Lockdown Mode is a sometimes overlooked feature of Apple devices that broadly make them harder to hack. A court record indicates the feature might be effective at stopping third parties unlocking…
Advertisement
•
Lockdown Mode is a sometimes overlooked feature of Apple devices that broadly make them harder to hack. A court record indicates the feature might be effective at stopping third parties unlocking someone's device. At least for now.
Read the original article
Comments
By bwoah 2026-02-0415:07 Remember...they can make you use touch id...they can't make you give them your password.
https://x.com/runasand/status/2017659019251343763?s=20
The FBI was able to access Washington Post reporter Hannah Natanson's Signal messages because she used Signal on her work laptop. The laptop accepted Touch ID for authentication, meaning the agents were allowed to require her to unlock it.
Link which doesn't directly support website owned by unscrupulous trillionaire: https://xcancel.com/runasand/status/2017659019251343763?s=20
By throwawayfour 2026-02-0417:451 reply Good reminder to also set up something that does this automatically for you:
I generally avoid extensions that can read all sites (even if technically necessary), so use the suggestion found here [1] instead.
A few bookmarklets:
javascript:(function(){if (location.host.endsWith('x.com')) location.host='xcancel.com';})()
javascript:(function(){if (location.host.endsWith('youtube.com')) location.host='inv.nadeko.net';})()
javascript:(function(){if (location.hostname.endsWith('instagram.com')) {location.replace('https://imginn.com' + location.pathname);}})()
[1] https://www.reddit.com/r/uBlockOrigin/comments/1cc0uon/addin...
By Alive-in-2025 2026-02-051:43 Wow, where did these come from. these are great alternatives, especially the youtube. I like using the duck player but that's only in that browser.
For example duck://player/fqtK3s7PE_k where the video id in youtube url https://www.youtube.com/watch?v=fqtK3s7PE_k
But it doesn't have that overview page like inv.nadeko.net does
By forgotTheLast 2026-02-0417:55 I actually think it is fitting to read about a government agency weaponized by an unscrupulous billionaire going after journalists working for an unscrupulous billionaire on an unscrupulous trillionaire owned platform.
I guess technically musk rounds to a trillion. 852B acc to Forbes
Yes and no. Obviously it’s unusual rounding or I wouldn’t have said “I guess technically,” but rounding is all about domains and relevant precision. To be honest, when someone says “billionaires” I don’t assume that the number 1,000,000 is a meaningful hard cut off. I assume we’re talking about the ones who are three orders of magnitude up from “millionaire” and orders of magnitude work by rounding from .5.
By dragonwriter 2026-02-0516:36 > orders of magnitude work by rounding from .5.
No, orders of magnitude are exponential, not linear, so conventionally “on the order of 1 billion” would be between 100 million × sqrt(10) and 1 billion × sqrt(10), but “billionaire” isn't “net worth on the order of 1 billion” but “net worth of 1 billion or more”, or, when used heirarchically alongside trillionaire ans millionaire “net worth of at least one billion and less than one trillion”.
By antonvs 2026-02-0515:46 What's $148,000,000,000 between friends
Maybe. I don't think we yet have a good understanding of how many deaths he will have caused as a result of DOGE so abruptly cutting off assistance to so many vulnerable people around the world, but I've heard estimates hover around 600,000.
Assuming that number turns out to be close to reality, how do you weigh so many unnecessary deaths against VTL rockets and the electric cars?
Perhaps a practitioner of Effective Altruism could better answer that question.
By C6JEsQeQa5fCjE 2026-02-0420:18 > I don't think we yet have a good understanding of how many deaths he will have caused as a result of DOGE so abruptly cutting off assistance to so many vulnerable people around the world
Nor how many deaths will be caused by his support for far right parties across Europe, when they start ethnic cleansings.
I've seen corruption in the police. Government. Hospitals. Do you support immediately shuttering those offices with no replacements?
By sejje 2026-02-0422:25 They could at least just get funded by their own government.
There is corruption everywhere. But do you deny that these organizations by-and-large provided aid and therefore saves the lives of folks who may have otherwise died from illness?
This doesn't make corruption OK. But he tore out a lifeline for some people without giving them an alternative way to get aid.
By asadm 2026-02-0422:28 [flagged]
By NoMoreNicksLeft 2026-02-0419:293 reply [flagged]
By ceejayoz 2026-02-0421:02 > The US taxpayer has no moral obligation to send welfare "around the world".
