Washington Post Raid Is a Frightening Reminder: Turn Off Your Phone’s Biometrics Now
The recent federal raid on the home of Washington Post reporter Hannah Natanson isn’t merely an attack by the Trump administration on the free press. It’s also a warning to anyone with a smartphone.
Included in the search and seizure warrant for the raid on Natanson’s home is a section titled “Biometric Unlock,” which explicitly authorized law enforcement personnel to obtain Natanson’s phone and both hold the device in front of her face and to forcibly use her fingers to unlock it. In other words, a judge gave the FBI permission to attempt to bypass biometrics: the convenient shortcuts that let you unlock your phone by scanning your fingerprint or face.-
It is not clear if Natanson used biometric authentication on her devices, or if the law enforcement personnel attempted to use her face or fingers to unlock her devices. Natanson and the Washington Post did not respond to multiple requests for comment. The FBI declined to comment.
Washington Post Raid Is a Frightening Reminder: Turn Off Your Phone’s Biometrics Now
The search warrant to raid a Washington Post reporter’s home shows how authorities can open your phone without your consent.Nikita Mazurov (The Intercept)
like this
Darkassassin07
in reply to geneva_convenience • • •Or at the very least; turn your phone entirely off (shutdown) whenever you expect or encounter police contact.
Biometrics only work when the device is already running. Mobile devices are in their most locked down/secure state when 'at rest', ie shutdown.
In android; there is also a 'lockdown' mode you can quickly activate from the power off screen, that disables Biometrics until next unlock with a pin/pattern, but doesn't fully shutdown so you can still quickly access things like the camera. This has to be explicitly enabled in settings first and will not offer much protection from various lockscreen bypass software available to law enforcement.
GhostlyPixel
in reply to Darkassassin07 • • •On iOS, with a locked device, quickly press the lock button five times to do the same, it should bring up the power off/SOS screen, which you can dismiss.
DeadPixel
in reply to GhostlyPixel • • •Pandantic [they/them]
in reply to GhostlyPixel • • •birdwing
in reply to Darkassassin07 • • •Also, don't take your phone to protests. ACAB.
Wear clothing that can't identify you. Hide tattoos and anything that might make you stand out. Get clothes from a free giveaway place, without cameras. Walk a bit differently if you need to.
Cover your face and cover surveillance cameras, or break them, or hack them (do the latter two only if you know what you're doing).
Wear a body cam. Get bear and pepper spray. Pigs can fucking get it.
Hideakikarate
in reply to birdwing • • •domdanial
in reply to Hideakikarate • • •ColeSloth
in reply to domdanial • • •domdanial
in reply to ColeSloth • • •Scirocco
in reply to Hideakikarate • • •Buy an older pixel and install Graphene
Keep it off/in a faraday bag at all times, never turn it on at home. Go to elsewhere to set it up.
If they REALLY want you, you will get got.
But there's no reason to make it easy.
jabberwock
in reply to Scirocco • • •100% it's always a question of your resources vs theirs, but you're dead on to make it harder.
I'll just add to also turn it off, pull the SIM, and show in a Faraday bag on your way back too. If the recent reporting about ICE buying location data from ad networks shows anything, it's that they are interested in a capability of following people to and from protests. Graphene should obviate this by disabling Google Play services by default anyway.
You should leave your regular phone at home, go to another place, power on your other device, speak your part in public, then travel another location and power off. This provides no consistent start or end location to work with for a particular device.
Headofthebored
in reply to birdwing • • •Cethin
in reply to birdwing • • •W98BSoD
in reply to birdwing • • •MinnesotaGoddam
in reply to birdwing • • •so what do i do with my prosthetic limbs?
tuxiqae
in reply to MinnesotaGoddam • • •MinnesotaGoddam
in reply to tuxiqae • • •tuxiqae
in reply to MinnesotaGoddam • • •myserverisdown
in reply to Darkassassin07 • • •2 things. Unless I accidentally enabled this setting, it's on by default. And what do you mean by lockscreen bypass software. What would be the point of lockdown if its not effective against law enforcement trying to brute force your privacy?
Darkassassin07
in reply to myserverisdown • • •It may well be on by default now. I just know I had to enable it the last time I looked at this.
Tools such as those provided by Cellebrite and similar.
