Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Bypassing iPhone Fingerprint Reader

Status
Not open for further replies.
What if... the Touch ID sensor secretly scans your fingerprint and sends it to Apple? o_O

Either you trust Apple to do the right thing, or you do not. Apple says that they do not store a fingerprint, but a mathematical abstraction of data points instead, which are then encrypted (probably using the hard-coded key) and stored by the Secure Enclave/Element, which never gives this data away and has its own protection. Even if someone were able to extract the encrypted abstraction from the Secure Enclave/Element and were able to decrypt it, it would still be utterly useless. There is a difference between possibility and probability.
 
I'm gonna say it could be a little easier to hack your passcode than reverse engineer data points for dubious purposes?

Also, OP. Where else do you use fingerprints and why do you think those may be safer points of use?

And lastly? Are you asking your IP address right now? Let me know.
 
Nothing wrong with being cautious. I have a friend that doesn't use TouchID.

With that said in iOS 10 she finds it to be a pain to unlock her phone without swipe to unlock. Just requires an additional click.

Like others have mentioned TouchID is storing data points of your fingerprint. Hashing occurs so these points can't be made back into your fingerprint and then used for nefarious things or whatever.

However if you are skeptical of it you are not required to use TouchID to use an iPhone.

My opinion on it. If you are skeptical even once you understand how it works and how the hash data is used then you might as well be skeptical of even having an iPhone (or any smartphone for that matter) altogether. Because what if you have TouchID turned off and it records your fingerprint anyway?! GASP!! It of course sends those fingerprints to me which I plant around crime scenes and on guns and such...
 
  • Like
Reactions: lordofthereef
Use your pinky finger on your iPhone and your index finger for everything else like your Swiss bank account
 
Respectfully, why is there still a back and forth here and why is the OP coming back to retort? the question was almost immediately answered... and then answered repeatedly after that. And here we are.
 
  • Like
Reactions: C DM
lordofthereef said:
Respectfully, why is there still a back and forth here and why is the OP coming back to retort? the question was almost immediately answered... and then answered repeatedly after that. And here we are.
Click to expand...
I was just about to post the same thing--seems like everything has been addressed already, and more than once, and yet things just keep on going around in the same circles over and over.
 
Honestly, at this level of concern, you should not be using a computer, much less a cell phone. I am not exaggerating. If you value privacy and anonymity that much, you should already understand that your ability to protect both with any form of electronic access and communication is very limited.
 
KALLT said:
What if... the Touch ID sensor secretly scans your fingerprint and sends it to Apple? o_O

Either you trust Apple to do the right thing, or you do not. Apple says that they do not store a fingerprint, but a mathematical abstraction of data points instead, which are then encrypted (probably using the hard-coded key) and stored by the Secure Enclave/Element, which never gives this data away and has its own protection. Even if someone were able to extract the encrypted abstraction from the Secure Enclave/Element and were able to decrypt it, it would still be utterly useless. There is a difference between possibility and probability.
Click to expand...

All valid points, but nowhere near as safe as if I opt-out, which apparently I can.
[doublepost=1475810253][/doublepost]
Steve686 said:
I'm gonna say it could be a little easier to hack your passcode than reverse engineer data points for dubious purposes?

Also, OP. Where else do you use fingerprints and why do you think those may be safer points of use?

And lastly? Are you asking your IP address right now? Let me know.
Click to expand...

The only place my fingerprints exist is in place like the signature card at my bank. (And the FBI probably has them from Selective Service or somewhere.)

Your grammar is off on that last question...

Am I aware of my IP address right now? Yes I am.
[doublepost=1475810441][/doublepost]
cynics said:
Nothing wrong with being cautious. I have a friend that doesn't use TouchID.
Click to expand...

I thought you were being sincere until I read the rest of your post.


cynics said:
Like others have mentioned TouchID is storing data points of your fingerprint. Hashing occurs so these points can't be made back into your fingerprint and then used for nefarious things or whatever.
Click to expand...

I got that a million times ago.


cynics said:
However if you are skeptical of it you are not required to use TouchID to use an iPhone.

My opinion on it. If you are skeptical even once you understand how it works and how the hash data is used then you might as well be skeptical of even having an iPhone (or any smartphone for that matter) altogether. Because what if you have TouchID turned off and it records your fingerprint anyway?! GASP!! It of course sends those fingerprints to me which I plant around crime scenes and on guns and such...
Click to expand...

No need to be a wise guy. Anything is possible. Why do so many of you struggle to respect my views?
[doublepost=1475810613][/doublepost]
lordofthereef said:
Respectfully, why is there still a back and forth here and why is the OP coming back to retort? the question was almost immediately answered... and then answered repeatedly after that. And here we are.
Click to expand...

