iPhone 5S

tomBitonti said:
I thought this style of identity detection (using biometrics) was decided upon as a poor technique by the security community?

Once someone else has your fingerprint and a way to spoof it, there is no way to generate a new biometric.
Click to expand...

Well, if hackers steal one of your fingerprints, just use a different finger. :)

You are generally correct, though. Biometrics are a poor method of security. What they are useful for is user identification. Like Janx mentioned, you could have the phone recognize the user and pull up their profile based on who pulls it up, like a user log in that doesn't require you to remember the user name. I used to work at a company that was implementing fingerprint identification for QA purposes (i.e. the system knows that Worker #23 built widget #294839). I ended up leaving that company before the implementation was successful, though.

The part that confuses me is the things that made fingerprinting useful there make it a pain in the butt for a phone. There are inevitably going to be times when it is *useful* to log in as someone else on a computer, and fingerprint access makes that hard. And the concept of user accounts is potentially useful on a shared computer, but phones tend to be single-user system. I really have no reason to set up a second user account for my wife. I suppose there may be times when it's useful for kids or emergency calls, but proper passwording and 911 access on home screens have already solved these problems.

Practically, using a fingerprint has a problem of use in an even slightly dirty environment, or with wearing gloves, or, say, what happens if you have a cut or burn.
Click to expand...

Aside from wearing a bandage over a cut, this is less of an issue that you would think. A fingerprint scanner doesn't actually take a photo and compare direct images of your print to a previous image. At least, the one we used in manufacturing didn't. Instead, it processed the scan as a series of lines, and identified about 10 key locations: things like intersecting lines, centers of circles, etc. It then stored just the data for these points, and compared them to the same key points on any new scan. It could allow a couple of points to change (i.e. you have a small cut, one point is screwed up) and still pass the scan. Coloration or lighting wouldn't have any effect as long as there was sufficient contrast, and distortion of the image could be allowed as long as it was uniform in the right way (i.e. known smudging or scanning artifacts).

This method also removes the security risk of hackers (or the NSA) stealing your fingerprint for access elsewhere. Since the system didn't actually store an image of your fingerprint, there was no way to completely reconstruct it. A stolen data file could only be used to spoof your ID if it was used on an identical fingerprint ID system with identical settings.
 

log in or register to remove this ad

The reason I'm not excited about the iPhone 5s --or any of the new smartphones, really-- is that my 32GB 4s is still a damn good mobile device. My only complaint is the battery doesn't last quite as long as it used to.

Maybe I'll upgrade next year... or, you know, just replace the battery.
 

The fingerprint thing on the iphone is something that folks must press in order to use their phone, it can't be ignored or worked around. Apple assuring us that it's secure and only on the phone is, well, not a thing I'll trust on just their say so. So millions of users scanning their fingerprint constantly and all of them available potentially to be warehoused and then used at the NSA's leisure. Tin foil hat, yea, it is, I realize that it's hyperbole, but I would have said it was tin foil hat to accuse the NSA about a ton of stuff the NSA has already done and continues to do right now. Lots of stuff, as far as I know, they've had to admit to by court order.

Eh... I realize I'm straying into politics. I'll stop now and remove this if I need to.
 
Last edited:

Morrus said:
Weird. I didn't for a moment imagine it was anything more than a quick way to optionally bypass entering a code. Why are you guys thinking you won't still be able to enter your pass code if there's a scanning issue?

Also, [MENTION=8835]Janx[/MENTION] - that doesn't remotely resemble my phone usage. My wife and I have our own phones, as I suspect is common. Sharing a phone would make it hard for me to call her!
Click to expand...

Because we didn't think of that ;)

Well, the you and your wife scenario was contrived. Though having "any" iPhone you swipe become "your" iPhone might be handy (though not in a promiscuous way, I'm thinking within your own household).

The problem is more common with parent and kids and tablet devices. Both of those scenarios involve more sharing of the device.

