Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
More Details on How the Touch ID Fingerprint Sensor Works
- Thread starter MacRumors
- Start date
- Sort by reaction score
What are you going to use that's better than the sapphire crystal top layer they already use?
You take off your glove, and use the fingerprint reader. Simple.
Ever notice how the touchscreen on the iPhone doesn't work when you wear gloves? It was designed for use by the skin of your fingers...
All your scenarios start with you falling victim to a violent criminal, who knocks you out, drugs you, etc. Once that happens, you've lost, and it is pointless to wonder what that violent criminal could do with your phone.
As noted above current tech requires the finger to be alive. None of this stuff will work with cut off fingers or copies of finger prints.
----------
It doesn't work like that
Having worked with finger print scanners, none are foolproof.
But let me address some things first. Thieves won't likly cut fingers off. Instead, take phone and demand you unlock it and remove your fingerprint from it. Don't agree, they break something or poke you with something sharp. Repeat until you either can't move or capitulate. No need for the finger.
But let's say they take the finger. Several people said it would be no use due to temperature and pulse. Fine, anyone willing to cut someone's finger off will have no problem pealing the skin off of it after they have gotten away. Then they just place that piece of skin on their finger. Now it has a pulse and the right temperature.
Lifting a fingerprint is easy, doesn't take much and considering the whole phone is glass, they are readily available. Transferring it to a latex glove, just about as easy. Wear glove and bingo, print, pulse and temperature.
But let me address some things first. Thieves won't likly cut fingers off. Instead, take phone and demand you unlock it and remove your fingerprint from it. Don't agree, they break something or poke you with something sharp. Repeat until you either can't move or capitulate. No need for the finger.
But let's say they take the finger. Several people said it would be no use due to temperature and pulse. Fine, anyone willing to cut someone's finger off will have no problem pealing the skin off of it after they have gotten away. Then they just place that piece of skin on their finger. Now it has a pulse and the right temperature.
Lifting a fingerprint is easy, doesn't take much and considering the whole phone is glass, they are readily available. Transferring it to a latex glove, just about as easy. Wear glove and bingo, print, pulse and temperature.
Yes, which was my (unsaid) point. Just keep doing whatever you do today
There are some special gloves that allow use of the touchscreen, but obviously those won't work with the TouchID scanner. Maybe they'll be a new set of gloves with a thumb flap, lol
Makes it sound like some high end diamond heist, I vote for your first scenario as much more likely. The thief will use brute force to make you unlock the phone, did I mention that he also has your wallet, IDs and house keys btw.
No, they didn't as far as I know. I don't think this type of sensor can detect either pulse or temperature. An optical, infrared type could possibly do both. Could it be tuned/focused differently to pickup slight variations in position due to a person's pulse?
I'm also interested in this quote from the video about the sapphire "..acting as a lens to precisely focus it on your finger..". The RF is applied to the finger via the steel ring and then the variation in capacitance of the finger features are picked up by the sensor, if I understand correctly. I'm not sure where any lens/focusing is happening. It does appear to be a totally flat sapphire crystal "window", also.
That's really not my question... I'll rephrase it... Will the sensor be viewed as being the same/more security than the long password? I hate having to enter that long password and using my finger would be so much easier.
Thanks
Michael
A few good punches to the face will convince 90% of the people out there to unlock the phone for them.
But here is an instructables on how to lift a fingerprint.
http://m.instructables.com/id/Super-Glue-Fingerprint-Lifting/
As I mentioned, I have some experience with these devices; none were acceptable in terms of securing much.
But, what it may do is discourage the opportunity thief. Finds a phone at a bar, lifts it from an unwatched purse / jacket.
But here is an instructables on how to lift a fingerprint.
http://m.instructables.com/id/Super-Glue-Fingerprint-Lifting/
As I mentioned, I have some experience with these devices; none were acceptable in terms of securing much.
But, what it may do is discourage the opportunity thief. Finds a phone at a bar, lifts it from an unwatched purse / jacket.
Right now criminals can simply threaten you to give up your typed password and there you go. What they can't do with the detector is use your phone if they simply steal it or you lose it somehow. iPhone thefts may go way down.
I hope eventually banks, etc will allow the use of the detector. I would love that, the end of passwords.
The number of people here who actually like to think they are interesting to the NSA, or anyone for that matter...
I hope eventually banks, etc will allow the use of the detector. I would love that, the end of passwords.
The number of people here who actually like to think they are interesting to the NSA, or anyone for that matter...
I conceal carry a handgun so I don't see that being a problem. To the people that are not armed - smash phone on the ground, problem solved.
Jealousy is a byproduct of fear and insecurity. You can have lust and desire without jealousy, provided you are confident and secure.
Great invention for countries like Brazil. Now when you get robbed they wont take just your iPhone. They will chop your finger and take it to.
do these robbers currently take your brain out? if not how do they get around the passcode? oh that's right, the don't care if its locked because they sell it to people that can wipe it.
Don't you think this will be replicated on the iPhone?
http://www.instructables.com/id/How-To-Fool-a-Fingerprint-Security-System-As-Easy-/
Also, please read and understand this:
https://www.schneier.com/crypto-gram-9808.html#biometrics
Fingerprints are not secrets.
http://www.instructables.com/id/How-To-Fool-a-Fingerprint-Security-System-As-Easy-/
Also, please read and understand this:
https://www.schneier.com/crypto-gram-9808.html#biometrics
Fingerprints are not secrets.
There are already many examples of the NSA abusing its surveillance powers. And by plenty of others in recent history. Nixon and J. Edgar Hoover both used their spying powers against political opponents. There are so many precedents that its impossible to call it paranoia or anything but inevitable.
The answer to your question has been fielded earlier in this thread. Suffice to say, there are numerous ways to replicate fingerprints with materials that are indistinguishable to a sensor.
Alternatively, one would not even need a fake finger: get a home button/sensor, hook it up to a $200 oscilloscope and decode the communication channel to determine how the fingerprint image/data is represented, construct a signal with a $5 microcontroller which represents the fingerprint of the phone's owner (pulled from a glass or perhaps from the phone itself), and send it to the phone.
In the case the channel is encrypted (which is unclear; the keynote said only that it's stored encrypted), there is always a point closer to the actual sensors which is not encrypted, so work from there.
I'm dubious of the sensor being 3D, as stated previously in this thread. Taking a gander at patents and reading press articles, it seems the sensor is 500 pixels per sq inch-- going by the size of my IPhone 5's button, that'd be something like 16x16 pixles. Using multiple sampling methods for enhancement, perhaps that's 64x64 effective pixles. I suppose some 3D information could be extracted from the capacitive sensors by using various frequencies which have different penetration depths in skin, or otherwise respond to different types of tissue. However, the amount of data coming from so few sensors is small, and even more so when you factor in noise and unideal fingers/environments. Either way, no matter how tricky the sensor is, people can be trickier. Biometrics are not suitable for primary authentication.
Last edited: