Apple Offers Additional Details on Touch ID, iPhone 5s Won't Store Fingerprint Images

[kdarling]

But really, the thing is, is that if someone is willing to mutilate your body to get into your phone, it'd be faster, easier, and less messy for them to just put a gun to your head and have you unlock it on the spot.

I think you're right. For that matter, just make them put their finger on the Home button and unlock it.

Someone else here had a great idea, btw... let the user designate a finger that means you DID NOT want to unlock it; that you were in trouble. If you use it, the phone should open a fake homescreen and invisibly signal the police.

 

[topper24hours]

I think its now common knowledge they were cooperating quite agreeably with the "agencies" What the hell are you talking about when you say they would not risk loosing customer base?

The whole point is to be forward thinking and looking at all the nefarious ways that such biometric data could be collected and then used. Even if "forced" surreptitiously by government.

Both Apple & Google have been very forthcoming about what types of requests they are forced to comply with. As they are forced to comply, they don't have to worry about backlash against them, only the us government... as they have no choice in the matter.
You are proposing something QUITE different. Apparently, you believe that Apple has completely fabricated a story about how the tech works.. how the fingerprint data is stored... what it is used for, etc. this is the OPPOSITE of complying with you MUST legally.. this is instead, breaking a myriad of laws & inviting immense legal damages by both lying to customers & stealing private personal data at ZERO gain. If you choose to believe something so silly.. fine. But I will NOT be following your unsubstantiated ridiculous drivel.

 

[Paulio]

If someone really wanted your fingerprint, wouldn't they just take a sample from your phones screen?
At the end of the day paranoia will kill the modern world, breathe easy guys.

 

[vastoholic]

Ex NASA employee with top secret clearance here.

Apparently I'm the only one of us who's had their entire life scrubbed that still understands the difference between background checks for security clearance and possible continuous data and location logging that are tied to a piece of biometric data.

Please stop with this "the government already has my fingerprint" nonsense. It's not about them simply having that one piece of data. It's about the possibility of them tying that absolute unique piece of data to every activity you undertake on your device. After that who knows what the possibilities are.

If they want to waste their time and efforts tracking MY every movement and activity, then please do so. They will be bored to death. If they really wanted to know what I was doing on my device, they don't need the fingerprint scanner to do so. They can do a whole hell of a lot with just a "dumb" phone. I know what they could be/are doing with digital life, but I'm not going to curtail my habits just to try and stay off their radar. I would have to go live in the woods somewhere with no electricity/internet/cell service/etc to be able to avoid them completely.

Are you saying that you don't care about every phone call you make being recorded, and every email or text you send is being saved, and every web site you visit is being logged, and everywhere you drive your car it is photographed and stored with the time and location, which is correlated using the GPS in your phone and also in your car? Are you saying you don't care that every purchase you make is logged?

And all this is being done not because you are important, but despite the fact that you are not important.

As stated above, they don't need me to even be on a smartphone to be able to do any of this. I do care, but it's not like I can stop them. The people we did it to overseas sure as hell couldn't stop us. How did you even get on that tangent from the fingerprint scanner?

 

[nascimento]

If someone really wanted your fingerprint, wouldn't they just take a sample from your phones screen?
At the end of the day paranoia will kill the modern world, breathe easy guys.

Its not paranoia that will kill the modern world.

Complacency, slackness and indifference will

----------

Both Apple & Google have been very forthcoming about what types of requests they are forced to comply with. As they are forced to comply, they don't have to worry about backlash against them, only the us government... as they have no choice in the matter.
You are proposing something QUITE different. Apparently, you believe that Apple has completely fabricated a story about how the tech works.. how the fingerprint data is stored... what it is used for, etc. this is the OPPOSITE of complying with you MUST legally.. this is instead, breaking a myriad of laws & inviting immense legal damages by both lying to customers & stealing private personal data at ZERO gain. If you choose to believe something so silly.. fine. But I will NOT be following your unsubstantiated ridiculous drivel.

Pleaseeee...!

----------

Or, you can just accept the fact that privacy and anonymity have never been anything but illusions.

Or, how about, maybe you shouldn't?

 

[Switchback666]

Its not paranoia that will kill the modern world.

Complacency, slackness and indifference will

THIS! A group of people taking advantage of the world, the old ones just dont care and the young people (the future...) are busy with hollywood, "reality" shows and pop music.

 

[saha-med]

The fingerprint sensor would be faster if u are retrieving the phone from ur pocket or bag. My iphone rests upside down in my pocket, hence my thumb is already on the home button when i put my hand in to retrieve it. Just that now by the time i look at my phone, my phone is already unlocked due to fingerprint recognition along the way.

 

[jonplackett]

I'd be more worried but...

... I have visited the USA in the last 10 years, and they took an entire hand print, of both my hands, when I entered the country.

