Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iPhone X Face ID Again Unlocked With Mask, Even With 'Require Attention' Turned On
- Thread starter MacRumors
- Start date
- Sort by reaction score
Touch ID doesn’t work when wearing gloves or when your fingers are wet. Different Tech with different limitations.
I'm rather surprised Apple doesn't offer a true 2-factor option where you have to use face or fingerprint AND password. I guess there would be times with the biometric isn't working (swollen fingers after swimming) and you'd be locked out.
Do any Android versions/hacks support that?
Another option that would be nice for the security minded might be an NFC or other proximity token that you keep on your person that would be required in addition to pin and/or biometric. i.e. Given a YubiKey with NFC on my keychain, in my pocket I tap the phone against my pocket while holding fingerprint or immediately before raising to my face.
Do any Android versions/hacks support that?
Another option that would be nice for the security minded might be an NFC or other proximity token that you keep on your person that would be required in addition to pin and/or biometric. i.e. Given a YubiKey with NFC on my keychain, in my pocket I tap the phone against my pocket while holding fingerprint or immediately before raising to my face.
Why 2 factor? That would slow things down! I open my phone like a million times a day. IF you’re really really really really concern about security, then just use a long passcode and no other form of authentication.
Remember, with iOS, after 5 failed attempts (TouchID or FaceID), you HAVE to enter passcode. OR if you just press the POWER side button and any of the volume button at same time at ANYTIME, then you go straight to passcode (bypassing FaceID).
So, yeah, it is quite easy to have FaceID for your normal usage, and then if you’re in need to avoid FaceID, then just use the bypass (PWR + any volume button). Simple.
NFC and BT things from Android are NOT considered security measures...they are there for convenience. And that is why you canNOT use these features to buy stuff or get into banking apps. And what you’re describing requires more hardware and slows down the whole unlocking without really improving security.
FaceID is a good balance b/w security and convenience...just like TouchID before it. But like i wrote above, FaceID offers more capability not seen with other biometrics.
The thing is, you can get finger prints on iPhone's screen to fool the touch ID, where can you get the face detail to build the mask at the first place? within the time limit that password turned on automatically?
So basically you need some Mission Impossible type mask to unlock the X. The average owner of the iPhone X has no worry. I suspect all these iPhone X unlock attempts are FUD funded by Samsung/Android until they can get their own facial recogition tech perfected.
True.
No need.
Most successful spoofs are done by people/groups who've spent years demonstrating how unsafe biometrics are for truly secure situations.
The spoof techniques are rarely new, either, because the biometric methods being hacked are rarely if ever new. Often all that has changed is their size or speed.
True, but they also stated that they had Hollywood special effects people come in and try to fool it with masks and they couldn't do it, so... What gives?
I'm impressed. This Mission Impossible stuff is not a concern for me, nor the idiot who robs me or finds my lost phone.
Seems pretty darn secure.
Seems pretty darn secure.
Because these hackers tricked the registration process. FaceID would reject him if he registered his face correctly.
My concern is basically exactly what you stated attilavago85; If there is some government institution out there who wants data from someone with the phone, they'll be able to do exactly what you detailed. Granted, the more oppressive of the governments out there never had a problem with holding the persons finger on the Touch ID button, but I wonder if we'll ever see an integration of Touch ID in the display, with Face ID, and require both? Maybe build in a feature where you can force touch the display from the lock screen and it'll require a passcode be manually entered for situations of duress. I know there are plenty of people out there who are completely casual about the data security thing, and many of them are lucky enough to be afforded that luxury, at least most of the time, but there are very legitimate use cases for something like this where gross violations of rights aren't looked upon as significant by many people.
Isn't there learning being done the more that you use FaceID? So by deleting all the data, and then using the mask you really are only testing the neural net that has been conditioned 2 times during setup and then once at unlock the first time. Then you used a mask and it worked. I am not too surprised it did, the other details it could use haven't been filled in yet. This would be a lot more impressive if it worked with an X that has has FaceID in use for an amount of time, and has had the time to be properly conditioned.
