The search warrant to raid a Washington Post reporter’s home shows how authorities can open your phone without your consent.

The recent federal raid on the home of Washington Post reporter Hannah Natanson isn’t merely an attack by the Trump administration on the free press. It’s also a warning to anyone with a smartphone.

Included in the search and seizure warrant for the raid on Natanson’s home is a section titled “Biometric Unlock,” which explicitly authorized law enforcement personnel to obtain Natanson’s phone and both hold the device in front of her face and to forcibly use her fingers to unlock it. In other words, a judge gave the FBI permission to attempt to bypass biometrics: the convenient shortcuts that let you unlock your phone by scanning your fingerprint or face.-

It is not clear if Natanson used biometric authentication on her devices, or if the law enforcement personnel attempted to use her face or fingers to unlock her devices. Natanson and the Washington Post did not respond to multiple requests for comment. The FBI declined to comment.

  • jabberwock@lemmy.dbzer0.com
    2·
    13 hours ago

    Alright, I already “umm, ackshually’d” someone in this thread but this post in particular hit a nerve with me. The Tor security model is based on 3 hops but does not guarantee 3 different jurisdictions. Their circuit building only takes into account “jurisdiction” in the way we’re using it here if you use guard nodes or specific cases when you cannot access the network directly or look like you’re exiting from a Tor node.

    That said, it’s still a very strong project and security model. And everything you said about spreading out your providers without a single point of failure (or pressure) applies.

    • lavander@lemmy.dbzer0.com
      2·
      7 hours ago

      I haven’t looked in the tor protocol for more than a decade but if routing was done based on traditional networking parameters (ttl distance, ping, etc) pretty sure you would end up all your nodes in your jurisdiction.

      If you were using pure random, routing may involve only US (where there are a significant percentage of nodes)

      Instead you can see that rarely there are two nodes in the same jurisdiction.

      Years ago there were a config file mapping countries to jurisdictions and maybe that has been ditched but still I don’t buy that it is pure random or using traditional routing criteria