Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Better *NOT* Use Biometric ID for the iPhone
- Thread starter SomeDudeAsking
- Start date
- Sort by reaction score
We have two eyes, the possibility of wearing contact lenses, and ten digits (well, most of us anyway). No problem.
Besides, anyone who has seen Minority Report knows you can get new eyes if you need them..duh! And also that the sound in that movie when your eye is scanned is the same sound as when you plug in your iPhone. Old news, I know, but I just noticed it a couple days ago
Passwords are so dated... last centuries tech... insecure...
NO WAY I WILL EVER GO BACK!!!
I always lug 2 or five hands of ähmmm people (you don't have to know them... fish-food anyway) around to be able to change my password whenever I think I need to...
NO WAY I WILL EVER GO BACK!!!
I always lug 2 or five hands of ähmmm people (you don't have to know them... fish-food anyway) around to be able to change my password whenever I think I need to...
Military grade biometrics is very good; commercial grade is very poor. There were some studies done for the finger print scanners that were hitting the market about 4 years ago. Why didn't they take off? Because they found that most simple finger print scanners could be fooled with a photocopy! Some of the better ones also measured heat, so putting the photocopy on your finger! With the photocopy on your finger, you could fool 90% of all of the consumer fingerprint scanners. The last 10 percent were fooled by taking an impression of a fingerprint and putting it onto a latex glove.
In other words, the commercial finger print scanners offered much worse security then good passwords. Thus to make a system secure, you need to have the fingerprint scanner along with password. Thus is it really worth it?
In other words, the commercial finger print scanners offered much worse security then good passwords. Thus to make a system secure, you need to have the fingerprint scanner along with password. Thus is it really worth it?
What you have, what you know and what you are. Pick at least 2 and the system will be fine.
Then again, the villain can always search for you smartcard, torture you for the PIN and cut off your finger for the finger print. Nothing can stop someone so determine. But if you have something that valuable in a phone, I suggest you hire a security consulting firm for a custom solution.
Then again, the villain can always search for you smartcard, torture you for the PIN and cut off your finger for the finger print. Nothing can stop someone so determine. But if you have something that valuable in a phone, I suggest you hire a security consulting firm for a custom solution.
I was just thinking of someone will cut of your finger for a finger print then they will probably not think twice about chopping of your finger to force you to reveal your password.
I find this thread a bit absurd. Chopping off fingers? Gouging out eyes? WTH. In what kind of situation would this happen? You know if the person is really going to gouge out your eyes... might as well just give the password. I guess we should expect seeing cases of iPhone owners having their fingers chopped and eyes gouged out.
if you then tried to apply that scan to the device to unlock it, wouldn't it be backwards, thus not actually unlocking the device?
I highly doubt it'd be an unencrypted thing. The reason PIN numbers can be stolen is if you put skimmers on an atm machine or phish the person, you get ahold of the actual number. The actual "ones and zeros" are encrypted, so those aren't what get stolen. With biometrics, you can't steal the exact number, you'd be stealing the mirror image of it. And plus, I'd assume theres subtle things on your fingerprint/retina that can't be reproduced, so without the physical finger/eye, you couldn't unlock the phone.
Also, if you were afraid someone had got a scan of your index finger, couldn't you just switch it to your middle finger? Every finger is different. I doubt you'd need to change a password more than 12 times (10 fingers+2 eyes), if you do then you sorta deserve to have your account hacked cuz you must be doing some stupid things to keep getting hacked.
EDIT: after reading through the second page, it seems the biometric scanner could be fooled if it wasn't military grade. But who's to say apple hasn't developed something on par with military grade? If they do use it (doubtful) they won't use it until it is up to their standards.
And also, a fingerprint even on a crappy scanner is infinitely more secure than 4 numbers against your average person. I don't really plan on black operatives being after the information stored in my phone. An average thief wouldn't have the skills or equipment necessary to get ahold of my fingerprint, but they could potentially guess a passcode.
Last edited:
Exactly. Let's all just take a step back and see how ridiculous this entire conversation is.
actually microsoft already owns the patent on those, so it's already been taken care of. thanks for the concern though. here's the link of concern
If Apple makes this mandatory to use a iPhone
Then I will be dumping my iPhone!