Lockdown mode is mainly to disable biometrics, to prevent someone on the street forcibly using them to unlock your device. It's not going to stop an entire agency with more sophisticated tools.
Israeli digital intelligence company
Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)NotMyOldRedditName
in reply to Darkassassin07 • • •You should always turn off / reboot your phone if you expect it to be potentially be taken
Simply being locked after being unlocked once leaves the phone in a less secure state than if it was fully off or just rebooted and never unlocked.
If you need your phone to record the interaction, then you might only get as far as locking it, but always strive to shut it down.
crapton_america
in reply to Darkassassin07 • • •JackBinimbul
in reply to geneva_convenience • • •Jesus fucking christ.
I don't use my phone for anything other than directions, phone calls, and texting my wife. Partially because I'm not going to carry around something with tons of shit that can be used against me.
This is fucking insane.
birdwing
in reply to JackBinimbul • • •ToTheGraveMyLove
in reply to birdwing • • •birdwing
in reply to ToTheGraveMyLove • • •pineapple
in reply to birdwing • • •Simplex is probably the safest.
But I would say signal is very safe while being more convenient.
ToTheGraveMyLove
in reply to birdwing • • •birdwing
in reply to ToTheGraveMyLove • • •ToTheGraveMyLove
in reply to birdwing • • •I'm not sure what demsoc means, but I've found these sites to be helpful.
privacyguides.org/en/real-time…
eylenburg.github.io/im_compari…
The Best Private Instant Messengers - Privacy Guides
Privacy GuidesJackBinimbul
in reply to ToTheGraveMyLove • • •JackBinimbul
in reply to birdwing • • •TheLeadenSea
in reply to geneva_convenience • • •On iPhone say "Hey Siri, who's phone is this?" to disable biometric unlock temporarily.
On Android press the power and volume up buttons to open the power off screen, then press "lock down".
birdwing
in reply to TheLeadenSea • • •On the iPhone you can also press both the upper left and right button. It will enable that you can only log in with a password, even if you have Face ID/Touch ID.
You can also establish that if there are too many false attempts to log in, the phone will delete all data. I could imagine that if you kept most phone data on the phone itself, rather than in the cloud, this can be useful. E.g. insert the password wrongly multiple times.
And if you're feeling really concerned, you can make a Faraday cage (preventing it from sending data altogether). Wrap a plastic bag around, then aluminium foil tightly without gaps, then plastic.. repeat three times.
Alternatively, put it in a microwave. Or a stainless trash can with a tight lid, lining the inside with (optional: cardboard first, then..) plastic wrap, maybe more foil. Phone also foiled.
HumanPerson
in reply to geneva_convenience • • •Truscape
in reply to HumanPerson • • •HumanPerson
in reply to Truscape • • •TrackinDaKraken
in reply to geneva_convenience • • •ReverendIrreverence
in reply to geneva_convenience • • •Security
xkcdTruscape
in reply to ReverendIrreverence • • •ToTheGraveMyLove
in reply to Truscape • • •DarkSideOfTheMoon
in reply to geneva_convenience • • •ToTheGraveMyLove
in reply to DarkSideOfTheMoon • • •And then they hit you with a five dollar wrench until you open them. Not good opsec.
Infernal_pizza
in reply to ToTheGraveMyLove • • •ToTheGraveMyLove
in reply to Infernal_pizza • • •OccasionallyFeralya
in reply to Infernal_pizza • • •LeeeroooyJeeenkiiins [none/use name]
in reply to geneva_convenience • • •space_comrade [he/him]
in reply to LeeeroooyJeeenkiiins [none/use name] • • •Trent
in reply to space_comrade [he/him] • • •☂️-
in reply to Trent • • •HiddenLayer555
in reply to geneva_convenience • • •This isn't bypassing biometrics. This is using biometrics as intended. Bypassing implies this was an unexpected side effect when every security researcher ever has warned that biometrics is intrinsically vulnerable and a terrible password substitute for this exact reason.
termaxima
in reply to geneva_convenience • • •this
in reply to termaxima • • •davetortoise
in reply to this • • •daisykutter
in reply to davetortoise • • •partofthevoice
in reply to daisykutter • • •this
in reply to davetortoise • • •partofthevoice
in reply to this • • •this
in reply to partofthevoice • • •Your backups aren't nearly as likely to be subject to an immediate civil forfiture as a phone is. Cops don't need a judicial warrent to take your phone, but they do need one to search your home legally, and if you do your offsite backups in another country, they would need the cooperation of the local authorities of that country. Strong encryption can provide a relatively safe barrier for offsite backups.
