Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iPhone X Face ID Again Unlocked With Mask, Even With 'Require Attention' Turned On
- Thread starter MacRumors
- Start date
- Sort by reaction score
Again TouchID is much easier to fake: cathing someone sleeping, or grabing their print off a glass. You my friend can keep your Touch ID, and take mine too.
Quite obviously FaceId can be unlocked with a mask - if you set it up using a mask, instead of using your face. And that's essentially what these guys are doing. In real life, it would be quite difficult to create a 3D mask without knowledge and permission of the user. No chance to unlock the phone unless the owner of the phone unlocks it for you whenever the unlocking fails.
Incorrect, the 1:1,000,000 ratio is referring to other people unlocking the phone, not an exact replica of the persons face.
I guess it depends on how much effort you want to go to in order to try to fool your own phone. For example I wonder what the actual process of "recognising" the mask involved. I suspect that the initial learning process would have to be carefully fine-tuned, as it was with the child and his mother who could fool the X if she initially set it up under poor lighting conditions, and didn't give it time to continue to refine its recognition of her face. Similarly I wonder if the mask could fool a phone that has been in use for a week or two.
But if this is about stealing my iPhone X, I suspect that the time and trouble involved would be greater than simply going out and buying one. If it is about trying to steal my "identity" there have to be any number of simpler ways. Really this is one of those silly curiosities that the anti-Apple brigade will make a terrible fuss about while the rest of us go on buying and using the gear with considerable pleasure and satisfaction. And in greater security than if we had bought the competition.
Total misunderstanding of the claim and of statistics in general. There is a 1 in 1,000,000 chance that a random person will be able to unlock your iPhone with Face ID set up for your face; this situation doesn’t apply at all.
I would like to see Apple respond to this, although I’m not at all concerned for my security. These people had total access to the phone and the face they were trying to spoof, and unlimited time. They’re also rather hyperbolic about the security of Touch ID: someone can easily get a fingerprint from a photograph just like a “face print.”
Hmmm, maybe try it after three weeks of continuous learning from your face and then use the mask. From what I understand, faceID is a learning process and each unlock teaches it more about your face. I would hope that after three weeks, it was adept enough at knowing your face that the mask wouldn’t work. At the same time, if you have to go through all this to get into a phone...you are really dedicated.
Actually it’s 5 failed attempts. I’m like 95% sure that Apple originally said it locked after 2 fails but they must have changed it after the keynote.
Because of the obvious vulnerabilities of FaceID, Apple is now working on SoulID. The problems with it can be easily anticipated.
Did you know that TouchID was spoofed in 2-3 days if not sooner? Did you know that it is actually QUITE EASY to spoof TouchID? In fact, it is FAR EASIER to spoof TouchID. Google it...Youtube it.
yeah, because TouchID is soooo hard to spoof??!! Youtube it/Google it. TouchID can be spoofed rather quickly and easily!
Yup.
Actually quicker than 9 hours for TouchID.
For those loving fingerprint readers...READ this: http://fortune.com/2016/02/24/fingerprint-spoofing-easy/
As usual. They are missing the point. Let’s see them unlock a phone in 5 attempts given a phone and some photos of the person.
I’m going to gamble these guys had over 100 failed unlocks before this worked
I’m going to gamble these guys had over 100 failed unlocks before this worked
Seriously, the more we keep writing about Face ID failing in crazy-specific, well-funded, obviously targeted instances, the more people are going to think that they should care. What sense does it really make to keep reporting every time somebody successfully "fools" Face ID after weeks of trying?
My $0.02, while I've got your ear: Face ID works amazingly well in my experience.
My $0.02, while I've got your ear: Face ID works amazingly well in my experience.
If this were true, Bkav would have contacted Apple and made a deal to fly out to Cupertino, make a mask of a registered user on one of their iPhone Xs and walked away with Apple's biggest bug bounty ever paid along with all expenses incurred by Bkav for the trip.
Only a liar and/or idiot wouldn't have done this.
Only a liar and/or idiot wouldn't have done this.
If you are worried about someone creating a mask to copy your face to break into your phone, you have bigger problems.
Why aren’t you banned yet?
Never heard people saying it was outdated 4 yeas ago when Apple should have had full screen by then.
All these posts making excuses are missing the point. It doesn’t matter if you care about security or one off scenarios where a fingerprint just happens to be easily accessible. If Apple is touting Face ID as more secure and it’s in fact not, then there’s a problem.
Bkav researchers said that making 3D model is very simple. A person can be secretly taken photos in just a few seconds when entering a room containing a pre-setup system of cameras located at different angles. Then, the photos will be processed by algorithms to make a 3D object.
It can be said that, until now, Fingerprint is still the most secure biometric technology. Collecting a fingerprint is much harder than taking photos from a distance.
Anyone with the Mission Impossible team on their case needs to have their iPhoneX well insured and none of their secret information on it. For the rest of us, face recognition is GREAT! And clearly extremely secure if you have to go to these sorts of lengths to fool it.
I am also questioning HOW this guy scan his face...he did it very deliberately. He seemingly scan his forehead more than making his face rotate around. And then look at the way he held his arm to position the phone...so tightly and in very specific angle.
[doublepost=1511825310][/doublepost]
It is more secure than TouchID.
If you have people chasing after you for information that is stored on your phone, and they have the means to replicate your face like this to absolutely get this said information on your phone.
You probably shouldn't put it in your iPhone X with facial recognition lmao
You probably shouldn't put it in your iPhone X with facial recognition lmao
I am happy with my phone with zero locking. I don’t work for any high level intelligence organisations, I have never lost my phone, Face ID or Touch ID or PIN code are absolutely fine for me. Convenience of Face ID is 100% good for me. If someone makes a mask of my face with such likeness, I would be far more concerned about other things besides getting into my phone.