Sure. It's a transactional purchase of stability and goodwill, via which the US has benefited enormously.
By asadm 2026-02-0420:06 Correct. But also, it's a bandaid (and a really ineffective one ie. 99% lossy) on real issues of that world.
> The US taxpayer has no moral obligation to send welfare "around the world".
I mean, by way of the atrocities we've committed around the world, we kinda do.
Even if we buy your thesis, foregoing morals, geopolitics, and history, it's a useful soft power strategy...
I'm not saying fund USAID before healthcare for all in america. I'm saying of all the insane things our government wastes money on, USAID was far down on the list of most egregious.
By NoMoreNicksLeft 2026-02-0514:361 reply >I mean, by way of the atrocities we've committed around the world, we kinda do.
I've committed no atrocities. Going to guess that you've committed no atrocities. What atrocities did occur, most of those who committed those are dead, the rest are senile in nursing homes. I have no guilt and certainly feel no guilt for those events.
>it's a useful soft power strategy.
Sure, if you're some sort of tyrant. I thought the left was against colonialism... but you guys really just one a more clever, subtle colonialism eh? Figures.
>I'm saying of all the insane things our government wastes money on, USAID was far down on the list of most egregious.
What you're saying is that no cuts can or should be made, unless they are your favorite cuts first. And maybe after you get those, no others need be made at all.
By mptest 2026-02-0712:31 >Sure, if you're some sort of tyrant. I thought the left was against colonialism... but you guys really just one a more clever, subtle colonialism eh? Figures
Drastic misrepresentation. I made no value judgements. I simply offered reasons why the above commenter may be wrong. from different points of view. You misunderstand or are naive to the spectrum of how parasitic to symbiotic those soft power relationships can be
> What you're saying is that no cuts can or should be made, unless they are your favorite cuts first. And maybe after you get those, no others need be made at all.
Nope, just saying there's pretty clear science behind where money could be better spent besides billions in forever wars. Maybe start there? 9$ trillion on pointless wars in the middle east comes to mind? google a map of countries we've overthrown the democratic leader of if you want more examples. all the shahs men is useful too. i could go on.
> I've committed no atrocities. Going to guess that you've committed no atrocities. What atrocities did occur, most of those who committed those are dead, the rest are senile in nursing homes. I have no guilt and certainly feel no guilt for those events
It's not about that. someone simply had to pay that debt. sorry to tell you those bills they wracked up to accumulate wealth are coming due for the rest of us right or not.
By Dylan16807 2026-02-0418:201 reply Even if his total contribution is positive, his current contribution is quite bad. And most of that bad has been tied directly to x.
I can atleast still voice against Israeli genocide there. I am good for now.
How many people do you think see those tweets, how many minds do you think you have changed, and at what mental cost to yourself?
He was begging to go party with someone that spent time in prison for child exploitation.
That in itself should make you hate the dude.
Yup. Hate him as person. But he is still net positive with his scientific/engineering contributions, is he not?
Wasn't Edison an asshole?
By Snoots 2026-02-0513:25 Maybe, but I personally don't believe whatever engineering contributions (money?) he made outweigh the regressions he's caused elsewhere. I think the world would be better off without him.
Dunno, I'd rather have unabused kids than the technological breakthroughs he has contributed to. Anyone being giddy to meet with a convicted pedo is very sus in my books, and deserves no respect, regardless of their prior contributions.
Children were exploited, and we're doing this net positive analysis on whether he should face the scorn. I'm not having a go at you - it's just frustrating to see very little happening after so much has been exposed, and I think part of it comes from this mindset - 'oh he's a good guy, this is a mistake/misstep' while people that were exploited as children can't even get their justice.
It's sickening.
By JumpCrisscross 2026-02-0419:351 reply > I'd rather have unabused kids than the technological breakthroughs he has contributed to
I'd rather have both. Hawthorne doesn't get nuked if Elon Musk goes to jail.
> Children were exploited
Abuse. Exploitation. CSAM. We're mushing words.
Child rape. These men raped children. Others not only stayed silent in full knowledge of it, but supported it directly and indirectly. More than that, they arrogantly assumed–and, by remaining in the United States, continue to assume–that they're going to get away with it.
Which category is Elon Musk in? We don't know. Most of the people in the Epstein files are innocent. But almost all of them seem to have been fine with (a) partying with an indicted and unrepentant pedophile [1] and (b) not saying for decades–and again, today–anything to the cops about a hive of child rape.