Plain and simple
Thank you.
It's the same like Debit / Credit cards, Sunpass / EZ Pass or whatever you have in your area for your cars, etc..
Technology that simplifies things, but at the end of the day it all depends on who gets a hold of that information and how they use it.
While true it does require some fairly advanced stuff to get the 3d models you need to make it work.
That being said often times Biometric in high security stuff normally will require both the Biometric and a password to work. Hell I know of some things that require Biometric, password, a Physical device and a number sequenced that chances ever 60 sec to be entered.
Stealing pass words currently is a heck of a lot easier than getting Biometric data.
I love how people get all worked up about security and privacy. Yet, these are the same people browsing the net to complain and using credit/debit cards all the time. I am sure the same person also has a motor vehicle that is registered to them as well as a drivers license/ID card. Even a Social Security card too! Let's not even include your mobile phone with this conversation.
So, unless you have NONE of those things and live in the woods somewhere (which you don't because you're posting here), what's the problem? Threads like this are useless. It's like complaining your fat but admit you love pizza and eat it all the time. However, you start bitching if they add extra cheese which might clog your arteries.
So, unless you have NONE of those things and live in the woods somewhere (which you don't because you're posting here), what's the problem? Threads like this are useless. It's like complaining your fat but admit you love pizza and eat it all the time. However, you start bitching if they add extra cheese which might clog your arteries.
Let's get one thing clear: if someone really wanted to hack into your iPhone and had the right set of skills to do so - they would. Same applies to your bank account and your identity. However, people like you and I are regular civilians and don't have some $50 Billion in our banks that will attract any one with the wrong intentions to come and break in. That being said - I'm sure many would agree that 99% of the people cannot simply hack in; thus, you're protected.
I still think you are oversimplifying this but you are entitled to your opinion and this is mine: first a password is easier to steal then your iris or a finger print, no one in the first place will go through some complicated plan, hack etc to get into your phone unless u are like the president. And apple would not be smart to put these types of security on there portable devices because u need some pretty expensive stuff to get it to not be retarded. And add in other things other members have said and ur argument is falling apart but I can see where you are getting at.
Whether the OP's analysis is correct or not (and I don't think it is), I don't see why they couldn't just offer you the option of biometrics along with the option for a password. And, for the truly paranoid, you could use both.
The thing that never ceases to amaze me about this forum is how many Apple folks hate the idea of giving users choice/options. All the anti-Verizon and anti-Blu Ray nonsense are more good examples.
The thing that never ceases to amaze me about this forum is how many Apple folks hate the idea of giving users choice/options. All the anti-Verizon and anti-Blu Ray nonsense are more good examples.
Last edited:
Nothing is truly safe, if a mildly educated hacker wants your information they can get every bit of it in a short amount of time. Your password takes minutes, your credit information 1-2 hours, social security numbers in a day at most.
But you want to know something? 99.9% of these people do not care, they scam most people via fake websites, scams, and hacking into company data-bases. Meaning your passwords/ biometric system is only to make YOU feel safe. Just like a home security system it deters new comers, slows the amateurs and makes the experts chuckle.
In the end they have the same purpose as a night light.
People today think their life story and information is more significant than others, that they must keep everything secret because people just follow them around waiting to snatch their info at the slightest mistake. Guess what no body cares about you, the few that care are called friends, family and loved ones for a reason. Your not special get over yourself.
But you want to know something? 99.9% of these people do not care, they scam most people via fake websites, scams, and hacking into company data-bases. Meaning your passwords/ biometric system is only to make YOU feel safe. Just like a home security system it deters new comers, slows the amateurs and makes the experts chuckle.
In the end they have the same purpose as a night light.
People today think their life story and information is more significant than others, that they must keep everything secret because people just follow them around waiting to snatch their info at the slightest mistake. Guess what no body cares about you, the few that care are called friends, family and loved ones for a reason. Your not special get over yourself.
