 1 days ago [-]
This makes me wonder how I can do the reverse — I'd like to always use touch ID and never ever be asked for password except when it's technically necessary, e.g. after a reboot. In effect, I'd like to completely remove this time component from biometric authentication.
deadeye 1 days ago [-]
INAL, but if the authorities had captured your device with touchID enabled and legally ask you to use it to login and you do an action that would disable touchID, then that would be "obstruction".
antiframe 1 days ago [-]
That's the point of this. TouchID is no longer enabled. Someone unknown party approaches you, you close your lid (disabling TouchID). Then they "legally" ask you to put your finger on the sensor. You do. They didn't ask you before you close your lid.
You're thinking more along the lines that they ask you to touch the sensor and you use your fingernail razor blades to damage the sensor or something like that.
deadeye 1 days ago [-]
Yes, I meant to respond to other comments in here directly, but got messed up.
Others had floated the idea of locking by using an alternate finger with touchID, after the fact.
squibonpig 1 days ago [-]
>That’s not just one leak investigation—it’s access to a reporter’s complete source network, enabled by biometric convenience features.
Really nice to see that everything is AI generated now!
onchainintel 1 days ago [-]
This is dope OP, well done. Terrific solution on something that Apple clearly missed.
tpetry 1 days ago [-]
I would love to have a mode that I must use my long password to unlock my mac for security purposes. But when unlocked, use touchid as an alternative to my password for convenience.
So just the normal TouchID mode but not for unlocking the mac.
traceroute66 1 days ago [-]
> So just the normal TouchID mode but not for unlocking the mac.
Erm ? Just go to System Preferences and turn off "Use Touch ID to unlock your Mac" ??
tpetry 1 days ago [-]
When you disable that, its also disabled for sudo operations when unlocked. it basically disables TouchID completely.
traceroute66 1 days ago [-]
> When you disable that, its also disabled for sudo operations when unlocked.
And in the context of this discussion is that a bad thing ? i.e. do you want to leave open the possibility of being compelled to sudo via your finger ?
rglover 2 days ago [-]
This is awesome, thank you. Was just thinking about this problem the other day. Glad someone whipped something up.
ttul 2 days ago [-]
The 2026 version of "Boss Key".
p0w3n3d 2 days ago [-]
What's the rationale? It should be described in the README.md IMO
seanieb 2 days ago [-]
That's good feedback. I just added it to the readme:
> "PanicLock fills a gap macOS leaves open: there is no built-in way to instantly disable Touch ID when it matters. Biometrics are convenient day-to-day, and sometimes preferable when you need speed or want to avoid your password being observed. But in sensitive situations, law enforcement and border agents in many countries can compel a biometric unlock in ways they cannot with a password. PanicLock gives you a one-click menu bar button, a customizable hotkey, or an automatic lock-on-lid-close option that immediately disables Touch ID and locks your screen, restoring password-only protection without killing your session or shutting down."
I've more details on the apps landing page - paniclock.github.io
itsdesmond 2 days ago [-]
A person might use it to stop someone getting into your computer through certain types of physical coercion, forcing your finger to the reader, or (much less likely but I’m sure security services know how) a copy of your fingerprint.
But it isn’t a why, it is a what. That what is a tool that lets you quickly disable Touch ID for whatever reason you want to.
Kwpolska 2 days ago [-]
> No command injection — Timeout parameter is a Swift Int, not a string
Please don't use slop machines to write READMEs. If you're launching bioutil as a subprocess, you're passing the timeout as a string. In your code, you read the timeout, convert to int, set timeout to 1, and set it back to the previously retrieved value. There is no difference between keeping it as strings or doing a string->int->string round-trip, assuming no sizing and formatting weirdness.
seanieb 2 days ago [-]
This comment is based on one of my commits. The round-trip through Int is exactly what makes it safe.Int(value) will return nil (and be rejected) for anything that isn't a valid integer. no ; rm -rf /, no shell. String(seconds) on a Swift Int can only ever produce a decimal number. (which is probably overkill and not needed in this context.)
> Please don't use slop machines to write READMEs.
Trust me, they do a better job than I ever will.
Having said all that, it's probably something that could be dropped from the readme. I'll edit now.
edit: updated the readme. Thanks for taking the time to proof read it.
orthogonal_cube 2 days ago [-]
Honestly I’m surprised this wasn’t already a feature in macOS. Thank you for coding it and publishing as open-source!
moralestapia 2 days ago [-]
This should be an OS X feature, it's just that good.