Also, it's possible to have some things that may only exist on your phone and not your server/backup system(easy biometric unlock for a password manager, or encrypted chat logs, to name a few examples).
redparadise
in reply to partofthevoice • • •FirstCircle
in reply to davetortoise • • •discocactus
in reply to davetortoise • • •spizzat2
in reply to this • • •Don't they make a copy of the phone before they go about trying to unlock it?
This kind of security is only going to work against a careless or incompetent atta-- oh. I see...
Zorsith
in reply to spizzat2 • • •this
in reply to Zorsith • • •FauxLiving
in reply to this • • •partofthevoice
in reply to Zorsith • • •MinnesotaGoddam
in reply to spizzat2 • • •FudgyMcTubbs
in reply to this • • •this
in reply to FudgyMcTubbs • • •FauxLiving
in reply to this • • •Exactly this.
Read about the Hawthorne effect: en.wikipedia.org/wiki/Hawthorn… and how people change their behaviors when they are being observed. Being free of observation is vital to being able to think your own thoughts without outside influence.
If the problem is with the usage framing the hypothetical adversary as a country's law enforcement, pretend you live in a cyber North Korea and have a cellphone. The idea of an adversary is just a means of thinking about the problem. You want to build a system so that they can't capture your flag (your flag being some digital information that you want private).
Whatever the opposite of TL;DR is:
It isn't intended to be read as 'do this to avoid law enforcement so you can do crimes'.
When thinking about security/privacy (same thing), you don't know what kind of attack you may eventually have to defend against, maybe you have a partner who has decided to stalk you and so they scr
... Show more...Exactly this.
Read about the Hawthorne effect: en.wikipedia.org/wiki/Hawthorn… and how people change their behaviors when they are being observed. Being free of observation is vital to being able to think your own thoughts without outside influence.
If the problem is with the usage framing the hypothetical adversary as a country's law enforcement, pretend you live in a cyber North Korea and have a cellphone. The idea of an adversary is just a means of thinking about the problem. You want to build a system so that they can't capture your flag (your flag being some digital information that you want private).
Whatever the opposite of TL;DR is:
It isn't intended to be read as 'do this to avoid law enforcement so you can do crimes'.
When thinking about security/privacy (same thing), you don't know what kind of attack you may eventually have to defend against, maybe you have a partner who has decided to stalk you and so they screen read your PIN or a strong arm robbery where they'll try to use your phone to access your bank.
Instead of trying to imagine every single possible scenario, you imagine one model scenario. In this model scenario, the adversary has every possible capability that is available and your goal is to keep your flag safe, or be able to pass a flag between two people without it being seen, or various other scenarios (which are themselves just model problems of types of system that you need to secure).
This hypothetical adversary, in order to have these capabilities in real life, would be the equivalent of a sovereign nation with unlimited funding and access to all technologies that are possible (and some that are only hypothetical). This description fits one country pretty well and so, as shorthand, people often just write 'the feds'. I guess they could also write 'Eve' but that is a specific adversary in one kind of scenario and not the general Adversary.
type of reactivity in which individuals modify an aspect of their behavior in response to their awareness of being observed
Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)arthur
in reply to FudgyMcTubbs • • •In a situation where you are raided like the journalist, it may be worth nuking the phone. Consider the sources that could be exposed.
Having your phone available to law enforcement is the equivalent of forfeit your right to remain silent.
And more, once they have access, what is stopping them from planting false evidence?
In this fascist fever that US is living... I would prefer to avoid the risks.
discocactus
in reply to FudgyMcTubbs • • •Jack_Burton
in reply to FudgyMcTubbs • • •Not anymore you don't
FudgyMcTubbs
in reply to Jack_Burton • • •Jack_Burton
in reply to FudgyMcTubbs • • •MinnesotaGoddam
in reply to Jack_Burton • • •doodoo_wizard
in reply to FudgyMcTubbs • • •It’s easier if you think of it like a car. Say you get arrested while in or around your car: doesn’t mean you did anything wrong or broke a law, just that you were arrested. Now there’s a million ways for cops to do the backflip jetpack gymnastics to get to search your car.