While i wouldn't consider it, it seems quite a few parents are more than happy to hand over the device to the little rugrats to shut them up while waiting in line.

So imagine it more as debuting on iPhone 5s, but its real value would be seen on iPad5.


In any event, I don't choose to buy/not buy the next iPhone based on what new doohickey Apple puts in it.

I've been in iOS since the iPod Touch 1, so like you, we're invested in the platform. Since it doesn't particularly suck (aside from paying to rebuy stuff in Android, Android doesn't offer anything I care about), iOS is good enough.

So, instead, our decision is to buy the "current" model when a phone's 2 year contract expires. I started with the 3g, so I got the 4 and now the 5. My wife is on the odd years, so she went from 3gs, 4s and will pick up the 5s.

We do this because it load balances the expense, and we maximize trade-in value of the old model to defray the cost of the new model. it also avoids battery issues as the batteries start to go soft after 18-24 months.

Since Apple only supports a model for 3 years, we get rid of the old model before it truly hits end of life, thus protecting our resale value. If you hold the phone too long, you're losing value. Getting 50% of the price of the newest model is what helps keep the treadmill a viable proposition.

Barring some horrible policy announcement by Apple, we're not likely to get off the iOS train. We've got too many apps and music bought up and licensed to too many devices (2 ipads and 2 iPhones). And since we oscillate who upgrades when, there's never a time to make a clean break if I wanted to.
 

darjr said:
The fingerprint thing on the iphone is something that folks must press in order to use their phone, it can't be ignored or worked around.
Click to expand...

Of course it can. You can enter a 4-digit code instead.

Apple assuring us that it's secure and only on the phone is, well, not a thing I'll trust on just their say so.
Click to expand...

Well, in that case, why believe anything Apple says about the phone? Besides, I'm sure it'll take an intraweb full of tech people about 3 seconds to verify that once they get their phones. It would be a remarkably silly thing to lie about.

Janx said:
Barring some horrible policy announcement by Apple, we're not likely to get off the iOS train. We've got too many apps and music bought up and licensed to too many devices (2 ipads and 2 iPhones). And since we oscillate who upgrades when, there's never a time to make a clean break if I wanted to.
Click to expand...

Yeah, same here. Locked in!
 

iOS is good. I do really like it. Though I'm starting to like android a bit more. My nephew can really get around on iOS, not so much on android.

Anyway I thought the music was mostly DRM free now? But I do feel the pain of changing eco systems.
 

Deset Gled said:
Well, if hackers steal one of your fingerprints, just use a different finger. :)

You are generally correct, though. Biometrics are a poor method of security. What they are useful for is user identification. Like Janx mentioned, you could have the phone recognize the user and pull up their profile based on who pulls it up, like a user log in that doesn't require you to remember the user name. I used to work at a company that was implementing fingerprint identification for QA purposes (i.e. the system knows that Worker #23 built widget #294839). I ended up leaving that company before the implementation was successful, though.

The part that confuses me is the things that made fingerprinting useful there make it a pain in the butt for a phone. There are inevitably going to be times when it is *useful* to log in as someone else on a computer, and fingerprint access makes that hard. And the concept of user accounts is potentially useful on a shared computer, but phones tend to be single-user system. I really have no reason to set up a second user account for my wife. I suppose there may be times when it's useful for kids or emergency calls, but proper passwording and 911 access on home screens have already solved these problems.
Click to expand...

Thanks for the info!

About user profile selection, would this be useful in conjunction with other devices? That is, for profile selection out of the cloud? That is, not only for identifying the user to the iPhone, but for the iPhone identifying itself and the user to the cloud?

I think that is a stretch. I'm trying to make the feature useful, and trying to see what bigger goals could be planned for the technology.

I do wonder what demand there is for this feature. Most folks seem to use the four digit quick login quickly and without complaint. Do corporate or government agencies have a need for this feature?

I personally don't think I would use it, and would rather not have to pay for it if I ever upgrade. I don't suppose there is a model which doesn't have the scanner?