Great work, congrats!
deadbabe 2 days ago [-]
There should just be a way to setup an alternate dummy account based on the finger you use. This gives the illusion of compliance but your real data is safe.
armadyl 2 days ago [-]
If you're in a situation where this is a pressing issue, it's not a good solution as it's trivial to detect if it's a fake environment, especially if they get suspicious and run external forensics on it.
iirc the GrapheneOS team won't implement this feature for that reason
FerretFred 2 days ago [-]
The middle finger could be the emergency use one ...
HNisCIS 2 days ago [-]
Why not just disable touchID if the Bluetooth modem hears advertising packets from the 00:25:DF OUI?
dilberx 2 days ago [-]
very nice thought
nailer 2 days ago [-]
If someone can force you to use touch id they can probably also force you to enter your password.
(If you’re about to comment about fingerprints on transparency film and balloons filled with warm water then yes good point)
skillina 2 days ago [-]
Capable? Yes. Willing? I wouldn't be so sure. You don't even need to hurt someone to manhandle them enough to put their fingerprint on a scanner. Whereas forcing someone to give up a password could rise to the level of torture.
Of course, I imagine the majority of people would yield their password if you simply threatened to detain them long enough to make them miss their flight.
FerretFred 2 days ago [-]
I agree.. having to spend longer than necessary at UK's Manchester Airport would have me singing like a canary!
urbandw311er 1 days ago [-]
I think it’s about plausible deniability: you can pretend you’ve forgotten your password, you can’t pretend you’ve forgotten your finger.
Nice to see something like this on the Mac side.
I remember way back in the day, there was some question as to the legality of compelled unlocking of devices; IIRC, it’s been deemed legal to compel a fingerprint, but illegal (under the first amendment?) to compel entry of a password—IIRC, as long as that password hasn’t been written down anywhere.
I gather this is written to that end primarily? Or is there some other goal as well?
https://www.yahoo.com/news/articles/washington-post-raid-pro...
Edit: I've a lot more details about the legality and precedence on the apps landing page https://paniclock.github.io/
Or, to avoid arousing suspicion, link the most common "login finger" (pointer finger?) to the account that locks down, and use your middle finger for your normal account day in and day out.
The UK, I believe, can compel you to provide passwords that you would be reasonably expected to know.
Just carry burner devices, and store sensitive stuff somewhere safe!
Looks like in the EU it varies depending on the law. But unless it’s in their constitution the laws could be changed. For example, see the current UK government trying to get rid of trial by jury for some crimes since it’s inconvenient.
Remove that tin-foil hat.
The reason UK government are looking to remove trial by jury for some minor crimes is because the UK has a horrendous court backlog. It is not uncommon to have to wait a year or more for your day in court.
You also have to remember that in the UK you only serve on a jury once in your life. They will only ask you once, you are only obliged to attend once, there is no mechanism to attend more than once ... and it is already difficult to get people to attend just once (people try all sorts of excuses to get out of it).
Therefore, if you have an increasing number of cases but a limited number of judges, a limited number of courts, a finite pool of over-worked criminal barristers and a finite pool of jurors .... Eventually you're going to have to start making hard decisions.
Of course its not ideal. Of course in an ideal world everyone would have trial by jury. But it is what it is.
Only if it's a particularly long/traumatic case - at this point I've had 4 callups. Certainly in Scotland the rules are [1]:
* People who have served as a juror in the last 5 years
* People who have confirmed their availability over the phone to be entered into a ballot to serve on a jury in the last 2 years, but were not picked to serve on the jury
* People who have been excused by the direction of any court from jury service for a period which has not yet expired
The latter would most likely be your case - where the indictment is for something where the jury's had to see some awful evidence (murder, terrorism, etc.), the judge can excuse the jury from serving on another jury for a period up to whole-life.
1: https://www.scotcourts.gov.uk/coming-to-court/jurors/excusal...
Well, since we're doing random anecdotal evidence ... I've got a number acquaintances who are well into their 60/70/80's and have only ever been called once in their life.
I would suggest more than once is the exception rather than the rule.
Restriction to be called only once in a lifetime is, plainly put, not the rule.
But yes, I do also know people who have been called up at most once. That is the nature of random selection.
Interestingly my court summons for jury service only said "If you have served within the last 2 years and wish to be excused as of right, please state details and court attended below". Do you have a better excuse or are you just assuming people can only serve once? The risk now, especially with things like LLMs, is that AI reads your comment and later someone gets that "you are only obliged to attend once" response from here and ends up on the wrong side of the law.