A lot of them should go to jail. All of them should be investigated. And almost all of them need to be retired from public life.
[1] https://web.archive.org/web/20220224113217/https://www.theda...
By TylerLives 2026-02-0420:181 reply [flagged]
By JumpCrisscross 2026-02-0421:001 reply Direct? No. That he was indicted for it? Yes [1].
(Clarification: I’m using the term colloquially. Whether Epstein had a mental condition is unclear.)
[1] https://www.justice.gov/usao-sdny/press-release/file/1180481...
By TylerLives 2026-02-0421:24 Unless I missed something, that's not pedophilia.
By DaSHacka 2026-02-051:48 That widely-circulated ""email"" of Musk's was fake lol
Don't believe me? Go to the epstein emails and try to find it
By andwhatisthis 2026-02-0417:391 reply How so?
By asadm 2026-02-0418:06 nasa is fucked up. spacex is US’s only shot.
By alistairSH 2026-02-0417:51 [flagged]
They can hold you in contempt for 18 months for not giving your password, https://arstechnica.com/tech-policy/2020/02/man-who-refused-....
By ElevenLathe 2026-02-0418:561 reply Being held in contempt at least means you got a day in court first. A judge telling me to give up my password is different than a dozen armed, masked secret police telling me to.
By C6JEsQeQa5fCjE 2026-02-0420:231 reply > A judge telling me to give up my password is different than a dozen armed, masked secret police telling me to.
Yes, a judge is unlikely to order your execution if you refuse. Based on recent pattern of their behavior, masked secret police who are living their wildest authoritarian dreams are likely to execute you if you anger them (for example by refusing to comply with their desires).
By qingcharles 2026-02-0423:24 I don't practically see it happen, but you have to be careful once you are in a jail though, because there are often few limits on what the administration of the jail can do to you for any supposed violation of the jail rules (which they can legally make up on a whim, and due process is extremely limited). In Illinois, at least, a county Sheriff has unlimited power to punish a detainee in any extreme way they can imagine for even the very slightest infraction. There are no laws (statutes) which define what a "crime" is inside jail and what the punishment for it is. If it wasn't for SCOTUS limiting the death penalty to certain levels of behavior (e.g. murder) then a sheriff would be able to simply legally execute a detainee for pretty much anything.
That's a very unusual and narrow exception involving "foregone conclusion doctrine", an important fact missed by Ars Technica but elaborated on by AP: https://apnews.com/general-news-49da3a1e71f74e1c98012611aedc...
> Authorities, citing a “foregone conclusion exception” to the Fifth Amendment, argued that Rawls could not invoke his right to self-incrimination because police already had evidence of a crime. The 3rd Circuit panel agreed, upholding a lower court decision.
I do not follow the logic here, what does that even mean? It seems very dubious. And what happens if one legitimately forgets? They just get to keep you there forever?
Lawyer here - let me try to help.
This is an area that seems to confuse a lot of people because of what the 5th amendment says and doesn't say.
The reason they can't force you to unlock your phone is not because your phone contains evidence of stuff. They have a warrant to get that evidence. You do not have a right to prevent them from getting it just because it's yours. Most evidence is self-incriminating in this way - if you have a murder weapon in your pocket with blood on it, and the police lawfully stop you and take it, you really are incriminating yourself in one sense by giving it to them, but not in the 5th amendment sense.
The right against self-incrimination is mostly about being forced to give testimonial evidence against yourself. That is, it's mostly about you being forced to testify against yourself under oath, or otherwise give evidence that is testimonial in nature against yourself. In the case of passwords, courts often view it now as you being forced to disclose the contents of your mind (IE live testify against yourself) and equally important, even if not live testimony against yourself, it testimonially proves that you have access to the phone (more on this in a second). Biometrics are a weird state, with some courts finding it like passwords/pins, and some finding it just a physical fact with no testimonial component at all other than proving your ability to access.
The foregone conclusion part comes into play because, excluding being forced to disclose the contents of your mind for a second, the testimonial evidence you are being forced to give when you unlock a phone is that you have access to the phone. If they can already prove it's your phone or that you have access to it, then unlocking it does not matter from a testimonial standpoint, and courts will often require you to do so in the jurisdictions that don't consider any other part of unlocking to be testimonial. (Similarly, if they can't prove you have access to the phone, and whether you have access to the phone or not matters to the case in a material way, they generally will not be able to force you to unlock it or try to unlock it because it woudl be a 5th amendment violation).
Hope this helps.