Last edited:
I don't know about you, but my passwords take orders of magnitude longer than the heat death of the universe to crack and I can change them at any time. And I don't go around parading my passwords, unlike my finger prints and eyes which are in plain sight all the time. And unlike biometrics, I don't get royally screwed over and get ALL my accounts hacked if I give up a password. With biometrics, you are literally pwned in everything. Maybe I should start being more like Michael Jackson and wear one glove all the time?
I think it's a double edged sword, obviously.
Positive: Going outside of the "standard password" is going to push for more ways to secure your device data. Especially when we're more and more reliant upon our mobile devices bridging the home/office.
Generally if someone wants your data they can get it, and if you're keeping THAT sensitive of data that people with those means want it then hopefully you don't keep it on your mobile device as is. This is something for the standard consumer. Even average grade consumer biometrics would be a welcome security feature for someone like me who keeps pretty much no sensitive (money, work) data on my device and I use an email outside my normal for "reminders" for sensitive accounts (banking, etc) so the one on my device isn't the same.
Negative: Obviously it could create a false sense of high security for those not too familiar w/ it, and/or does keep sensitive data on their device. Then again those people probably keep the same sensitive data on their device w/ a 4 digit pin anyways so it's not like there's much of a difference.
I'm assuming, if this were to happen, you'd be able to set the level of security you're using (fingerprint, iris, fingerprint + iris). So for those who set Fingerprint only aren't you defeating the purpose since there's a 90% chance your fingerprint is on the glass at any given time from tapping the device or touching the back, etc? Seems silly to me.
So long story short:
- Day to Day Consumer w/o sensitive data (or a job that could cause you to be in the sights of data thieves) this is a good thing. New options which will cause other groups to try to up that bar, and overall should help increase mobile device security in the long run. Plus to the average consumer this is pretty damn secure unless someone is literally trolling for devices from that generation and literally stealing them all Pokemon style.
Executive/Government/Target etc type users:
- Depending on their level of IT savvy this could be just another way for the user to feel more secure than they are, and something new to exploit.
Anyhow... that's my thought. Move on.
Positive: Going outside of the "standard password" is going to push for more ways to secure your device data. Especially when we're more and more reliant upon our mobile devices bridging the home/office.
Generally if someone wants your data they can get it, and if you're keeping THAT sensitive of data that people with those means want it then hopefully you don't keep it on your mobile device as is. This is something for the standard consumer. Even average grade consumer biometrics would be a welcome security feature for someone like me who keeps pretty much no sensitive (money, work) data on my device and I use an email outside my normal for "reminders" for sensitive accounts (banking, etc) so the one on my device isn't the same.
Negative: Obviously it could create a false sense of high security for those not too familiar w/ it, and/or does keep sensitive data on their device. Then again those people probably keep the same sensitive data on their device w/ a 4 digit pin anyways so it's not like there's much of a difference.
I'm assuming, if this were to happen, you'd be able to set the level of security you're using (fingerprint, iris, fingerprint + iris). So for those who set Fingerprint only aren't you defeating the purpose since there's a 90% chance your fingerprint is on the glass at any given time from tapping the device or touching the back, etc? Seems silly to me.
So long story short:
- Day to Day Consumer w/o sensitive data (or a job that could cause you to be in the sights of data thieves) this is a good thing. New options which will cause other groups to try to up that bar, and overall should help increase mobile device security in the long run. Plus to the average consumer this is pretty damn secure unless someone is literally trolling for devices from that generation and literally stealing them all Pokemon style.
Executive/Government/Target etc type users:
- Depending on their level of IT savvy this could be just another way for the user to feel more secure than they are, and something new to exploit.
Anyhow... that's my thought. Move on.
OMG No way!
You know, that since it was written in the media and posted on the internet that it has to be true. Media never makes mistakes or lies...ever!!
You know, that since it was written in the media and posted on the internet that it has to be true. Media never makes mistakes or lies...ever!!
I don't think most people believe it's true, but more on the lines it asks the question of "is that a good idea in general".
I think stepping up the bar is a good idea, as every time someone steps it up another try's to steal that companies thunder and put it even higher.
I think stepping up the bar is a good idea, as every time someone steps it up another try's to steal that companies thunder and put it even higher.