Since Apple left the bar so low it opens up competitors to leapfrog them.
https://translate.google.com/transl...tp://winfuture.de/news,100794.html&edit-text=
https://translate.google.com/transl...tp://winfuture.de/news,100794.html&edit-text=
To bypass FaceID anytime...just press POWER and one of the VOLUME buttons at same time.
[doublepost=1511897442][/doublepost]
Leapfrogging Apple with a product that has not come out yet? A product that has no production date? Not even an anticipated date!! A product that is on a PowerPoint presentation?
Yeah ok...Your disgust of FaceID knows no end! LOL
All you need to do it put a (it would be) totally invisible finger print reader within the Apple logo on the back of the phone.
It would look exactly the same as it does now.
Then, you'd pick the phone up to hold it for photo ID and at the same time, the finger print would also be scanned.
Would still all happen instantly, and would really raise the security way way up.
Trying to fool both systems together would be amazing.
It would cost just a few dollars.
Or course you could then give the users the option of Just face ID, Just Touch ID, or both combined.
Then everyone would be happy AND offer vastly higher security
It would look exactly the same as it does now.
Then, you'd pick the phone up to hold it for photo ID and at the same time, the finger print would also be scanned.
Would still all happen instantly, and would really raise the security way way up.
Trying to fool both systems together would be amazing.
It would cost just a few dollars.
Or course you could then give the users the option of Just face ID, Just Touch ID, or both combined.
Then everyone would be happy AND offer vastly higher security
Did you see iFixit breakdown of iPhone X??? There is no room for anything else! Sorry, one of the thing I LOVE about X is the size. That’s why I jumped on X after owning 7+.
There is if you build it into the design
It's dirt cheap and pretty thin anyway.
https://www.iparts-4u.co.uk/iphone-...-V7rFQuUbM1FZP8va_OVqNBwovx6T5DBoCiLgQAvD_BwE
Personally for the the iPhone X is too small. I don't like it being a less wide actual screen than other/older models.
Hope to see a larger model next year.
Also make the bezels smaller around the display.
There is if you build it into the design
It's dirt cheap and pretty thin anyway.
https://www.iparts-4u.co.uk/iphone-...-V7rFQuUbM1FZP8va_OVqNBwovx6T5DBoCiLgQAvD_BwE
Personally for the the iPhone X is too small. I don't like it being a less wide actual screen than other/older models.
Hope to see a larger model next year.
Also make the bezels smaller around the display.
Ifixit back of X: https://d3nevzfk7ii3be.cloudfront.net/igi/wrkuLDdI3SBMWYSi.huge
No room.
Sounds like we’re veering into super villain territory. Where you’re forced to ask yourself... If you’re THIS good at this (generating cold, heat, flying shoes), you could probably make a lot of money NOT stealing things. Like, I’m talking LEGALLY man... So, why are you yanking my phone instead of.., I don’t know, getting set up on your universe’s version of Kickstarter or Indiegogo?
[doublepost=1511899651][/doublepost]
If there was a government institution out there that wants data from someone with the phone... (remember, we’re talking government...i.e. could make you disappear and no one would find you as they are the holders of the record and can surely make them “gone”) they wouldn’t need to do Touch ID OR Face ID. A pipe wrench will work quite nicely. Actually, for today, just tell them “I’m going to post on Facebook that you did mean things to kittens and HOLD YOU HERE SO YOU WON’T BE ABLE TO REPLY!!!” For 80 percent of the people, they’d hand over the credentials happily to keep you from besmirching their social identity. For the other 20, yeah, there’s still that pipe wrench.
How many million people did Apple test Face ID with.
Or is this Million figure a estimate based upon some statistics?
Funny isn't it.
Think about it for one moment.
What are the chances, you come up with Face ID test it, and WOW, amazingly it's accuracy is exactly 1 in 1 million.
Not 900,000 or 1,000,500 but exactly 1 million. How neat and tidy is that?
It's almost as if this number was used for neat advertising reasons
I'm sure it's just a round number. Chill.
They're 2 dimensional prints.
They're fine for print mapping, but not for creating a 3D print.
Playdoh is better suited.
so someone needs DETAILED photographs of you + a 3D printer + $200 for the materials + be in physical possession of your phone + without you knowing it .... mmmh... ok..... I feel pretty secure....