If you value the security of your data^aEURS-^aEURSyour email, social media accounts, family photos, the history of every place you’ve ever been with your phone^aEURS-^aEURSthen I recommend against using biometric identification.
Instead, use a passcode to unlock your phone.
Can’t argue with that – especially in place where law enforcement often takes a… Liberal approach to detainees.
The police can force me to use my fingerprint to unlock my phone, but they’re not going to find anything incriminating on there. I guess they could plant something, but if they want to bust you that badly, you’re screwed either way.
I’m not one of those people who say, ‘If you have nothing to fear, you have nothing to hide’, but I do think a lot of people are too goddamn paranoid. Of course, some people have good reason to be, but I suspect most people don’t.
Edited 2017-09-14 02:04 UTC
WorknMan,
It’s not about paranoia or guilt, IMHO. Instead it is about principals and whether you value our rights as individuals that our forefathers granted us in the constitution.
That’s where I side on this issue. To me it’s 100% principle and rights. There has to be a line drawn between the people and those who are supposed to `serve & protect` us. Law enforcement should never have absolute power or control to invade what’s most private and sensitive unless there’s true reasonable cause. Human beings simply don’t do well when privacy is absent. I could never justify police abuse of power by saying `if you have nothing to hide, you shouldn’t have a problem with it`. Yes, you should have a problem with it! A HUGE one! That kind of stuff is the exact opposite of what a democratic society is supposed to be.
So, assuming you don’t have anything on your phone that might get you in trouble, you’re going to go through the inconvenience of using a pin instead of a fingerprint, because… fuck the police? Please help me make sense out of that.
WorknMan,
I was responding to your original post where you were implying that only guilty people have a good reason to be against the intrusions. Just because you don’t care, that doesn’t mean others don’t or shouldn’t care. As I said before, many people object on principal, even if the police wouldn’t find anything.
As far as your next point, people can chose for themselves what they do and why. Just keep in mind lax security doesn’t just benefit the police, it also benefits criminals. I hope people are able to make an informed decision based on realistic threat models. Unfortunately vendors (including apple) are sometimes known to mislead users by claiming their security is better than it really is – they’re not really doing their customers any favors when they exaggerate because it is not going to fool the hackers!
Edited 2017-09-15 07:08 UTC
Why do governments have secret agencies, classified documents and shit ? Because they all have pretty much dirt under the carpet they don’t want you to see. Ministers and leaders can do even more shit without loosing their head/chair, because power/friendship/brotherhood/whatever. But democracy, freedom, justice, wada wada…
No, I was implying that only guilty people ought to be paranoid enough to use only passcodes. I mean, you could be completely against police being able to force you to fingerprint unlock, but still use the feature.
As for security, I imagine the odds are about a million to one (or higher) that a security vulnerability like this is going to affect you personally before the general public finds out about it, and then you switch it off until they patch the vulnerability. Besides, there have been vulnerabilities in the past that let people get past a passcoded lock screen, so that ain’t no guarantee either.
Edited 2017-09-15 18:28 UTC
You should check your definition for ‘incriminating’… Anything that’s illegal by law, will be incriminating in your possession. If you live in a fascist police state (USA, Russia), it is very likely that many harmless things will get you in trouble.
You also need to remember that every police officer is a human aswell. They might use your data for their own private purposes or just solely for stalking you and your family, to cause trouble to a guy who ^aEUR“ for no specific reason ^aEUR“ ticked them off.
Edited 2017-09-14 04:55 UTC
I don’t think I have anything like that. Like I said, if they want you that badly, they’re going to get you.
Ironically the ones who are usually the most paraniod have no reason to, and those that are not paranoid should be.
There is a smaller subset of criminal masterminds or political dissidents that do have good reason to be paranoid and are. To them, good luck. When nation states are after you, you’ve got a lot of difficult expensive problems to solve.
But for me yeah, I’m paranoid, but then I get compromised anyways because the stupid credit bureau security sucks. no practical defense against those kind of screw ups as an individual. But I feel better knowing that if there is a screw up, its not my fault.
And in many countries^aEURS^aEUR”^aEURSincluding the US^aEURS^aEUR”^aEURSthe police can legally force you to use your fingerprint to unlock your phone. So they can most certainly point your phone at your face and unlock it against your will.
Biometric security is an oxymoron! Stick to passwords.
You’ll have to tear my iPhone 5 away from my cold dead hands
The article lacks a distinction between active biometric security and passive biometric security.
A passive solution – including Touch ID – is reasonably easy to defeat. You can simply be held down and your finger used to unlock a device.
