First - I am the BIGGEST tech cheerleader BUT I hate “innovations” that are basically marketing hype combined with a bunch of crap that doesn’t work and takes up my time. I have a laptop with “face recognition” on it (which is now disabled because it is the most incredible PITA on earth) - mostly doesn’t recognize my face and when it does takes much longer than typing in a pin.
This type of stuff is a waste of everyone’s time - the developers and the customers.
Work laptops have used secure token technology for over 15 years now (I had one back when Atlanta hosted the Olympics) and why the phone companies don’t just issue secure tokens coupled with a unique ID I don’t know. It’s effective, it’s been around a long time, and no one really wants to screw around getting into their phone that much unless they are 13 years old.
“I can get you a toe. There are ways, Dude. You don’t wanna know about it, believe me. Hell, I can get you a toe by 3 o’clock this afternoon… with nail polish. These fucking amateurs…”
That’s what the marketing people will sell you but then when you sit that and try to get your finger on the pad just right or it won’t read because you are in the sunlight or it’s too dark or the battery is a little low, it’s annoying. If it does work super smoothly then it would be nice, but a lot of this gimmicky stuff is not quite as slick as the movie versions.
This will make me sound fanboyish, but I’ve not had any Apple features not work as demonstrated, from Airplay to Siri and hopefully to this. I have confidence it will work as demonstrated. I’ve found that what they show you is what you get. Whether or not you want what they show you is the question for most people.
i suspect the purpose of the fingerprint reader is to protect against people stealing your iphone and being able to get the data off of it…your IPHONE…with your fingerprints ALL OVER IT…
It’s not the same. It would be much easier as your roommate, parent, S.O, boss, co-worker, police, to lift your fingerprints than to get your pin. One requires you to look over my shoulder when I’m not looking and not hiding my input. The other you can do anytime when no one is looking. Heck, if you steal my phone my fingerprints are possibly already on it.
Apple’s tech is designed to reduce false negatives, meaning you use the right finger but it says no. This has been the pain point in using fingerprint IDs forcing you to try over & over. Judging by reviews apple has done a reasonable job at this. It quickly identifies the correct finger and let’s you in. This encourages usage where other phone implementations discouraged usage by being too unreliable.
Assuming the CCC steps work in a repeatable fashion that is a lot of steps and time to go through. Especially if you get it wrong by lifting the wrong fingerprint. You only get 5 tries at it before the password is required.
When I eventually upgrade to the iPhone or iPad that has this I plan on using it but intend to do:
Only train 1 finger.
Not the finger I primarily hit the home button with (so the first time I hit home after unlocking obliterated fingerprint on button).
Use a more complex/longer pin as backup. I already use a password instead of a 4 digit pin but having to enter it less means I can use a longer more complicated one for when it is needed.
Apple says the pin is required in any of these cases:
More than 48 hrs since last unlock
5 failed attempts with fingerprint
First unlock after reboot
There are some situations where you might try and deny a phone is yours to authorities but even with a normal phone they can compel your fingerprints and compare to physical fingerprints on the device and build a pretty good circumstantial evidence against you.
A concern is also that they’ll unlock the phone using your hands. I think my steps above minimize that but if it becomes a concern to me I’ll turn it off. Apple has not made this tech mandatory.
I’m far more concerned what the NSA is doing on the network side to listen in on me or that they’ve got apple to put in a backdoor that negates the need for any fingerprint or pin.
So I guess you’re one of the few people in the world that doesn’t read your email on your phone? Most people I know access their email on their smartphone. So, if I steal your phone I can pretty much access your bank account or many of your other accounts. I’ll search your email for which companies you have accounts with. I’ll go to your bank site, click “forgot my password” and it will likely email me a new one after texting the phone to make sure I’m you.
Apple hasn’t provided a solution. They’d provided false security. And in fact worse than a PIN. Your fingerprints are most likely on the phone. Your PIN is not.
Nope. Neither is on the device. They can hash the fingerprint authentication as well as the pin. Or in apple’s words:
“Touch ID does not store any images of your fingerprint. It stores only a mathematical representation of your fingerprint. It isn’t possible for your actual fingerprint image to be reverse-engineered from this mathematical representation.”
A pin is required to turn the feature on as is used in various scenarios and as backup authentication, but only one or the other is needed, there is no setting to require both.
Well, PIN is not all that secure either and is easily stolen without special equipment. For people with sensitive data (or just plain paranoia), no single factor security is enough.
Yes, PIN can be changed once compromised, but how do you know you have been targeted and compromised? Same issue is true for fingerprint scanner. If you (ever) find out you have been compromised, you can change the security method entirely, including stopping the use of fingerprint scanner.
While I agree wholeheartedly that people should be aware of the vulnerabilities of fingerprint scanner, for vast majority of people the convenience of instant and reliable unlock is a “good enough” solution (just read about XKCD’s decryption wrench and let me know if you aren’t convinced).
It does. He registers his index finger and uses his middle finger with something on it to unlock.
It would be more convincing if:
Phone shown not to be unlockable by middle finger first.
They showed creation of the thing on his hand. Did they lift the fingerprint they used or make a really good copy of it on clean paper & no smudges first?
How long did it take to make. Hours of work for one try doesn’t seem cost beneficial.
Or you could hack the email account directly & do the same without need to get their phone first or make a fake fingerprint or even be in the same country.