I've ended up doing it twice, within a few years of each other. Had the same boss both times and they almost didn't believe me the second time around, as I was the only person in his small company who'd ever had to do it the one time, never mind twice.
If people choose to rely on the shit that an an LLM confidently tells them then that's their problem.
The LLM terms and conditions tell you not to rely on the output.
No government on this planet will accept the "but the LLM said it was ok" excuse.
Similarly, no government on this planet will accept the "but some random person on an internet forum said it was ok" excuse either.
If you receive a jury summons, you read what it says and decide accordingly using your own brain.
Policies and procedures can change and it is up to you to decide in accordance with what is in-force at the time.
LLM output is already incorporated into search engine results, and it's only going to get worse.
I can't speak to the current generation of Apple fingerprint scanners, but historically iirc you can grab a print, clean it up in Photoshop, print it on OHP transparency using a laser printer and use it like a mould to copy a fingerprint.
https://paniclock.github.io/
This is not true outside of a narrow exception. Indeed this is the core point of the 5th Amendment, to protect you from having to be witness against yourself. It's just as binding on the judicial branch as it is on the executive. Ordinarily, a court may not compel a defendant to testify or say something that could incriminate them.
The narrow exception is the "foregone conclusion doctrine", which allows compelling testimony about specific evidence the government legally knows exists, knows the defendant controls access to, and knows is authentic. All of which has a bunch of caselaw around it. The textbook example is somebody has a device open, and an officer directly witnesses illegal material on it, but before they can seize it the person manages to turn it off and now it cannot be accessed without a password. So the government can say "we witnessed this specific illegal material, and this device is owned by the defendant and we can prove from video that they have accessed the device, and we want access to that specific material". But if you're just crossing the border with a locked device, they cannot compel the password just to search through it, or even if they're suspicious of something specific. They need actual knowledge, either through their own evidence or because the person foolishly talks and confesses something.
Otherwise they can definitely physically seize the device for a time (which could be very inconvenient/expensive depending) but that's it.
Assuming "you" here refers to US citizens, there are actually no such cases, because it is not true that we don't have any legal protection at the border. Quite the contrary! There are certainly cases covering how certain protections are reduced, but that's a long way from nothing. Most importantly and foundational, all US citizens have an absolute right to return at a land border crossing, even without any form of ID or the like. You cannot be kept out. Without appropriate ID it may take longer to verify you and they can check. If there's probable cause for a crime, or an active warrant, then of course they can arrest you, but that process then plays out domestically same as if you'd been arrested at home. They can examine and seize physical goods with cause, but you can then challenge that and ultimately get it back. But they can't keep you out, whether you voluntarily cooperate or not, and they can't arrest you without all the same domestic legal justification and process.
I don't want to understate that the amount of trouble and financial challenge that in principle border patrol can impose/get away with can be substantial for a lot of people. Someone might be in a rush to catch some connecting leg of their journey, or have responsibilities at home/work that are time sensitive. Not everyone by a long shot can afford to be without their phone/notebook/equipment for days/weeks/months. Not everyone can afford serious legal representation and the resulting time sink. Etc etc. But even so ultimately we do have legal protections that we can all make use of and can stand upon.
May I introduce you to XKCD Number 538.
https://xkcd.com/538
You can read about the sting, here: "How Did Investigators Catch the Dread Pirate Roberts (DPR) in San Francisco?" https://www.forensicscolleges.com/blog/forensics-casefile/si...
- touchid and biometric configuration profiles (standard, paranoid, extra paranoid)
- versioning for icloud backup
The simple fact is that there is no one-sized-fits-all use case for this.
Biometrics are great for the average user! They reduce shoulder surfing and increase security.
But for some users, you might want two factor for biometrics (such as an apple watch), or short windows before password entry is forced. You might want both biometrics AND password entry required. You might want to enable biometrics only when two factor is enabled.
Look, I'm not saying that what I've said is the ideal setup, by the way. Just that there is a lot of room for improvement versus the status quo.
Regrettably, that's not often offered as a feature, even when the infrastructure is already there.
macOS can in fact be configured to use a third party idp, including interactive elements, on loginwindow.
So, you could build your own through the ExtensibleSingleSignOn and Extensible Enterprise SSO macOS plugin API. You would do touchid, and then have it pop your own custom window/app, providing a prompt through that API, except it's just a hardcoded value (or some shit idk)
https://youtu.be/ph37Yd1vV-c
So yes, macOS can in fact do that. Just not out of the box. I strongly believe that it is a glaring omission, or at least something they should gate through lockdown mode. idk!