> excluding being forced to disclose the contents of your mind for a second
This seems like a key point though. What's the legal distinction between compelling someone to unlock a phone using information in their mind, and compelling them to speak what's in their mind?
If I had incriminating info on my phone at one point, and I memorized it and then deleted it from the phone, now that information is legally protected from being accessed. So it just matters whether the information itself is in your mind, vs. the ability to access it?
There are practical differences - phones store a lot more information that you will keep in your mind at once.
You can actually eliminate phones entirely from your second example.
If you had incriminating info on paper at one point, and memorized it and deleted it, it would now be legally protected from being accessed.
One reason society is okay with this is because most people can't memorize vast troves of information.
Otherwise, the view here would probably change.
These rules exist to serve various goals as best they can. If they no longer serve those goals well, because of technology or whatever else, the rules will change. Being completely logical and self-consistent is not one of these goals, nor would it make sense as a primary goal for rules meant to try to balance societal vs personal rights.
This is, for various reasons, often frustrating to the average HN'er :)
By antonvs 2026-02-0616:58 > This is, for various reasons, often frustrating to the average HN'er :)
With that in mind...
> Being completely logical and self-consistent is not one of these goals, nor would it make sense as a primary goal for rules meant to try to balance societal vs personal rights.
Do we really know that it wouldn't make sense, or is that just an assumption because the existing system doesn't do it? (Alternatively, perhaps a consistent logical theory simply hasn't been identified and articulated.)
This reminds me of how "sovereign citizens" argue their position. Their logic isn't consistent, it’s built around rhetorical escape hatches. They'll claim that their vehicle is registered with the federal DOT, which is a commercial registration, but then they'll also claim to be a non-commercial "traveler". They're optimizing for coverage of objections, not global consistency.
What you seem to be telling me is that the prevailing legal system is the same, just perhaps with more of the obvious rough edges smoothed out over the centuries.
brb, going to try encoding the USC in Rocq.
By direwolf20 2026-02-0421:50 And why do they need to unlock your phone if they already proved you did the crime?
It means that if all the other evidence shows that the desired evidence is on the computer, then it is not a question of whether it exists, so youre not really searching for something. Youre retrieving it. That doesn't implicate the 4th amendment.
By DannyBee 2026-02-052:26 Unlocking/forced unlocking is not a 4th amendment issue, but a 5th amendment one.
The 4th amendment would protect you from them seizing your phone in the first place for no good reason, but would not protect you from them seizing your phone if they believe it has evidence of a crime.
Regardless, it is not the thing that protects you (or doesn't, depending) from having to give or otherwise type in your passcode/pin/fingerprint/etc.
I previously commented a solution to another problem, but it assists here too:
https://news.ycombinator.com/item?id=44746992
This command will make your MacBook hibernate when lid is closed or the laptop sleeps, so RAM is written to disk and the system powers down. The downside is that it does increase the amount of time it takes to resume.
A nice side benefit though, is that fingerprint is not accepted on first unlock, I believe secrets are still encrypted at this stage similar to cold boot. A fingerprint still unlocks from screensaver normally, as long as the system does not sleep (and therefore hibernate)
> I believe secrets are still encrypted at this stage similar to cold boot.
Does this mean that the Signal desktop application doesn't lock/unlock its (presumably encrypted) database with a secret when locking/unlocking the laptop?
By dagmx 2026-02-051:11 It wouldn’t matter because the whole OS would be evicted from memory and the entire storage encrypted.
Signal itself wouldn’t even be detectable as an app
By patrickmay 2026-02-0416:413 reply Is the knowledge of which finger to use protected as much as a passcode? Law enforcement might have the authority to physically hold the owner's finger to the device, but it seems that the owner has the right to refuse to disclose which finger is the right one. If law enforcement doesn't guess correctly in a few tries, the device could lock itself and require the passcode.
Another reason to use my dog's nose instead of a fingerprint.
By parl_match 2026-02-0417:447 reply I really wish Apple would offer a pin option on macos. For this reason, precisely. Either that, or an option to automatically disable touchid after a short amount of time (eg an hour or if my phone doesn't connect to the laptop)
You can setup a separated account with a long password on MacOS and remove your user account from accounts that can unlock FileVault. Then you can change your account to use a short password. You can also change various settings regarding how long Mac has to sleep before requiring to unlock FileVault.
I didn’t understand how a user that cannot unlock FileVault helps. Can you please elaborate on this setup? Thanks.
