This post brought to you by the Samsung Army. “We pay, you say!”
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
10-Year-Old Unlocks Face ID on His Mother's iPhone X as Questionable Mask Spoofing Surfaces
- Thread starter MacRumors
- Start date
- Sort by reaction score
This post makes the most sense and I’m guessing #2 is what happened with this woman and her son. If someone knows your passcode who cares about Face ID at that point?
You essentially did the FaceID equivalent of what I trained TouchID to do inside the video in this post.
I suspect that Apple is using similar machine learning at the bit level, which allows it to meld two separate entities into one.
She should also secure her phone from her ten year old kid with Swift Kick In The Ass ID.
Yea, and if you're in that 1% I guess you would have a different view? Wait till January. This is the tip of the Face ID Iceberg.
They key phrase being “according to Apple”. They’ve provided no evidence to support this claim.
But but but Apple said "The technology that enables Face ID is some of the most advanced hardware and software that we’ve ever created".
Stop blaming users or telling them to stop complaining when they paid $1000 or more for a device advertised to be secure enough that "You can use it to authorize purchases from the iTunes Store, App Store, iBooks Store, and payments with Apple Pay."
Before people say I made this up, these quotes are taken directly from Apple support site https://support.apple.com/en-us/HT208108
Minor issue. Apple have confirmed that this is STRICTLY LIMITED to customers who have parents or children and no one else whatsoever.
I have an iPhone X. I know how Face ID works. It’s extrememly easy to set up.
But, when someone intentionally tricks it, by scanning two faces, entering a passcode when a face is denied to make it accept another face...then acts like “why did it do that”. They know why it did that.
If you don’t want someone else to have access to your phone, don’t intentionally trick it, then act like
. They all know what they did. They are leaving out a key piece of the story.
I’m not blindly defending it.
It’s no different than if someone scanned their fingerprint, with someone else’s, when they set up Touch ID. Then acted like “why is it accepting both our fingerprints”.
If you set up either Face ID or Touch ID as instructed, it will work the way you want.
But, when you intentionally trick it, and then act like you don’t know why it works the way...
Yea, and if you're in that 1% I guess you would have a different view? Wait till January. This is the tip of the Face ID Iceberg.
Quoting for future reference.
It's a good thing you ended the posts with "Facts." otherwise it seems like you're only taking Apples word for it. Since you ended with "facts" it must mean that you have some extensive, independently verifiable data proving this claim. Would you be willing to share this wealth of knowledge with the rest of us?
This. Biometric systems can be fooled. They're not "secure" in the sense that no one can break in who really wants to.
However, for the overwhelming majority of users who are not captains of industry, a high placed official, or a target of someone out to get them, biometrics are Good Enough.
That sentence you quoted doesn't say a thing about security. Or even claim that it's the best soft/hardware version in the world. All it said was that it's some of the most advanced stuff that Apple has made. Meaningless fluff
That paper also states:
"The probability that a random person in the population could look at your iPhone X and unlock it using Face ID is approximately 1 in 1,000,000 (versus 1 in 50,000 for Touch ID). "
But then it turns around and points out that families and kids are not included in the above-stated "random person" set, and recommends a passcode to protect against them.
"The statistical probability is different for twins and siblings that look like you and among children under the age of 13, because their distinct facial features may not have fully developed. If you're concerned about this, we recommend using a passcode to authenticate."
Last edited:
Did Apple provide proof of 1:50,000 for TouchID and 1:1,000,000 for FaceID?
FaceID is less secured than TouchID because that someone is some random people living somewhere in the world who has no access and no idea that he can unlock my phone.
FaceID on the other hand, that someone is close to me and can have access to my phone if he/she wants to.
Last edited:
A new video has surfaced of a 10-year-old child unlocking his mother's iPhone X with his face even though Face ID was set up with her face.
The parents, Attaullah Malik and Sana Sherwani, said their fifth-grade son Ammar Malik simply picked up his mother's new iPhone X without permission and, to their surprise, unlocked the device with his very first glance.The younger Malik was then consistently able to unlock his mother's iPhone X, according to his parents. He was even able to unlock his father's iPhone X, but only on one attempt, which he has since been unable to replicate.
WIRED reporter Andy Greenberg suggested that Sherwani re-register her face to see what would happen. Upon doing so, the iPhone X no longer allowed Ammar access. Interestingly, after Sherwani tried registering her face again a few hours later in the same indoor, nighttime lighting conditions in which she first set up her iPhone X, the son was able to regain access with his face.
The parents clarified that no one ever entered the iPhone X's passcode after any of the failed unlocking attempts. That's important, since when Face ID fails to recognize you beyond a certain threshold, and you immediately enter a passcode, the TrueDepth camera takes another capture to improve its reliability.
Apple explains in its Face ID security paper:Given no passcode was ever entered, we can assume that Face ID never learned and adjusted for the son's face.
The same Face ID security paper states that the probability of a false match is higher among children under the age of 13, because their distinct facial features may not have fully developed. Given the child is only 10 years old, and Apple's information, what's shown in the video isn't a surprising flaw.
Nevertheless, the video is further evidence that Face ID isn't 100 percent foolproof given just the right circumstances. If you are concerned about this, Apple merely recommends using only a passcode to authenticate.
In related news, Vietnamese security firm Bkav recently shared a video in which it was able to spoof Face ID with a mask. The video is generating headlines since Apple said Face ID uses sophisticated anti-spoofing neural networks to minimize its chances of being spoofed, including with a mask.
The mask was supposedly crafted by combining 3D printing with makeup and 2D images, with some special processing done on the cheeks and around the face. Bkav said the supplies to make it cost roughly $150.
We're skeptical about the video given the lack of accompanying details. For instance, Bkav hasn't specified whether it disabled Face ID's default "Require Attention" feature, which provides an additional layer of security by verifying that you are looking at the iPhone before authentication is granted.
Even if the video is legitimate, it's hardly something that the average person should be concerned about. The chances of someone creating such a sophisticated mask of your facial features would seem extremely slim.
Apple so far has not responded to the videos, beyond pointing reporters to its existing Face ID security paper we linked to above.
Article Link: 10-Year-Old Unlocks Face ID on His Mother's iPhone X as Questionable Mask Spoofing Surfaces
if the son unlock mom's phone then bad luck for the mom ...others who bought iphone X are safe, no need to worry
and that vietnamese so-called security firm is all gimmick.. if somebody take all the hassle to 3D print my face and do other measures to unlock my phone then i guess the person deserve my phone anyway as a prize
Left and right? Please show me claims "left and right" of family members unlocking using face ID. I have seen one (the one linked here). Left and right would indicate at minimum hundreds if not thousands for the millions of iPhone X's sold.