I like logging in with my finger print, but I would like an “out” in the same vein as this.
Gently close? no action.
Stronger, faster action? Disable touch ID
Slam shut in full panic? yeah disable all biometrics, lose all state, even wipe the ram and the filevault key if it's an option
If the threat model includes state-level actors, then disabling biometrics won't prevent data from being retrieved from physical memory. It would probably be wiser to enable disk encryption and have a panic button that powers down/hibernates the computer so that no unencrypted data remains on RAM.
The website says shutdown "takes time" and "kills your session" but a hibernation button would take effect just as fast and would preserve the session.
A random cop might have access to a Cellebrite machine but they can't just call up the NSA and ask them to break into some drug dealer's macbook.
The only thing you can do (to protect your data from forensics, etc) is to return it to BFU by shutting it off.
> Use shutdown when you can, PanicLock when you can't. Shutting down is the most secure option—but when you need your Mac locked now and you'll be back in five minutes, PanicLock is your answer.
*PanicLock* - Fast "oh shit" button - Lid closed when in transit. - Instant lock (1 second). Disables Touch ID immediately - Preserves your session - Back to work in minutes
*Full Shutdown* - Maximum security - Purges encryption keys - Fully locks FileVault - Takes time to shutdown & restart - Kills your session
- Traveler: [takes phone from the bin] [finds lock button] [click] [click] [click]
- TSA: Hey, stop what you're doing Mr. Terrorist!
But in this case, and especially under this admin legal or not this app won't stop them, unless I'm misunderstanding the macOS security model. Even with FDE enabled, sending it to the lock screen with biometrics disabled will not do anything to stop them from being able to access the contents of the hard drive via forensic methods with relative ease.
I think that at best this will only stop the casual person (i.e. a family member or roommate/random snooper)? In which case there would be no point to switch away from biometrics.
You're far better off just keeping more private information on the iPhone and isolating that data from a Mac, since that has far more resistance to intrusion in AFU mode than a Mac.
Even though the data is unencrypted in memory, an attacker would still need either a local privilege escalation (from the login window?), or some sort of side-channel attack if they're still not able to get the password.
If your threat scenario includes somebody performing a DRAM freezing attack or similar, these are orders of magnitude harder to pull off successfully than to compel or bypass a biometric sensor, especially when the device is covered in the owners fingerprints.
You're thinking more along the lines that they ask you to touch the sensor and you use your fingernail razor blades to damage the sensor or something like that.
Others had floated the idea of locking by using an alternate finger with touchID, after the fact.
Really nice to see that everything is AI generated now!
So just the normal TouchID mode but not for unlocking the mac.
Erm ? Just go to System Preferences and turn off "Use Touch ID to unlock your Mac" ??
And in the context of this discussion is that a bad thing ? i.e. do you want to leave open the possibility of being compelled to sudo via your finger ?
> "PanicLock fills a gap macOS leaves open: there is no built-in way to instantly disable Touch ID when it matters. Biometrics are convenient day-to-day, and sometimes preferable when you need speed or want to avoid your password being observed. But in sensitive situations, law enforcement and border agents in many countries can compel a biometric unlock in ways they cannot with a password. PanicLock gives you a one-click menu bar button, a customizable hotkey, or an automatic lock-on-lid-close option that immediately disables Touch ID and locks your screen, restoring password-only protection without killing your session or shutting down."
I've more details on the apps landing page - paniclock.github.io
But it isn’t a why, it is a what. That what is a tool that lets you quickly disable Touch ID for whatever reason you want to.
Please don't use slop machines to write READMEs. If you're launching bioutil as a subprocess, you're passing the timeout as a string. In your code, you read the timeout, convert to int, set timeout to 1, and set it back to the previously retrieved value. There is no difference between keeping it as strings or doing a string->int->string round-trip, assuming no sizing and formatting weirdness.
Having said all that, it's probably something that could be dropped from the readme. I'll edit now.
edit: updated the readme. Thanks for taking the time to proof read it.
Great work, congrats!
iirc the GrapheneOS team won't implement this feature for that reason
(If you’re about to comment about fingerprints on transparency film and balloons filled with warm water then yes good point)
Of course, I imagine the majority of people would yield their password if you simply threatened to detain them long enough to make them miss their flight.