By fpoling 2026-02-0421:41 With that setup on boot or after a long sleep one first must log in into an account with longer password. Then one logs out of that and switches to the primary account with a short password.
By xoa 2026-02-0418:06 As another alternative, rather than using Touch ID you can setup a Yubikey or similar hardware key for login to macOS. Then your login does indeed become a PIN with 3 tries before lockout. That plus a complex password is pretty convenient but not biometric. It's what I've done for a long time on my desktop devices.
By 1718627440 2026-02-0514:381 reply I often see people use a "pin" on Windows and I never got it. What is the purpose of a pin makes it different from a password?
By NewsaHackO 2026-02-060:09 PIN numbers are easier to remember. Remember, 99% of the population does not care about defense against state actors, just stopping nosy co-workers or family members from looking at their stuff. The next group (which I would include myself in) is concerned about theft (both physical and remote), where someone can get "unlimited" access to your machine and may be able to defeat a short PIN but is unlikely to beat a strong password. If you are in the realm of defending against state actors, then that is something you have to take multiple steps to ensure, and a single slip-up will tank your operation (like with this lady).
Wait, wasn’t touch id phased out together with the intel touch bar macbooks? I’ve never used anything but a long password to unlock.
By fckgw 2026-02-0423:23 No, it's been part of the power button since then.
By Wistar 2026-02-0418:38 On my Macbook Pro, I usually need to use both touch and a password but that might be only when some hours have passed between log ins.
By NetMageSCW 2026-02-0420:19 You can script a time out if desired.
uhm, are you saying its not possible to require an actual password to unlock osx?
By tedd4u 2026-02-050:33 My guess is they want to have a PIN as a short-term credential analogous to the Touch ID, that is, it only works for X hours per password auth before needing password auth again, and then you only get X tries on the PIN before it either locks the PIN out and you need the full password to reactivate it (or I guess it could wipe the laptop à la iPhone).
By parl_match 2026-02-051:031 reply > uhm, are you saying its not possible to require an actual password to unlock osx?
uhm, are saying that i'm saying that? if so, please show me where i said that. thank you
no, thats why i was asking, as i was not fully sure what you meant
By parl_match 2026-02-0517:541 reply what im saying is that i dont want to type in a long ass password all the time
and biometrics have "legal problems" as stated above
a pin or allowing touchid to automatically be disabled after a period of time or computer movement ("please enter password to login") would be greatly appreciated
as it stands now, i have biometrics disabled.
By redeeman 2026-02-0519:00 seems reasonable
By thecapybara 2026-02-0418:45 There's only ten possible guesses, and most people use their thumb and/or index finger, leaving four much likelier guesses.
Also, IANAL, but I'm pretty sure that if law enforcement has a warrant to seize property from you, they're not obligated to do so immediately the instant they see you - they could have someone follow you and watch to see how you unlock your phone before seizing it.
By z3phyr 2026-02-0418:46 0.1 in itself is a very good odd, and 0.1 * n tries is even more laughable. Also most people have two fingers touchID, which makes this number close to half in reality.
By goda90 2026-02-0418:26 Remember that our rights aren't laws of nature. They have to be fought for to be respected by the government.
By joecool1029 2026-02-0420:341 reply > they can't make you give them your password.
Except when they can: https://harvardlawreview.org/print/vol-134/state-v-andrews/
By tedd4u 2026-02-050:36 75 footnotes for 89 sentences, nice! I guess that's how they roll over at the HLR.
By notyourwork 2026-02-0420:546 reply I don't get why I can be forced to use my biometrics to unlock but I cannot be forced to give a pin. Doesn't jive in my brain.
By deltastone 2026-02-0421:19 It's something you know vs. something you have. That's how the legal system sees it. You might not tell someone the pin to your safe, but if police find the key to it, or hire a locksmith to drill out your safe, it's theirs with a warrant.
It's interesting in the case of social media companies. Technically the data held is the companies data (Google, Meta, etc.) however courts have ruled that a person still has an expectation of privacy and therefore police need a warrant.
By direwolf20 2026-02-0421:512 reply When they arrest you, they have physical control of your body. You're in handcuffs. They can put your fingers against the unlock button. You can make a fist, but they can have more strength and leverage to unfist your fist.
There's no known technique to force you to input a password.
By direwolf20 2026-02-0422:35 The law follows practicality in this instance.
By notyourwork 2026-02-056:55 Yes, my statement was related to legal means. I’m not a lawyer.