Once arrested, some stuff happens but importantly, a prosecutor starts building a case against you.
Maybe you took the recycling out and a crumpled up beer can is in the back seat, that’s an open container. Maybe you picked up some starting fluid for the cold mornings, they found it in the glove compartment in a paper bag, better do that blood test on you to rule out inhalant use, that would give them dwi. Got a significant amount of cash in the locked center console, that’s drug money. Maybe you keep the sporterized bring back hunting rifle your uncle gave you in the trunk, now you have an unregistered firearm in your possession, intent to menace? How will that allow upgrading the charges they’re already building against you? Who can say?
And remember, they
... Show more...It’s easier if you think of it like a car. Say you get arrested while in or around your car: doesn’t mean you did anything wrong or broke a law, just that you were arrested. Now there’s a million ways for cops to do the backflip jetpack gymnastics to get to search your car.
Once arrested, some stuff happens but importantly, a prosecutor starts building a case against you.
Maybe you took the recycling out and a crumpled up beer can is in the back seat, that’s an open container. Maybe you picked up some starting fluid for the cold mornings, they found it in the glove compartment in a paper bag, better do that blood test on you to rule out inhalant use, that would give them dwi. Got a significant amount of cash in the locked center console, that’s drug money. Maybe you keep the sporterized bring back hunting rifle your uncle gave you in the trunk, now you have an unregistered firearm in your possession, intent to menace? How will that allow upgrading the charges they’re already building against you? Who can say?
And remember, they’re going to use any method they can to deny you your property if you somehow end up beating the laundry list of charges. You’re losing the gun and cash no question. Civil asset forfeiture will see to that. If there’s anything wrong with your car that would keep it from passing inspection even if it had a valid inspection at the time of impound they can choose not to return it to you and instead sell it at auction for their own gain or just crush it.
Now what lines and spirals are drawn in the cloud chamber of your life when that cop particle strikes your phone instead of your car?
FudgyMcTubbs
in reply to doodoo_wizard • • •doodoo_wizard
in reply to FudgyMcTubbs • • •Of course you don’t. The point of my reply wasn’t to encourage you to rig your car to explode but to explain some of the reasons why it’s perfectly understandable to take every possible precaution about your phone if you think it’s possible cops will get it.
You suppose in your earlier reply that a persons unique actions must be the precursor to a level of paranoia around law enforcement that approaches destroying the phones contents. I was trying to illustrate that everyone should be extremely apprehensive about cops getting their phones, not just those who are engaged in some clandestine bullshit ala the old mad magazine marginalia.
Of course, just turning your phone off if you’ve sufficiently hardened the settings is enough for four or five years of safety on ios and at least a year or two on android.
pemptago
in reply to termaxima • • •Wasn't there a legal dispute around this that was trying to get them with tampering/destruction of evidence? Not sure if it's foolproof.
If you do use GrapheneOS, quickly restarting the device means your pin is required before biometrics unlock is available. As I understand it -- in the U.S. -- law enforcement can legally compel you to unlock your phone with biometrics, but not a pin. Not that you can trust law enforcement to be law abiding, but at least it's a stronger case in court.
Carrot
in reply to termaxima • • •JustEnoughDucks
in reply to termaxima • • •They can prosecute you for that in many places as destruction of evidence.
(Which is weird because if they fail to convict you for whatever BS they are going for then it is the Goose meme of "evidence for what???")
sudoer777
in reply to JustEnoughDucks • • •JustEnoughDucks
in reply to sudoer777 • • •No because she evidence is stille their, they just don't have access to it (legally if they use certain tools, apparently all phones outsider of the newest pixel and most grapheneOS are exploitable and unlockable).
So that is the reason, that they would kever have access tot it when erased, as opposed to possibly getting a court order for the data in the future or nowadays just paying for an unlock tool illegally (depending on location)
pineapple
in reply to geneva_convenience • • •4grams
in reply to pineapple • • •upstroke4448
in reply to geneva_convenience • • •People, if you are taken into custody and are forced to unlock the phone and you wipe the phone instead, you are living in a fantasy world if you think you can't get in trouble for that.
Maybe that's worth it but let's not kid ourselves that there wouldn't be consequences.
