HN
Today

Show HN: PanicLock – Close your MacBook lid disable TouchID –> password unlock

PanicLock is a new macOS utility designed to swiftly disable Touch ID and lock your screen, enforcing password-only access. It addresses a legal gray area where biometrics can be compelled by law enforcement, unlike passwords protected by the Fifth Amendment. This tool gives users a quick, one-click 'panic button' to safeguard their privacy without interrupting their session.

30
Score
12
Comments
#9
Highest Rank
10h
on Front Page
First Seen
Apr 17, 6:00 PM
Last Seen
Apr 18, 4:00 AM
Rank Over Time
121414161910119912

The Lowdown

PanicLock is an open-source macOS menu bar utility that provides an instant way to disable Touch ID and lock a Mac's screen, reverting to password-only authentication. This fills a critical gap in macOS, as there's no built-in method to quickly disable biometrics for security or legal reasons.

  • Instant Lock: Users can trigger a panic lock with a single click on the menu bar icon or a configurable keyboard shortcut.
  • Lid Close Trigger: An optional feature allows Touch ID to be disabled and the screen locked automatically when the laptop lid is closed.
  • Temporary Disablement: Touch ID is temporarily disabled, requiring a password for the next unlock, and original settings are restored post-authentication.
  • Technical Implementation: PanicLock utilizes a privileged helper via SMJobBless to modify Touch ID timeout settings using bioutil and locks the screen with pmset displaysleepnow.
  • Security & Privacy: The application is designed with security in mind, featuring minimal privileges, no command injection, code-signed XPC, no network activity, and open-source code for auditing.

The primary motivation behind PanicLock is to offer a protective measure against compelled biometric unlocking, leveraging the legal distinction between fingerprints/face scans and traditional passwords, ensuring users can maintain their digital privacy under duress.

The Gossip

The Legal Lowdown on Biometrics

The central discussion point revolves around the legal vulnerability of biometric authentication (like Touch ID or Face ID) versus passwords. Commenters and the author highlight that, in the US, law enforcement can often compel individuals to unlock devices with biometrics, but not with passwords, which are protected by the Fifth Amendment. PanicLock is praised for addressing this specific privacy concern, with the author citing a real-world case involving a compelled journalist's fingerprint.

Built-in Bypass Bonanza

Several users shared alternative methods to achieve a similar temporary disablement of biometric authentication, both on macOS and iOS. These include command-line tools like `sudo bioutil -ws -u 0`, pressing the iPhone's lock button five times, or bringing up the macOS shutdown screen. This led to a discussion on whether PanicLock's specialized functionality offers significant additional value or convenience over these existing, albeit sometimes less direct, options.