I'm thinking the 'keeping finger prints secret from the NSA' ship sailed a LOOOONG time ago.

 

[mdlooker]

I think this fingerprint issue is a mute point. This is a new technology that will continue from this phone forward.

 

[Battlefield Fan]

not bad for what appears to be messing around on his phone all day?

Ha! No kidding!

 

[munakib]

Ex NASA employee with top secret clearance here.

Apparently I'm the only one of us who's had their entire life scrubbed that still understands the difference between background checks for security clearance and possible continuous data and location logging that are tied to a piece of biometric data.

Please stop with this "the government already has my fingerprint" nonsense. It's not about them simply having that one piece of data. It's about the possibility of them tying that absolute unique piece of data to every activity you undertake on your device. After that who knows what the possibilities are.

I think this is being a massive apple fanboy forum, most did not clearly get your message. If I can understand from your post, by giving a fingerprint approval on everything - it basically puts you in a situation where the government can confirm everything you do as it can see you have confirmed it with your fingerprint approval. The phone itself can be used against you. I am not a paranoid, the gov. is after me crazy type guy (as I dont have anything to hide), but I would want to know if I was being followed without my knowledge.

hmm, seriously something to think about.

 

[otismotive77]

I highly doubt that someone could lift off your fingerprints and then use it to fool the TOUCH ID into giving them access past the fingerprint sensor. Shortly we will see a bunch of videos where people will show their attempts at fooling the TOUCH ID system.

yeah, just waiting for the launch...

 

[iSunrise]

If someone really wanted your fingerprint, wouldn't they just take a sample from your phones screen?
At the end of the day paranoia will kill the modern world, breathe easy guys.

The point everybody is speaking of is to get your print remotely, without having to deal with the old methods ever again. Apple wants a feature that's useful, the government kindly agrees. The new M7 can record any activity, it even knows when you park your car. The government doesn't need any tracking hardware anymore, welcome to the new world, where everyone kindly agrees to be tracked, even when told not to.

You're right about the paranoia part. It's not without reason, though.

 

[keatth]

The point isn't about them not storing your fingerprint on their servers or iCloud. It has already been disclosed that the NSA works with companies and builds backdoors to access the type of information kept on you, even the hidden, encrypted kind. And even if your fingerprint isn't stored or whatever, that isn't the point. It's the fact that they are trying to condition us to use it, to make us think its okay, because believe me, in the future they will be storing your fingerprint.

 

[h4ck]

another concern is the inability to plead the 5th. with a passcode, the government can't "force" you to remember a password and enter it to give access to something. much like you can't be forced to decrypt a drive, etc.

 

[riffcat]

another concern is the inability to plead the 5th. with a passcode, the government can't "force" you to remember a password and enter it to give access to something. much like you can't be forced to decrypt a drive, etc.

Exactly, in the situation your phone is confiscated as evidence and it is secured with a finger print I find it more likely you could be forced to unlock your device. Where with a passcode you could simply say, "I don't know it."

While a finger print unlock maybe "more convenient" in some situations it is not "more secure".

 

[MacDav]

For those who don't understand cryptographic one-way hashes, they cannot be reversed to produce the original data without a dictionary attack. A dictionary attack in this case would require a collection of actual human fingers or replicas of them to run through Apple's Touch ID to see which cryptographic hashes match the one stored on the device.

Also note, that their is a really really really small chance that two fingerprints will generate the same cryptographic hash. Cryptographic hashes by their very nature have LESS data than the source data for which they are hash. This means that the if the source data has potentially quadrillions of combinations that there may be only billions of values that they hash to (a one to many mapping of hashes to source data). More likely scenario is that your fingerprint hashes to the same value as a fingerprint that does not currently exist on the planet today and may never exist.

Think of a large 500-page book as a just a collection of letters, numbers, spaces, and punctation. You could pound on the keyboard and produce a book of random text or you could carefully craft an actual readable book. The hash reduces the book to a hash of say 500 characters which is generated in such a way that even changing a single letter in the book or the capitalization of a single letter produces an entirely different hash (cryptographic hash algorithms magnify any change to cyclically change other parts). Obviously, there is no way you could take 500 characters of data and regenerate the 500-page book (that would be the most amazing lossless-compression algorithm in the world, but also mathematically impossible). Because of this you cannot reverse it. You could however, run a hash on all books known to man to find the one that matches the same value (a dictionary attack). Finally, there is a possibility that two carefully crafted books hash to the same value, but it is far more likely that a book's hash would match some of the billions of permutations of random letters , numbers, spaces, and symbols that have never been bound into a book.

It is the same for fingerprint data. Your actual fingerprint could only be determined if somebody already had a replica of your finger in a database and could make Apple's Touch ID sensor generate the same hash from it. The worst somebody could do is break into your phone or prove that a phone did indeed belong to you. What's more, the odds of somebody else's fingerprint matching yours is like two monkeys pounding out the exact same content on a keyboard after an hour of bashing away at it. Either way, there is no chance of your fingerprint being cloned and used in other places to impersonate your presence.