An active solution – such as Face ID – is more difficult to defeat because you need to actually have your eyes open and be looking at the device. You could be tricked into doing so, certainly, but it would be challenging ( and comical ).
Of course, anyone could use violence against you to force you to do this but that would work just as well in obtaining a password.
( Note that, like the author of the article, I have not used Face ID, so who knows if it’s capable of detecting your face and attention effectively. )
Agreed. The article is flawed in that the author is apparently blind to the fact (pun intended) that the iPhone will not unlock if your gaze is averted.
He is also under the mistaken impression that simply unlocking an iPhone would somehow give someone the access to “all the data, social media accounts, and bank accounts that comes with it.” If you unlock my iPhone, you then have to unlock 1Password separately to get access to any of that sensitive data.
Take advantage of human being’s natural fight-or-flight response.
1. Don’t let the user know you are preparing to unlock their phone.
2. Stand behind him/her holding the phone up to their face.
3. Make a REALLY LOUD noise like glass breaking behind them.
4. Humans will naturally turn around to the source of the danger with eyes wide open.
Come to think of it, here’s another way.
1. Print out a photoshopped picture of the target in an incriminating pose on high quality paper.
2. Carefully stick it on their phone so it looks like it is loaded on the phone screen.
3. Pretend that you have unlocked their phone.
4. Ask them why their phone has a picture of them doing whatever.
5. Show it to them.
6. Target looks straight at the phone in surprise and are confused by the photo.
7. Phone is unlocked.
Summary: <in loud voice>Hey, is this your phone?
Not really. Hold down detainee, hold up phone in front of his face. If detainee closes eyes, hold up phone unexpectedly during interrogation.
Biometrics like this are convenience, not security.
Can’t wait for the new Identity ID implants.
For me the main issue with face recognition is that you have to move your phone in the right direction and that you have to look straight to the phone. The combination of these 2 actions takes a lot longer than a fingerprint scan, where you only have to put your finger on the sensor.
If you do that a 100 times a day, it starts counting.
Also for features like Apple Pay, this is a huge disadvantage. Apple Pay with face recognition will take longer than Apple with a fingerprint scan and also longer than a proximity chip card with a pin code
Honestly, if I would care strongly about the security of the data on my phone, I would probably not use a pattern to unlock it, traces of grease should be the easiest to find.
FaceID unlock (and TouchID for that matter) can be temporarily disabled by either:
– Turning off the phone, or
– In IOS 11, by hitting the power button 5 times.
So, for the iPhone X, you can disable FaceID in under a second, after which, they would need to force you to give them the pass code.
Edited 2017-09-14 10:11 UTC
It isn’t true security when enabling it requires active measures from the user.
FaceID and TouchID are also about convenience. And security that is not convenient is bad security too as people will just disable it.
Besides, this is optional. You can disable TouchID and FaceID completely. Just don’t register your face or fingerprints, and no one in the world can force you to unlock your phone using your face/fingerprints!
mkone,
I do worry more broadly about what happens as biometrics become more widely used. It’s well understood why one shouldn’t use the same passwords in multiple systems, and yet this is effectively very much what we are doing with biometrics. We end up having to violate a whole host of best practices to use biometrics. The opportunity for misuse and equifax-style leaks is ever-increasing.
So I’m now carrying a 3D scanner in my hand. How many other peoples faces could I capture in 3D detail with that?
If I had access to Apple’s database of Face2People – how quickly and accurately ( beyond typical face recognition ) could I ID people. If I didn’t have Apples database could I use a combination of a 3D model built from photos from different angles taken from the web and the captured 3D model to improve matches between the physical virtual – hold up your phone and have an AR app where is everything you can find out online about that person is in a bubble over their head.
Security services gonna love this.
In terms of device security – well at least they need the device as well as the face, I hope nobody is stupid enough to extend this to a web app.
If I understand Apple’s presentation correctly, they do not store a database of faces. They were quite clear that all recognition takes place on the device and is never sent to the internet for processing. Facial data is stored in a hardware-backed encryption enclave on the A11 chip itself. They could be lying about that of course but, given how much people are going to be digging for security flaws in it, I doubt they’d risk a lie.
Apparently if people (not sure how many) look at your iPhone X it disables the FaceID and you have to use a passcode. Apparently during the stage set up at the keynote Apple techies looked at the phone and inadvertently locked the FaceID.
So – if the cops grab your phone and look at the screen Face ID will stop working and they will need you to hand over the passcode. Clever security measure.
Edited 2017-09-14 19:05 UTC
You can disable it (and force passcode unlock) by pressing the power button 5 times.
It used to be “The cops are here! Quick, flush the drugs!” Now it’s “The cops are here! Quick, press the power button five times!”