[19870213]

Would it be possible to construct a file/system encryption scheme where you have a read-write passcode and a read-only passcode? Such that when given the read-only passcode it would allow (legal/valid) searches by law enforcement, but not (easily) allow fabrication of evidence by planting incriminating files?

I suppose you could make it part of a signature scheme for files (file written by passcode X) so that your defense could point to the discrepancy in your favour.

[m00x]

Any backdoor made for law enforcement will eventually land in the hands of bad actors, and sometimes those backdoors will be used illegally by law enforcement.

[oh_my_goodness]

The proposal is kind of the opposite. It's a restricted mode intended for use by law enforcement.

[hnuser123456]

It's a practical feature in general, to allow anyone to poke through your phone without installing/posting/reconfiguring anything, occasionally nice to have. Then again, it would also slightly increase the social normalcy of being able to ask to snoop through other people's phones.

[asvitkine]

So they can use the banking app to transfer money away from your account because that's not stored locally on your phone? Or to look at your private photos?

[halper]

Surely even banks/countries that do not have a stronger auth method require at least a password for login?

[feet]

I think they mean two separate passcodes set by the user, same as a normal passcode

[bheadmaster]

Public key encryption perhaps?

Private key for encryption, public key for decryption. You give the authorities the public key, they can't plant any data with it.

[HPsquared]

Probably something involving digital signatures on all files.

[megous]

And what proves you didn't introduce the discrepancy yourself? (Since you'd benefit from it, it's quite plausible you would.)

[ranguna]

If you mount an decrypted file system from another user, doesn't that make it inheritly read only if you are not a super user?