Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Touch ID - Lack of integration

if it's BT then wouldn't it be 30ft?
anyway if it's Bt and not Wifi, I thought it was Wifi for some reason, then the security issue is much less for sure.
 
TheBacklash said:
if it's BT then wouldn't it be 30ft?
anyway if it's Bt and not Wifi, I thought it was Wifi for some reason, then the security issue is much less for sure.
Click to expand...
Bluetooth can be 30 feet but the time-of-flight measures a precise distance so it can be restricted to closer than 30 feet.
 
Ma2k5 said:
Not sure why password is ever seen as more secure than fingerprint, things like requiring it after reboot baffles me.
Click to expand...
Because of the two, only a password can be changed. Besides that, passwords are also used for encryption which is why they need to be "difficult": difficult to guess/calculate but easy to remember (a passphrase is better than a password: easier to remember but more difficult to guess/calculate). A fingerprint shouldn't be used for that because you leave it everywhere you go and thus it is very easy to retrieve. The Chaos Computer Club has demonstrated this by retrieving the fingerprint of one of the German politicians (Von der Leyen) and before that, the fingerprint from one of the German ministers (Schauble). Touch ID already is a compromise between security and ease of use.
 
Last edited:
dyn said:
Because of the two, only a password can be changed. Besides that, passwords are also used for encryption which is why they need to be "difficult": difficult to guess/calculate but easy to remember (a passphrase is better than a password: easier to remember but more difficult to guess/calculate). A fingerprint shouldn't be used for that because you leave it everywhere you go and thus it is very easy to retrieve. The Chaos Computer Club has demonstrated this by retrieving the fingerprint of one of the German politicians (Von der Leyen) and before that, the fingerprint from one of the German ministers (Schauble). Touch ID already is a compromise between security and ease of use.
Click to expand...

Getting finger prints of high profile figures is easy enough, but so is passwords if you think about it. When it comes to the average joe like us, we don't have to worry about sophisticated attacks from around the world to get a fingerprint then match it to joe bloggs then find out what joe blogs account username is. The vast majority of people who are hacked are hacked by people in another country wholly.
 
Which brings up another point.. Apple needs to focus on security for more than just the average user.
 
I agree with the OP. I'm disappointed that TouchID integration is not standardised throughout the entire OS.

I setup a strong admin password assuming TouchID would cover all scenarios where the password was required. As soon as I started setting up my new MBP (installing software etc.) I was prompted for the admin password, without the option of TouchID.

Common scenarios where a password is required, with no option of TouchID:
- Any time admin rights are required
- Installing software packages
- Changing some system preferences (e.g. unlocking security and privacy settings)
- Purchasing on iTunes
- Purchasing on OSX App Store

Apple should have another check box option in the TouchID settings to cover other use cases, such as the ones above.
 
  • Like
Reactions: CalandUK
Ma2k5 said:
Getting finger prints of high profile figures is easy enough, but so is passwords if you think about it.
Click to expand...
The point wasn't getting the fingerprint, the point was not being able to change it which you need to do as it is so easy to get the fingerprint. This doesn't apply to high profile figures only, it applies to everyone (which the CCC has also demonstrated a couple of times).

When it comes to the average joe like us, we don't have to worry about sophisticated attacks from around the world to get a fingerprint then match it to joe bloggs then find out what joe blogs account username is.
Click to expand...
You don't need to because the fingerprint is right there on the device, in most cases it's right on the fingerprint reader itself (which is why many governmental bodies in .nl clean the reader after someone used it). The entire point of the CCC was that fingerprints linger everywhere (and thus are very easily obtained) as well as fingerprint readers being easily mislead so using fingerprints is not a very good way when you want to secure something.

The vast majority of people who are hacked are hacked by people in another country wholly.
Click to expand...
They are not even hacked, they get infected by malware or one of the internet services they use gets hacked. The latter is the most likely. This does not mean that no one will be attacked via Touch ID though! The hackers can be from anywhere so it isn't always true that they are from another country wholly.

Proper use of passwords is more secure than fingerprints. The reason why we have fingerprint readers in our equipment is solely for convenience. It is easier and quicker to scan a fingerprint and grant access than it is to enter a proper password (hence why they connect the fingerprint(s) to the login password instead of using the fingerprint as a second factor). The only time a fingerprint is more secure is when people are looking over your shoulder. They don't see your fingerprint but they do see you typing in your password. Hackers use this when skimming: they clone the debit card and film which digits the user enters as the pin code. In those cases you'd want to use something like 2FA (Fido U2F is a nice one, it's being used by more and more cloud services).
 
Just came on to post similar. Given the amount of work they did in updating their own apps to support the TouchBar, its disappointing to see the lack of system integration for TouchID. Have they said if this is going to be addressed in the next version of MacOS?
 
Touch ID is supposed to prompt, when one is asking for root access for system and app changes etc. I have only seen it pop up once for this and that was for Office install. I filed a bug report with Apple and suggest the rest of you do the same. If you don't communicate with Apple, it isn't fair to hold them accountable for bugs you haven't made known to them.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back