Because I don't appreciate it when others insult me and my views on something. Clearly most of you aren't cut out to be in the privacy and security business, because you make it sound like everything is safe. There also seems to be a "My way or the highway mentality on this topic."

Look, I don't need or want to use the TouchID, and since I am not required to use that feature on the iPhone 6s Plus, then why does that make me crazy?
 
  • Like
Reactions: VesselA
Texas_Toast said:
All valid points, but nowhere near as safe as if I opt-out, which apparently I can.
[doublepost=1475810253][/doublepost]

The only place my fingerprints exist is in place like the signature card at my bank. (And the FBI probably has them from Selective Service or somewhere.)

Your grammar is off on that last question...

Am I aware of my IP address right now? Yes I am.
[doublepost=1475810441][/doublepost]

I thought you were being sincere until I read the rest of your post.




I got that a million times ago.




No need to be a wise guy. Anything is possible. Why do so many of you struggle to respect my views?
[doublepost=1475810613][/doublepost]

Because I don't appreciate it when others insult me and my views on something. Clearly most of you aren't cut out to be in the privacy and security business, because you make it sound like everything is safe. There also seems to be a "My way or the highway mentality on this topic."

Look, I don't need or want to use the TouchID, and since I am not required to use that feature on the iPhone 6s Plus, then why does that make me crazy?
Click to expand...
The simplest way to go about it all would have likely been to simply omit the first part of the OP and simply ask about not using TouchID (without the reasoning or anything like that).
 
C DM said:
The simplest way to go about it all would have likely been to simply omit the first part of the OP and simply ask about not using TouchID (without the reasoning or anything like that).
Click to expand...
Or you know... google it haha
 
flyinmac said:
Lol. Go ahead and prove it. We're waiting. By your comment, I'll count you in the "anyone" category.

So, give it your best shot.
Click to expand...

i'm not going to get banned from this site by posting your address, nor do I care about putting in the effort to. you're not worth my time, son. also, i'll just ignore you. cya
 
Last edited:
I like how everyone wants to laugh at this guy, his reasons are his reasons. Also, it's possible for a court to compel you to use your fingerprint ID as it's not protected like a simple passcode is when that alone is used. With all the crap being exposed about our government, people are going to make a joke about it? Does he probably have anything to worry about? No. Leave the man be.
 
  • Like
Reactions: Ambrosia7177
Texas_Toast said:
Hardly.
Click to expand...

Exactly... he was just shooting of his mouth with nothing to back it up. If anyone can do it, then that means he can do it. Obviously he can't. So he's exposed as just being someone who's mouth runs without any credentials to back up his own statements.

Granted some can do it, but obviously not "anyone".
 
iphone1105 said:
shouldn't be nervous about TouchID, besides the Government already has all it wants on you anyway, they can care less about your prints, they probably already have them.
Click to expand...

Why do you say that the Government still cares about his prints if they already have all it wants on him?
 
Texas_Toast said:
All valid points, but nowhere near as safe as if I opt-out, which apparently I can.
[doublepost=1475810253][/doublepost]

The only place my fingerprints exist is in place like the signature card at my bank. (And the FBI probably has them from Selective Service or somewhere.)

Your grammar is off on that last question...

Am I aware of my IP address right now? Yes I am.
[doublepost=1475810441][/doublepost]

I thought you were being sincere until I read the rest of your post.




I got that a million times ago.




No need to be a wise guy. Anything is possible. Why do so many of you struggle to respect my views?
[doublepost=1475810613][/doublepost]

Because I don't appreciate it when others insult me and my views on something. Clearly most of you aren't cut out to be in the privacy and security business, because you make it sound like everything is safe. There also seems to be a "My way or the highway mentality on this topic."

Look, I don't need or want to use the TouchID, and since I am not required to use that feature on the iPhone 6s Plus, then why does that make me crazy?
Click to expand...
If you feel the need to respond every time someone takes a jab st you on s forum you're in for the long haul. Best of luck.
 
  • Like
Reactions: Hal~9000 and Gathomblipoob
Givmeabrek said:
Nervous? You think someone can copy your fingerprints on a Xerox machine and use it to access your iPhone? Or maybe cut off your thumb to get to your phone? You have been watching too many movies. :)
Click to expand...

Police forcing your figner on the reader vs having to get you to reveal your password. I got my fingerprints scanned entering the US, they could easily open the phone using those.
 
  • Like
Reactions: Ambrosia7177
Status
Not open for further replies.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back