OhOh! If your device is confiscated, say, as a part of an police or border security investigation, would you be required to disable the feature when you handed over the device? Hmm.

And, is it tin foil hattery to wonder if the implementation (the independent chip, or whatever) has built in overrides, added to satisfy certain unnamed agencies?

I do think the Apple model of telling people what they want (Jobs famous statement) is rather poor practice for this feature, as it is setting a wide policy in regards to security and the use of fingerprints.

Thx!

TomB
 

tomBitonti said:
Thanks for the info!

About user profile selection, would this be useful in conjunction with other devices? That is, for profile selection out of the cloud? That is, not only for identifying the user to the iPhone, but for the iPhone identifying itself and the user to the cloud?
Click to expand...

It doesn't have user profile selection.

The fingerprint thing is literally just a small thing to bypass entering a passcode. That's all. They said at the speech that it was based on the fact that their research showed that over half the customers don't put a passcode on their phones because they find it too inconvenient. This is merely providing an alternative to that.
 

Deset Gled said:
The part that confuses me is the things that made fingerprinting useful there make it a pain in the butt for a phone. There are inevitably going to be times when it is *useful* to log in as someone else on a computer, and fingerprint access makes that hard. And the concept of user accounts is potentially useful on a shared computer, but phones tend to be single-user system. I really have no reason to set up a second user account for my wife. I suppose there may be times when it's useful for kids or emergency calls, but proper passwording and 911 access on home screens have already solved these problems.
Click to expand...

nice write-up, which covers darjr's concern.

Right now, it's impossible to convince my wife to enable a password on her phone. It's too much of a hassle.

So making some kind of security feature be seamless is better than leaving the front door unlocked.


And in my experience, she's not entirely wrong. I've got an Android and iPhone with passcodes on both. When you're in a hurry to place a call or look something up, or check an email, it is an extra fumbley hassle to get to the thing you really wanted to do.

So if the phone can identify me in a way that I don't notice, that's actually quite handy and less stressful when I've mis-swiped for the 3rd time and my wife is chiding me for having that stupid password turned on.

So doing the smart thing AND not looking stupid for doing so in front of the wife has some value
 

darjr said:
iOS is good. I do really like it. Though I'm starting to like android a bit more. My nephew can really get around on iOS, not so much on android.

Anyway I thought the music was mostly DRM free now? But I do feel the pain of changing eco systems.
Click to expand...

it's not just about DRM, it's about being in a format your device can read.

MP3 may not be the most perfect audio format, but it is excellent for being supported on every music file playing device on the planet.

H.264 may not be the most perfect video format, but it runs on PSP, PS3, iThing, Xbox360 and PC.

Music bought from iTunes is in some other format. Most other players likely don't support it. So moving over isn't feasible without some effort.

This is where the pro-Android camp would chime in that buying everything in MP3 is the most perfectest thing in the world. And they're right.

But it you're not planning to leave Apple, there's nothing wrong with iTunes.
 

Similar Threads

Libertad
D&D 5E [Let's Read] Silk Road Guide to Seafaring: 1st Century Historical Fantasy where the PCs are aspiring explorers and trade captains!
2
Replies
12
Views
2K
Libertad
Libertad
aiouh
WotC $HAS (Hasbro) surges 14.4% at Q1 Earnings; Earnings Call Transcript, First Quarter 2025 Financial Results
2 3
Replies
21
Views
1K
Umbran
Umbran
Abstruse
Freebies, Sales, and Charity Bundles for April 6, 2025
Replies
3
Views
9K
popuman
popuman
Abstruse
News Digest for the Week of July 28
2
Replies
10
Views
7K
Whizbang Dustyboots
Whizbang Dustyboots
darjr
D&D General Why Mike Mearls left D&D, an interview by Ben Riggs.
7 8 9 10 11
Replies
101
Views
11K
Impeesa
Impeesa
Remove ads

Top