Remember plausible deniability is a social concept not a legal one. It might of helped you get out of being grounded but it won't save you from jail time.
Matty Roses
in reply to upstroke4448 • • •Security
xkcdmnemonicmonkeys
in reply to Matty Roses • • •Matty Roses
in reply to mnemonicmonkeys • • •What you're trying to hide is information.
You're just shown them that you have information, and it's valuable enough for you to take pains to hide it.
They might not get it all, but they'll use the wrench to try.
monovergent
in reply to upstroke4448 • • •upstroke4448
in reply to monovergent • • •NauticalNoodle
in reply to upstroke4448 • • •NotMyOldRedditName
in reply to upstroke4448 • • •discocactus
in reply to upstroke4448 • • •upstroke4448
in reply to discocactus • • •SabinStargem
in reply to geneva_convenience • • •NauticalNoodle
in reply to geneva_convenience • • •giraffes
in reply to NauticalNoodle • • •Slowy
in reply to giraffes • • •Scirocco
in reply to giraffes • • •No.
There is no search warrant for the contents of your mind.
Of course "rubber hose decrypt" is always an option, but we're not quite there yet.
JustinTheGM
in reply to Scirocco • • •Marasenna
in reply to Scirocco • • •I really think we are.
kryptonianCodeMonkey
in reply to giraffes • • •NauticalNoodle
in reply to giraffes • • •discocactus
in reply to giraffes • • •Netux
in reply to giraffes • • •muusemuuse
in reply to NauticalNoodle • • •Texas_Hangover
in reply to muusemuuse • • •MinnesotaGoddam
in reply to Texas_Hangover • • •i like those password managers that make up word strings so it's like hunter2,facepaint,ducks, now
now i just have to type in CatsTheButtholeCut every time
Jack_Burton
in reply to muusemuuse • • •NauticalNoodle
in reply to muusemuuse • • •DolphinMath
in reply to NauticalNoodle • • •The downside to always using a passcode is that if you ever type it in public, cameras can capture what you type. Some of Flock’s cameras specifically have been shown to automatically zoom in on phones as well, I’m sure they aren’t the only ones that do so.
Personally, I’d just prefer locking it (by holding volume up and the side button), when I’m in a situation where LE might unlawfully demand I unlock it.
Sunflier
in reply to geneva_convenience • • •LeviReid
in reply to Sunflier • • •i'm WAAAY too clumsy and forgetful to have auto-erase on!
MinnesotaGoddam
in reply to LeviReid • • •eagerbargain3
in reply to geneva_convenience • • •JoeMontayna
in reply to geneva_convenience • • •lavander
in reply to JoeMontayna • • •The only safe phone is a phone with no data.
Otherwise there will be tools to gain full access.
Without forgetting the good old rubber hose attack
FWIW I think the only way to keep confidential information is hosted in another country, encrypted, with no credentials (or even the name of the server) cached, all on open sources stacks, with the infrastructure provider different from the operating system provider different from the application provider and encryption provider
Is this convenient? No
Is this accessible to the average user? No
I just think something at certain point went extremely wrong in history. We accepted control in exchange of convenience
ShrimpCurler
in reply to lavander • • •I would have thought it would be more accurate to say we accepted convenience at the expense of privacy and security...
lavander
in reply to ShrimpCurler • • •bluesheep
in reply to lavander • • •Security
xkcdlavander
in reply to bluesheep • • •Rubber-Hose Cryptanalysis - Schneier on Security
Schneier on SecurityMinnesotaGoddam
in reply to lavander • • •that's not good enough anymore. decades ago the US put enough pressure on switzerland to end the use of anonymous banking and set up what's called SWIFT and KYC. do you really think putting datacenters in other countries will be enough protection like banks in switzerland "was"?
lavander
in reply to MinnesotaGoddam • • •Of course not! For this reason you need different providers and jurisdictions for datacenters, operating systems, encryption providers.
It’s the very same principle tor works: sure you can do traffic analysis and be able to “unmask” a tor user… and for this reason tor deliberately sends traffic across 3 different jurisdictions. Is it still possible to force 3 different nodes to cooperate for the unmasking? Sure… but you need 3 jurisdictions to collaborate with that.
Also, fun fact: bank secrecy is still in effect for Swiss residents (regardless of the citizenship) and people resident outside of the US and EU.
