Its still better than what I have one my HTC one, nothing,
PIN codes are annoying
I think of fingerprint scanners on personal devices as a novelty feature. They donât provide much security, because anyone who wants to get into the device can. They are like simple key and lock mechanisms which can be easily picked and only protect you from the generally lawful sort of person who wonât go to much effort to break into your stuff.
One thing that people in the US â or travelling into the US â should know is that even though you canât be forced to hand over a password there, you CAN be forced to hand over your fingerprint to open a device. Your password falls under the 5th amendment right to not incriminate yourself, but your fingerprint (or really, any biometrics) do not.
NYPD has made the statement that fingerprint protection will help make your phone less likely to be stolen because it will make your phone worthless to thieves. I doubt that a fingerprint is going to give you any more protection than a pin or a pattern to unlock your phone. Yes, there are more patterns to try to match if you want to fuzz or brute force the lock, but there have been other ways shown to break into locked phones and bypass PINs already. (See Hak5 for several examples of hacks of locked phones.) I think that itâs just a matter of time before we see some non-fingerprint matching hacks for the new iPhone fingerprint lock as well.
The question, then, is who are you protecting your phone against? Your kids? Your coworkers? OK, thisâll do the trick. Thieves? This might be sufficient right now, but in a few weeks theyâll have a workaround if they donât already. Authorities? You are much better off sticking to your PIN, at least in the US. In the UK, and Iâm sure in other places as well, neither your PIN nor your fingerprint is going to keep you from opening that phone for them. And if they authorities REALLY want in, theyâll find a way.
1 Like
Your HTC one is an Android phone, right? So it has the ability to use PIN or pattern locking. Thatâs not nothing. If you are choosing not to use it, thatâs your choice.
Not quite. The point is that Apple created the illusion - like a scam artist - that their fingerprint system uses data from under the skin for biometric purposes. It was reasonable to think that such a method could not get foiled with this classic approach.
So while Starbug and the CCC basically just polished their old technique, they still provided an excellent service to Apple users.
And yes, I thought that Apple would make true their claim. Itâs not CCCâs fault, that Apple cannot deliver.
1 Like
First, there is no entity called âApple fansâ.
Second, Apple messed up, yep. They made it look as if they had new technology and apparently they donât have. If they get into a class action suit because of that, I wonât mind at all.
Third, it matters, but doesnât make Touch ID a total failure. TouchID is apparently no match for a targeted attack, But so isnât the PIN, especially the short one, when can be easily be memorized by an onlooker. But the vast majority of users arenât targets for such an attack.
There remains only one issue: Police arresting you and getting to your device by using your finger or your fingerprints. Again, not a likely scenario for most users, but a valid concern for law-abding citizens who encounter police brutality and who filmed it. In that case: Turn off the TouchID before recording or turn it off, once it gets dicey.
Otherwise, itâs still a convenient safety measure protecting users from small harm, until the tech used to trick is so cheap and commonplace that a frat boy can take his drunken friendâs iphone, break the touch ID and post nude pictures on Twitter.
1 Like
I think this is the biggest use case to consider here, as you have to both have access to the ownerâs fingerprints as well as the iPhone in question. With these methods, an ethically challenged police force could bring you in as a suspect, charge you with a bogus claim such as burglary, and take your phone and your fingerprints. After they make the faker fingerprint and unlock your phone, they can read your mail, messages, and so on. Then they drop the charge, and let you go whilst they sort through the data dump.
I would suspect this more than I would that some band of scammers or thieves would clean out my accounts with my fingerprint. Itâs something to consider if youâre a friend of Glen Greenawald or attend an Occupy demo.
1 Like
âNot quite. The point is that Apple created the illusion - like a scam artist - that their fingerprint system uses data from under the skin for biometric purposes.â
I see absolutely no evidence that Apple did any, such thing. The only possible claim they might have even implied is that the reader would be good & fast at recognizing fingerprints it had been trained on (as opposed to the Motorola Atrix, for example). And as far as I can tell, it is good & fast at that. (Mind you, whether fingerprint recognition is a good method of securing the phone is a whole, nuther issue. See lishevitaâs excellent comment above for details)
Any, addâl promises of eternal life, sparkly unicorns, etc⌠are from the fevered imaginations of biased commenters 
^^ This a hundred times. All the rabid fans were telling us we didnât know what we were talking about, we didnât know what âcapacitiveâ meant, this read the subdermal layer, Apple wouldnât let 10 year old techniques defeat it, etc, etc. Now that it has been proven to be nothing but either BS on Appleâs part, or fanboyism on the Apple fans part, it doesnât matter, it is just a simple convenience thing.
1 Like
That, or theyâre different people.
Please remember that there are more than just Apple haters and Apple fanboys, thereâs that third, oft forgotten group, âmost peopleâ.
I sort of agree with you on this. I turned off PIN security on both of my phones (iPhone 5 and Galaxy S3) because it is super annoying to put it in every time I want to unlock my phone. If I could unlock my phone with my fingerprint? I would totally do it. Some security is better than no security.
Well, thereâs also activation lock to help protect against thieves. This may end up having a workaround, but likely not. Of course, then in the case of a stolen iPhone, there could be 2 victims, in the case of naive buyers who donât think/know to check for activation lock first.
I donât remember any rabid fans defending it like you say. Even Apple did not defend it all that strongly. I watched the presentation and the thing was presented light-heartedly in full admission of its limited usefulness. That doesnât fit your scenario, so you forgot or left it out on purpose. This is about preventing nuisance trouble caused by unlocked phones. That is what they said and that is what it is.
You must not read a lot of tech forums. Please see the initial announcement threads on slashdot and engadget for just two examples. Or maybe just some examples from one BBS thread here (be sure to expand the quotes below so you can see between them they hit all my points exactly):
4 Likes
OK, I concede there are morons in the world. My bad.
1 Like
She was being polite by not calling them by the normal nomenclature⌠Fanboys 
Check the Keynote, up from minunte 57.
1 Like
LALALALALALALALLALALA I canât hear you.
This topic was automatically closed after 5 days. New replies are no longer allowed.