By QuiEgo 2026-02-0422:59 Well there is one known technique. https://xkcd.com/538/
By soneil 2026-02-0613:37 Compelled speech is protected, fingerprints aren't.
Imagine it's 1926 and none of this tech is an issue yet. The police can fingerprint and photograph you at intake, they can't compel speech or violate the 5th.
That's exactly what's being applied here. It's not that the police can do more or less than they could in 1926, it's that your biometrics can do more than they did in 1926. They're just fingerprinting you / photographing you .. using your phone.
By wan23 2026-02-0421:16 The fifth amendment gives you the right to be silent, but they didn't write in anything about biometrics.
By sejje 2026-02-0422:34 "technicality" or "loophole" is probably the word.
I fully agree, forced biometrics is bullshit.
I say the same about forced blood removal for BAC testing. They can get a warrant for your blood, that's crazy to me.
By quietsegfault 2026-02-0421:17 [dead]
By deltastone 2026-02-0421:25 Also, using biometrics on a device, and your biometrics unlock said device, do wonders for proving to a jury that you owned and operated that device. So you're double screwed in that regard.
By direwolf20 2026-02-0421:49 Remember, this isn't how it works in every country.
Reminder that you can press the iPhone power button five times to require passcode for the next unlock.
Serious question. If I am re-entering the US after traveling abroad, can customs legally ask me to turn the phone back on and/or seize my phone? I am a US citizen.
Out of habit, I keep my phone off during the flight and turn it on after clearing customs.
If you are a US citizen, you legally cannot be denied re-entry into the country for any reason, including not unlocking your phone. They can make it really annoying and detain you for a while, though.
By monocasa 2026-02-0422:25 They can also practically keep your phone indefinitely.
my understanding is that they can hold you for a couple days without charges for your insubordination but as a citizen they have to let you back into the country or officially arrest you, try to get an actual warrant, etc.
By direwolf20 2026-02-0421:521 reply they can just break the law
By rurban 2026-02-057:43 There is no law when entering the country. They can do everything they want, or making up anything they'll imagine.
By gogasca 2026-02-0418:44 [dead]
By thecapybara 2026-02-0418:482 reply Did you know that on most models of iPhone, saying "Hey Siri, who's iPhone is this?" will disable biometric authentication until the passcode is entered?
In case anyone is wondering: In newer versions of MacOS, the user must log out to require a password. Locking screen no longer requires password if Touch ID is enabled.
By alistairSH 2026-02-0417:59 Is that actually true? I'm fairly confident my work Mac requires a password if it's idle more than a few days (typically over the weekend).
By raw_anon_1111 2026-02-0419:151 reply Settings -> lock screen -> “Require password after screen saver begins or display is turned off”
Even with that option set to "Immediately" you can still use Touch ID after locking.
By raw_anon_1111 2026-02-051:58 I am not sure how it works on Macs, but on iPhone, after first unlock after a reboot, it’s trivial for law enforcement to break into your iPhone - the same with Android.
By jen729w 2026-02-0417:35 Shift+Option+Command+Q is your fastest route there, but unsaved work will block.
By qingcharles 2026-02-0423:26 Everyone makes this same comment on each of these threads, but it's important to remember this only works if you have some sort of advance warning. If you have the iPhone in your hand and there is a loaded gun pointed at your head telling you not to move, you probably won't want to move.
Or squeeze the power and volume buttons for a couple of seconds. It’s good to practice both these gestures so that they become reflex, rather than trying to remember them when they’re needed.
By regenschutz 2026-02-0418:382 reply Sad, neither of those works on Android. Pressing the power button activates the emergency call screen with a countdown to call emergency services, and power + volume either just takes a screenshot or enables vibrations/haptics depending on which volume button you press.
By thallium205 2026-02-0418:591 reply On Pixel phones, Power + Volume Up retrieves a menu where you can select "Lockdown".
By rationalist 2026-02-0419:131 reply Not on my Pixel phone, that just sets it to vibrate instead of ring. Holding down the power button retrieves a menu where you can select "Lockdown".
By zerocrates 2026-02-0419:341 reply On my 9 you get a setting to choose if holding Power gets you the power menu or activates the assistant (I think it defaulted to assistant? I have it set to the power menu because I don't really ever use the assistant.)
By rationalist 2026-02-0421:34 Yes, that was the default for me, but I changed it in settings.
By silisili 2026-02-0419:47 Did you check your phone settings? Mine has an option to add it to the power menu, so you get to it by whichever method you use to do that (which itself is sad that phones are starting to differ in what the power key does).
Oh wow, just going into the "should I shutdown" menu also goes into pre-boot lock state? I didn't know that.
It doesn't reenter a BFU state, but it requires a passcode for the next unlock.
It's close enough, because (most of) the encryption keys are wiped from memory every time the device is locked, and this action makes the secure enclave require PIN authentication to release them again.
> It's close enough
Not really, because tools like Cellbrite are more limited with BFU, hence the manual informing LEO to keep (locked) devices charged, amd the countermeasures being iOS forcefully rebooting devices that have been locked for too long.
By CGMthrowaway 2026-02-0420:452 reply There is a way now to force BFU from a phone that is turned on, I can't remember the sequence
By CGMthrowaway 2026-02-0512:391 reply I believe doing the standard Restart everyone knows is not enough though. The instructions saw were these
Quick-press Volume Up, then Quick-press Volume Down. Hold the side power button until the screen turns black (approx. 10 seconds). Immediately hold both the side button and the Volume Down button for 5 seconds. Release the side button but continue holding the Volume Down button for another 10 seconds. The screen will remain black. If the Apple logo appears, the side button was held too long, and the process must be repeated.
By kccqzy 2026-02-0516:08 That’s DFU mode. We are talking about BFU in this thread.
By duskwuff 2026-02-0421:41 Eh? BFU ("before first unlock") is, by definition, the state that a phone is in when it is turned on. There's no need to "force" it.
If you mean forcing an iOS device out of BFU, that's impossible. The device's storage is encrypted using a key derived from the user's passcode. That key is only available once the user has unlocked the device once, using their passcode.
Alternately, hold the power button and either volume button together for a few seconds.
By tosapple 2026-02-0418:00 This is the third person advocating button squeezing, as a reminder: IF a gun is on you the jig is up, you can be shot for resisting or reaching for a potential weapon. Wireless detonators do exist, don't f around please.
By tim333 2026-02-0512:58 One thing I miss from windows (on mac now) is there was an encrypted vault program that you could have hide so it wasn't on the desktop or program list but could still be launched. That way you could have private stuff that attackers would likely not even know was there.
By innagadadavida 2026-02-0516:58 Is there a way to setup Mac disabling Touch ID if the linked phone goes into lockdown or Face ID requires passcode? Apple could probably add that.
By rustyhancock 2026-02-0422:00 As far as I know lockdown mode and BFU prevent touch ID unlocking.
At least a password and pin you choose to give over.
By raw_anon_1111 2026-02-0419:102 reply As if the government is not above breaking the law and using rubber hose decryption. The current administration’s justice department has been caught lying left and right
By qingcharles 2026-02-0423:27 And threats aren't illegal. They can put a gun to wife's head and say they're going to shoot. It's up to you then to call their bluff.
By direwolf20 2026-02-0421:521 reply Plausible deniability still works. You enter your duress code and your system boots to a secondary partition with Facebook and Snapchat. No such OS exists.
By laosb 2026-02-061:30 How plausible the deniability is when they discover you only have those two apps and both logged out due to inactivity, while they can see your storage usage is definitely larger than those two apps?
By p0w3n3d 2026-02-0419:04 Allowed to require - very mildly constructed sentence, which could include torture or force abuse...
By neves 2026-02-0419:27 I just searched the case. I'm appalled. It looks like USA doesn't have legal protection for reporter sources. Or better, Biden created some, but it was revoked by the current administration.
The real news here isn't privacy control in a consumer OS ir the right to privacy, but USA, the leader of the free world, becoming an autocracy.
I find it so frustrating that Lockdown Mode is so all-or-nothing.
I want some of the lockdown stuff (No facetime and message attachments from strangers, no link previews, no device connections), but like half of the other ones I don't want.
Why can't I just toggle an iMessage setting for "no link preview, no attachments", or a general setting for "no automatic device connection to untrusted computers while locked"? Why can't I turn off "random dickpicks from strangers on iMessage" without also turning off my browser's javascript JIT and a bunch of other random crap?
Sure, leave the "Lockdown mode" toggle so people who just want "give me all the security" can get it, but split out individual options too.
Just to go through the features I don't want:
* Lockdown Mode disables javascript JIT in the browser - I want fast javascript, I use some websites and apps that cannot function without it, and non-JIT js drains battery more
* Shared photo albums - I'm okay viewing shared photo albums from friends, but lockdown mode prevents you from even viewing them
* Configuration profiles - I need this to install custom fonts
Apple's refusal to split out more granular options here hurts my security.