Because things are always more nuanced than they seem 🙂
MinnesotaGoddam
in reply to lavander • • •"secrecy"
all it takes is a subpoena from any jurisdiction, and that secrecy disappears, proving it never existed.
jabberwock
in reply to lavander • • •Alright, I already "umm, ackshually'd" someone in this thread but this post in particular hit a nerve with me. The Tor security model is based on 3 hops but does not guarantee 3 different jurisdictions. Their circuit building only takes into account "jurisdiction" in the way we're using it here if you use guard nodes or specific cases when you cannot access the network directly or look like you're exiting from a Tor node.
That said, it's still a very strong project and security model. And everything you said about spreading out your providers without a single point of failure (or pressure) applies.
lavander
in reply to jabberwock • • •I haven’t looked in the tor protocol for more than a decade but if routing was done based on traditional networking parameters (ttl distance, ping, etc) pretty sure you would end up all your nodes in your jurisdiction.
If you were using pure random, routing may involve only US (where there are a significant percentage of nodes)
Instead you can see that rarely there are two nodes in the same jurisdiction.
Years ago there were a config file mapping countries to jurisdictions and maybe that has been ditched but still I don’t buy that it is pure random or using traditional routing criteria
Suburbanl3g3nd
in reply to JoeMontayna • • •myfunnyaccountname
in reply to geneva_convenience • • •idriss
in reply to myfunnyaccountname • • •Matty Roses
in reply to idriss • • •idriss
in reply to Matty Roses • • •chiliedogg
in reply to myfunnyaccountname • • •myfunnyaccountname
in reply to chiliedogg • • •freedickpics
in reply to myfunnyaccountname • • •sunbytes
in reply to myfunnyaccountname • • •Yeah but you might as well make them work for it.
It might save the next guy because they don't have time.
thatsnothowyoudoit
in reply to geneva_convenience • • •TheWilliamist
in reply to thatsnothowyoudoit • • •chiliedogg
in reply to thatsnothowyoudoit • • •Android has a feature you can turn on that adds "lockdown mode" as an option if you hold the power button, which requires a password. I just tried taking a screenshot, but I don't think I can while in the power menu.
You can also just turn your phone off. Biometrics don't work on a fresh boot.
Suburbanl3g3nd
in reply to chiliedogg • • •You can just set it up so biometrics can't unlock the phone but can be used to get into banking apps, password managers, etc. I've had this set up for a couple years and it is no less convenient than using the biometrics honestly.
It's in: settings > screen lock and biometrics > unlock type set to PIN and then you can activate biometrics and turn off the slider that indicates unlock device.
possumparty
in reply to thatsnothowyoudoit • • •RejZoR
in reply to geneva_convenience • • •FenrirIII
in reply to RejZoR • • •downvote_hunter
in reply to FenrirIII • • •FatVegan
in reply to RejZoR • • •Here is a neat little trick if the gestapo tries to raid your phone:
Americans: wow, how neat and normal
collar
in reply to geneva_convenience • • •What's interesting is that the DC Circuit doesn't allow authorities to force someone to unlock their device with biometrics. I'm assuming that Natanson's home is not inside the DC Circuit.
It's a legally unclear area right now whether or not authorities can force you to unlock your device with biometrics. As such, it's better not to use them:
decentproject.org/should-you-u…
Dozzi92
in reply to geneva_convenience • • •jabberwock
in reply to Dozzi92 • • •tobiah
in reply to geneva_convenience • • •electric_nan
in reply to tobiah • • •sudoer777
in reply to geneva_convenience • • •- If someone spies on you unlocking your phone, they don't get your encryption password
- If they figure out your PIN, they can't unlock your phone without you physically being there, and your phone may reboot to the password unlock before they get it to you
- If they compel you to use biometrics, they can't legally compel you to give them your PIN
- If they decide to start trying out common PINs and you set your duress PIN to one of them, then it wipes your phone
mazzilius_marsti
in reply to sudoer777 • • •sudoer777
in reply to mazzilius_marsti • • •JamesBoeing737MAX
in reply to geneva_convenience • • •mazzilius_marsti
in reply to geneva_convenience • • •MadBits
in reply to mazzilius_marsti • • •JackBinimbul
Unknown parent • • •