from Hacker News

Google “wontfix” a “panic pin code to wipe device” issue in Android

by develop7 on 4/26/20, 9:26 PM with 26 comments

by brianwawok on 4/26/20, 10:25 PM
How come this is worth talking about?
I am a real small dude that runs a real small SaaS app for a living, but I won't fix 1-2 customer requests a week. I don't do it for fun, and I know they are really important to the user that asked for them. But at some point you have to have vision for the direction of a product, and build features for that product that get you in that direction.
Some PM at Google decided that a panic PIN was not worth coding. I am guessing they say all the bad cases of it (my toddler typed 1234 and my phone bricked), and decided they would outweigh the good features. It seems a reasonable decision?
Does apple have a panic PIN? If so, I am not aware of it...
by deadmutex on 4/26/20, 10:24 PM
Misleading title? This was a feature request which the team feels like is obsolete. The title makes it seem like it was some buggy piece of code they decided to leave as-is.
Disclosure: I work at Google, but my views are my own.
by ceautery on 4/26/20, 10:35 PM
I can't imagine Google ever implementing that feature request. Apple had a PR nightmare after not unlocking a phone. Imagine the fallout if Google made it easy to quickly hide evidence from the authorities. It would be a legal and PR disaster, with the risk of having oppressive governments ban all Android devices.
by geofft on 4/26/20, 10:32 PM
This is a surprising threat model:
> It would be great to have the possibility to set second pin code which wipe your device without confirmations. [...] In my country (Russia, if you interested) policy try to force political activist unlock their smartphones for collect more evidence. They use tortures and threats of tortures for this. If you you can't unlock because it wiped they don't have motivation to use tortures.
My mental model of law enforcement in the US is that they don't become less inclined towards illegal violence if you anger them. If anything, I'd expect a "clear this subset of data, but go ahead and unlock the phone anyway so it looks normal" feature to be more useful.
(So I guess I think that this feature request needs more detail/discussion in order to be useful.)
by tialaramex on 4/26/20, 10:45 PM
A Microsoft employee (Eric Gunnerson?) wrote that every feature starts with minus 100 points. I can't link that claim because Microsoft periodically decides it's now a hip exciting new company and throws away things that made it relevant. In 1995 it didn't surprise me that Microsoft didn't "get" the Web, but in 2020 it does seem kinda crazy that they still don't get it.
What Eric meant is, implementing features isn't a coin toss decision. The effort of adding even the very simplest feature, and then testing it, and documenting it, and supporting it, is enormous, so all of that weighs against any potential feature from the outset. If your feature should go on the list that's because it scores "plus 100 points" against those considerations.
by rubber_duck on 4/26/20, 10:36 PM
This sounds like a decent project for a student that could be contributed to something like Lineage OS.
by thewisenerd on 4/26/20, 10:32 PM
note: I don't even dabble, and getting my info from [1] so salt
with Qualcomm, if I'm not wrong, it should suffice to, with FDE, (transparently, on entry of pin), nuke the DEK (random key generated by Keymaster), and force a device reset; this does seem like an interesting usecase for custom firmware and/or magisk
[1] http://bits-please.blogspot.com/2016/06/extracting-qualcomms...
albeit, if this does end up being implemented in some manner, wouldn't the fallback be a "confiscate electronic devices first for forensic" approach?
by mcstafford on 4/26/20, 10:38 PM
It's misleading to suggest they won't fix an identified bug, as opposed to declining a feature request.
by WillDaSilva on 4/26/20, 10:24 PM
Seems like an extremely easy feature to add. A question I'm left with is what possible reasons could they have for not wanting to implement this?