iOS 15 Includes Improved Face ID Anti-Spoofing Models and Other Vulnerability Fixes

[klunernet]

I don't think that's accurate. Apple last issued a security update for Mojave on July 21st. Since then, Apple has patched security holes in Catalina and Big Sur (just last week, on the 13th) but not in Mojave.

If you're still running Mojave, you have active/open/known security holes that unfortunately have not and almost certainly will not be addressed. For better and worse, to maintain a secure system, you have to upgrade to at least 10.15.

It is not a given that a security hole in big sur also exists in mojave. The newer OS’s contain support for newer devices and use different and newer libs.

what you state is not impossible, but it’s far from a given. And mostly the people who investigate such holes (namely: those who would abuse them and those who report them) would quickly discover such mistakes.

it is not also uncommon to fix in newer versions, but merely mitigate in older ones, which they could do through gatekeeper.

 

[subi257]

I don't think that's accurate. Apple last issued a security update for Mojave on July 21st. Since then, Apple has patched security holes in Catalina and Big Sur (just last week, on the 13th) but not in Mojave.

If you're still running Mojave, you have active/open/known security holes that unfortunately have not and almost certainly will not be addressed. For better and worse, to maintain a secure system, you have to upgrade to at least 10.15.

No dice on this computer.....MacPro 5,1 Running Mojave (not going to get into all that DOSDude stuff..not my cup of tea).....have a 6, sitting ready to switch over.

 

[popdan]

add god damm touch ID and have two security levels.

 

[svish]

Making FaceID more secure is a good move

 

[dysamoria]

you rather have your finger cut off?

No. But I would rather have the convenience of TouchID. Especially since I’m still wearing masks inside businesses, and I don’t necessarily want to look right at, or aim my phone right at my dark-adjusted eyes in the middle of the night just to do a quick task that requires unlocking.

 

[amartinez1660]

Thanks to all here keeping the made up lies or forced negative comments in check!

They always continue to realize security updates...for years afterwards.

Indeed, my iPad Air (the very first one) still receives iOS 12 updates. It’s from 2013, so 8 years old, it works fine and dandy, it’s not on a trash can “creating e-waste because of planned obsolescence” like the whole internet seems to imply. I have in fact never thrown away any device, still have an iMac 2013 and an MacBook Pro 2014 15”.

Not true. That's exactly what "Require Attention for Face ID" is for, and it's on by default. You need to have your eyes open and actively looking at the screen. If you're looking away, it won't unlock. It's not totally impossible but makes it harder for people to pull that off. But if you're so concerned about that, you can temporarily disable Face ID by holding the power and volume down buttons for a few seconds.

Spot on. Also the “place a picture of the user to unlock” hacks are the very cheap mock executions just to have it on the feature list in the back of the box. This is more the real deal.

The phone actually has tons of stuff regarding user attention, picking up the phone wakes the screen up, if there’s a call ring and you look at it realizes that you have caught it and it will stop the loud noise, same with timers, etc. who knows what else that is taken for granted.