Thank You...A calm voice of reason in a cacophony of paranoia.

 

[Ironclaw27]

love this, I have an annoying number and alphabet password and have to flick between the keyboards, this will make buying apps and music so much easier!

 

[kdarling]

Its 2 very different things. Google sees you as a product. They might be passing your details to anybody.

Likewise, Apple sees us as a product for iAds. But neither company passes details unnecessarily. (E.g if you buy or register something, then certain details are obviously needed to complete the transaction.)

The NSA is concerned with security threats. I don't see them selling your private info to a website in China for money...

Google doesn't sell private info to China, nor to anyone else.

Both Apple and Google only sell anonymous targeted ad slots. In other words, a company will pay them to display their ads to a certain demographic, and Apple/Google do that without giving away any info to that company.

Targeted slots are valuable. That's why both companies do their best to keep their collected info secret.

Now, both companies do give out or sell aggregated information, such as the number of users of a certain age in a certain region. For example:

"We also collect non-personal information − data in a form that does not permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose."
...
"Aggregated data is considered non-personal information for the purposes of this Privacy Policy."

- Apple Privacy Policy

 

[MattInOz]

I think this is being a massive apple fanboy forum, most did not clearly get your message. If I can understand from your post, by giving a fingerprint approval on everything - it basically puts you in a situation where the government can confirm everything you do as it can see you have confirmed it with your fingerprint approval. The phone itself can be used against you. I am not a paranoid, the gov. is after me crazy type guy (as I dont have anything to hide), but I would want to know if I was being followed without my knowledge.

hmm, seriously something to think about.

Well yes but doesn't the same apply to a passcode. By unlocking the phone to do something I'm connecting myself to those events. Except I could give the passcode to a person I trust creating a first level of doubt.

The finger print sensor can learn multiple prints. Who said they all had to be mine?
Next question does apple have any value logging method of unlock?
If no then you are no more tied to the actions on the device than you are with a passcode.

 

[Mago]

I review some actual Performance Scores of GeekBench (multi-platform benchmark), and I saw this:

iPhone 5: ~1560 pts
Galaxy S4 (SnapDragon 600): ~3000 pts.

Asume the iPhone 5S really performs Twice Fast as the iPhone 5, it GeekBench (especulative) must be about 3200 pts Max, a bit faster than the S4, but not as faster as the Note 3 Snapdragon 800 (above 4100pts - ArsTechnica), by first time an iPhone doesnt lead any performance benchmark, I hope the A7X on the new iPad can do...

Sad, iPhone 5sad, I'm selling my Apple Stocks too...

 

[bnnentertainmen]

no, apple wont store the fingerprints, the NSA would

 

[Rogifan]

I review some actual Performance Scores of GeekBench (multi-platform benchmark), and I saw this:

iPhone 5: ~1560 pts
Galaxy S4 (SnapDragon 600): ~3000 pts.

Asume the iPhone 5S really performs Twice Fast as the iPhone 5, it GeekBench (especulative) must be about 3200 pts Max, a bit faster than the S4, but not as faster as the Note 3 Snapdragon 800 (above 4100pts - ArsTechnica), by first time an iPhone doesnt lead any performance benchmark, I hope the A7X on the new iPad can do...

Sad, iPhone 5sad, I'm selling my Apple Stocks too...

Who cares about geekbench scores besides nerdy tech geeks? At the end of the day it's about performance. As long as my phone does what I want it to with no performance lags I could give a crap less what geekbench score it gets.

Then there's this: http://forums.androidcentral.com/samsung-galaxy-s4/301349-samsung-cheats-benchmarks.html

 

[Mago]

Who cares about geekbench scores besides nerdy tech geeks? At the end of the day it's about performance. As long as my phone does what I want it to with no performance lags I could give a crap less what geekbench score it gets.

Then there's this: http://forums.androidcentral.com/samsung-galaxy-s4/301349-samsung-cheats-benchmarks.html

BTW Still far Away the Note 3s performance (not to mention functionality/value for each $ Samsung its selling a lot more).

 

[juanmanas]

I review some actual Performance Scores of GeekBench (multi-platform benchmark), and I saw this:

iPhone 5: ~1560 pts
Galaxy S4 (SnapDragon 600): ~3000 pts.

Asume the iPhone 5S really performs Twice Fast as the iPhone 5, it GeekBench (especulative) must be about 3200 pts Max, a bit faster than the S4, but not as faster as the Note 3 Snapdragon 800 (above 4100pts - ArsTechnica), by first time an iPhone doesnt lead any performance benchmark, I hope the A7X on the new iPad can do...

Sad, iPhone 5sad, I'm selling my Apple Stocks too...

Your ignorance about technology is supreme...