Privacy is nothing but a myth. It doesn't matter whether it's collected via ones fingerprint or others means. Apple does a great job of getting its users to believe they're safe with Apple. What I find amusing is that some Apple users actually believe that. Uninformed and in denial they simplify their life that way.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Senator Sends Letter to Tim Cook Over Touch ID Privacy Concerns
- Thread starter MacRumors
- Start date
- Sort by reaction score
Privacy is nothing but a myth. It doesn't matter whether it's collected via ones fingerprint or others means. Apple does a great job of getting its users to believe they're safe with Apple. What I find amusing is that some Apple users actually believe that. Uninformed and in denial they simplify their life that way.
This forum needs the Smilie for banging your head against the wall!
When you go to Starbucks and pitch that cup in the trash, be sure to wipe it down before doing so, just to make sure nobody comes along and digs it out of the trash to lift your prints!
Tinfoil hats are on aisle 10.
Mark
I understand what you're saying. And this is a standard argument. They can get your prints if they want to. But a way to gather millions of people's prints automatically is a lot easier than sending 1 person into each Starbucks to collect and fingerprint coffee cups.
Come on, now. I'm not saying there is necessarily anything nefarious going on. But to just blindly accept what these companies and the government tells you is just showing naïveté.
But hey. We live in this great country and are afforded the rights to different opinions and I respect yours.
Nah, Franken is stupid for a lot of other reasons.
He's got a pretty mixed record if you ask me. On one hand, he was the guy who brought Google and Apple to task over saving user telemetry data to their various smartphones, and making it easily accessable by anyone with a little knowhow.
On the other, he was one of the senators who thought SOPA/PIPA was a great enough idea to vote yea on.
I'm not gonna say the guy's dumb automatically, just that he's not always right.
LOL yep. No concerns over HP's laptops that had it.
But they are fair questions for the casual observer even though the techie in us understand many are irrelevant. This is a chance for apple to get some good press answering back.
Errr.... I was just browsing, saw your comment, you asked for an example and I threw it in. You strike me as just being as a angry nutter trolling the boards for a fight. IS THAT ALL YOU GOT? BRING IT ON! C'MON - LET'S BE 'AVING YOU! HULK MAD! HULK SMASH!
Way to go with the ad hominem. I guess in your mind, a comedian can't ever say anything important.
(And for the record I don't agree with Franken on a number of issues, but for substantive reasons, not because he used to make jokes on TV.)
Blablablabla, there have been laptops with fingerprint reader already 10 years ago, where was Mr. Senator than?
Use your toes and don't tell them.
Tell them its not your phone, you found it on the street.
That is rather chilling, because that has further implications with any phone that uses touch technology, let alone the issue that has been brought up since the Patriot Act went into law in the early 2000s. It isn't just fingerprint info. That goes back to passcode, swipe, password, etc. In short, 4th Amendment issues which should make this part of that at unconstitutional. I'm surprised no-one has had the gonads to challenge it in court yet.
Umm.. remember those that were taken when you were born? Those that the police have when they take them for you at elementary school, so they can identify you should something happen? Parts of the government already have those.
This I'd like to see as well.. the issue is: who owns the data being taken from it? If a court rules that the consumer owns it, they need to have access to it to do with it as they see fit. If they don't own it, expect lawsuits to fly.
BL.
Ahhh, no. You said that Google "continues" and has "blatant" disregard for privacy. I ask for an example. You cited an article that pretty much says what everyone knows about GMail from the day it launch. Now if it was revealed that Gmail scans your emails and NOBODY knew that was happening from the start, then, you would have something. Your cited article isn't what I would call "blatant". Stop being a sheep.
If I was tasked with implementing a technology like Touch ID, the absolute last thing I would do would be to store fingerprint images anywhere.
Why? Because it's a security vulnerability that could somehow be circumvented, and there is absolutely no need to do it, so why expose yourself to that potential vulnerability.
A similar situation holds true if you are developing a website where users are asked to login with a password (MacRumours, for example). There is absolutely no need to store passwords permanently in a database because you can – in layman's terms – store a signature of a password instead. It is mathematically impossible to reconstruct a password from a password signature, and it is highly improbable that two differing passwords would produce the same signature. Sites that take password security seriously never ever need to obtain a user's password from a database; all that the site needs to do is ensure that the cryptographic signature calculated when a user logs in matches the cryptographic signature that is stored against the user's account.
By implementing security in this way, it is impossible for a hacker to obtain passwords from a database, even if he manages to hack into the database.
Note that some dumb websites that get hacked from time to time do not use password hashes or encrypted password signatures. Amateur operations.
If I were developing Touch ID, I'd do it exactly the way that Apple have themselves described it: When a user's fingerprint is being registered, compute a cryptographic hash that represents the fingerprint, and store the hash in a secure area. When the user subsequently signs in using his fingerprint, compute the hash and see that it matches the stored hash. It is trivially simple to design a hash that cannot possibly be used to reconstruct the original fingerprint.
Why? Because it's a security vulnerability that could somehow be circumvented, and there is absolutely no need to do it, so why expose yourself to that potential vulnerability.
A similar situation holds true if you are developing a website where users are asked to login with a password (MacRumours, for example). There is absolutely no need to store passwords permanently in a database because you can – in layman's terms – store a signature of a password instead. It is mathematically impossible to reconstruct a password from a password signature, and it is highly improbable that two differing passwords would produce the same signature. Sites that take password security seriously never ever need to obtain a user's password from a database; all that the site needs to do is ensure that the cryptographic signature calculated when a user logs in matches the cryptographic signature that is stored against the user's account.
By implementing security in this way, it is impossible for a hacker to obtain passwords from a database, even if he manages to hack into the database.
Note that some dumb websites that get hacked from time to time do not use password hashes or encrypted password signatures. Amateur operations.
If I were developing Touch ID, I'd do it exactly the way that Apple have themselves described it: When a user's fingerprint is being registered, compute a cryptographic hash that represents the fingerprint, and store the hash in a secure area. When the user subsequently signs in using his fingerprint, compute the hash and see that it matches the stored hash. It is trivially simple to design a hash that cannot possibly be used to reconstruct the original fingerprint.
Last edited:
This coming from the same senator who defended the NSA? Go back to SNL Franken, nobody likes you.
Really? Common sense says if you don't want it out in public, don't put it on the net, no matter what your privacy settings are set to. I can post the exact same for Apple.
Not sure what you are saying. You want to know the privacy concerns about google, there is a nice summary.
^^^^ this!
I had a hp laptop for work years ago 2000/2001 Ish that had a fingerprint reader and it stored an image/scan of your actual print! Not anything like apple has implemented!
The only reason everyone's jumping on this is apple is bigger than ever and the chance of getting there hands on it is just not there like they could if it was google!
Is Senator Franken also sending inquiries to Disneyland, Seaworld and virtually every other amusement park in America, which collect fingerprints when you enter the park? Is he also sending inquiries to restaurants, bars, pubs and virtually any other public place to make sure they scrub glasses and surfaces of guest fingerprints so that they can't be lifted with chalk dust and tape? Is Senator Franken possibly making too big a deal out of this?