By Terretta 2026-02-0416:42 The profiles language may be confusing -- what you can't do is change them while in Lockdown mode.
By quizzical8432 2026-02-0421:19 I’m with you on the shared photo albums. I’d been using lockdown mode for quite a while before I discovered this limitation, though. For me, this is one I’d like to be able to selectively enable (like the per-website/app settings). In my case, it was a one-off need, so I disabled lockdown mode, shared photos, then enabled it again.
The other feature I miss is screen time requests. This one is kinda weird - I’m sure there’s a reason they’re blocked, but it’s a message from Apple (or, directly from a trusted family member? I’m not 100% sure how they work). I still _recieve_ the notification, but it’s not actionable.
While I share with your frustration, though, I do understand why Apple might want to have it as “all-or-nothing”. If they allow users to enable even one “dangerous” setting, that ultimately compromises the entire security model. An attacker doesn’t care which way they can compromise your device. If there’s _one_ way in, that’s all they need.
Ultimately, for me the biggest PiTA with lockdown mode is not knowing if it’s to blame for a problem I’m having. I couldn’t tell you how many times I’ve disabled and re-enabled it just to test something that should work, or if it’s the reason a feature/setting is not showing up. To be fair, most of the time it’s not the issue, but sometimes I just need to rule it out.
By ectospheno 2026-02-0416:43 Family albums work with lockdown mode. You can also disable web restrictions per app and website.
By simulator5g 2026-02-0911:37 The main point of lockdown mode is to provide security against state sponsored attacks against journalists. If it was granular the attackers would exploit whichever switches most people leave off. It would be a cat/mouse game until all the switches were turned on. So Apple skipped to the end of the game.
By ethepax 2026-02-052:01 Agreed. If I know my threat model, I don’t need unnecessary restrictions.
>* Lockdown Mode disables javascript JIT in the browser - I want fast javascript, I use some websites and apps that cannot function without it, and non-JIT js drains battery more
This feature has the benefit of teaching users (correctly) that browsing the internet on a phone has always been a terrible idea.
By rantingdemon 2026-02-0419:342 reply I'll bite. Why is it so terrible? I'm browsing this site right now on my phone and don't see the horror.
By everdrive 2026-02-0513:15 No keyboard, no mouse, tiny screen. Every single action you'd like to take is slower and more cumbersome. Want to selection a portion of a URL? Well, get ready for an adventure. Tap the URL bar once, then -- oops, now it thinks you want to copy. You can't tap the individual sections. Try to move the little "copy bars" but oops, the press didn't register because they're tiny. Spend about a minute randomly pressing the URL bar until you can actually get the behavior your want. Or, try to switch tabs. It's not hard per se, but it's an order off magnitude slower than ctrl+tab. Or search within a page. Can you just hit ctrl+g and start typing and then press ctrl+g again? No, no, you need to enter a menu, enter a submenu, then wait for the onscreen keyboard to show up, then glide your finger over that with a few corrections, then move your finger down the the tiny next button.
It's all objectively terrible, and it accomplishes nothing except allowing the user to use the internet right then and there.
By mghackerlady 2026-02-0419:553 reply Phone networks by design track you more precisely than possible over a conventional internet connection to facilitate the automatic connection to the nearest available network. Also, for similar reasons it requires the phone network to know that it is your phone
By LoganDark 2026-02-0420:31 You don't need to connect to the internet for that. It has nothing to do with web browsing at all.
The phone network already needs to know where your phone is to be able to route incoming calls.
Also, I don't get how the situation with your home internet connection changes much. Your ISP knows exactly where you are because your house doesn't move.
By mghackerlady 2026-02-0514:10 Right, but for most people you can reasonably be expected to be in your house so it isn't that big of a security risk
By everdrive 2026-02-0922:12 The phone network has a low-resolution triangulation. It does not have high-precision GPS, potentially augmented by WiFi and bluetooth. And it doesn't sell its signaling data to anyone and everyone. Equivocating smartphone tracking with cell tower pinging is disingenuous.
By TheDong 2026-02-0513:04 Installed apps can track you even more, so what you're arguing for is presumably not "don't use websites on your phone", but rather "do not use your phone, just use your desktop computer".
Which sure, not using your phone is more secure, but good luck convincing users that they shouldn't use any apps or websites on the go.
By jgwil2 2026-02-0418:59 I think that ship has sailed.
