I've heard that duress pins/passwords and false roots and the like aren't actually helpful. IIRC the argument was that if they're familiar with your OS they're familiar with the duress pin capabilities.
But even if that's the case, there's no way to tell if a duress pin was used, right? And if you're in a place with weak legal processes and they decide possibility=guilty, then the duress pin doesn't make things worse, right? I.e. if they wanted to do something to you, then "lack of evidence due to duress pin" is no different than just "lack of evidence" i.e. the pin at least doesn't make things worse...
stevefan1999 6 hours ago [-]
Simple, "if you try to enter the duress pin, you and your family and your friends, will be beaten to death, and I will make you watch them die one by one, unless you tell me the real pin, and then kill you next"
Increasing the extreme and cruelty of violence. It always works. That also means the "investment" of each action will have higher stake, though.
It is not an intimidating thought experiment, it is being used in the 2026 Iranian Protest by the IRGC
piaste 28 minutes ago [-]
Even in that scenario, having the duress pin option does not make things worse. It's functionally equivalent to smashing the phone, just easier to do with one hand.
i.e. whatever they do to you if you wiped the phone via duress PIN, they would already do to you if you managed to smash the phone.
rendaw 4 hours ago [-]
Okay I'm IRGC, and I think this guy has some information. So I threaten him. He gives me his PIN. I get into his device, and can't find the information.
Did he wipe his device? Or did I get the wrong guy? I'm convinced he had the information, so whether he used the duress PIN or not I'm going to go through with the torture...
Also, even if you're right, then that would mean that the duress PIN is useful in places that aren't Iran right? Like the US? Canada?
avra 38 minutes ago [-]
Is the wiping functionality implemented so inconspicuously that you can't tell the device has been wiped?
HN automatically uses canonical links for submitted pages when it can find them, and when it does the # and what follows in submission URLs aren't included. So to provide the full URL, you need to include it in a comment.
yndoendo 8 hours ago [-]
For people that don't know.
Duress PIN is a feature started by security systems. Entering the dress code would seam as if the security system was disabled while in the background it would contact the security company to send in the police.
rendaw 8 hours ago [-]
Maybe generally, but in this case it seems like it just wipes the device.
Rendered at 11:22:38 GMT+0000 (Coordinated Universal Time) with Vercel.
But even if that's the case, there's no way to tell if a duress pin was used, right? And if you're in a place with weak legal processes and they decide possibility=guilty, then the duress pin doesn't make things worse, right? I.e. if they wanted to do something to you, then "lack of evidence due to duress pin" is no different than just "lack of evidence" i.e. the pin at least doesn't make things worse...
Increasing the extreme and cruelty of violence. It always works. That also means the "investment" of each action will have higher stake, though.
It is not an intimidating thought experiment, it is being used in the 2026 Iranian Protest by the IRGC
i.e. whatever they do to you if you wiped the phone via duress PIN, they would already do to you if you managed to smash the phone.
Did he wipe his device? Or did I get the wrong guy? I'm convinced he had the information, so whether he used the duress PIN or not I'm going to go through with the torture...
Also, even if you're right, then that would mean that the duress PIN is useful in places that aren't Iran right? Like the US? Canada?
https://grapheneos.org/features#duress
HN automatically uses canonical links for submitted pages when it can find them, and when it does the # and what follows in submission URLs aren't included. So to provide the full URL, you need to include it in a comment.
Duress PIN is a feature started by security systems. Entering the dress code would seam as if the security system was disabled while in the background it would contact the security company to send in the police.