Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

U.S. Senator Raises Questions About Security and Privacy of Face ID

kdarling said:
Comments like this sometimes make me think there should be a basic knowledge test before people are allowed to post on the internet.

No, Google does not sell our personal info. If they did, they'd soon have nothing of value left. What they do, is sell anonymous ad slots.



It's one in a million that someone else matches your template.

TouchId was hacked within two days, and nobody cared, because it required spending an hour or two making a fake print. If Face Id is similarily hacked with say, a custom made mask, most people will again think it's not a huge threat.



He does. For example, Franken has sent at least one similar letter to Samsung before about their fingerprint sensor.
Click to expand...

"What they do, is sell anonymous ad slots." That is the toddler version of what is going on.

Google through many free tools that you probably use but sometimes you don't, collects everything it can about you. It puts that all into a database.

Then some entity approaches Google and want's to buy ad's that target very specific criteria, very specific. Google can do this because it knows so much about you.

The level of detail they have on us is scary. This needs the attention of Al and his buddies in Washington way more than Face ID.
 
  • Like
Reactions: Blu Reel
gnasher729 said:
He may very well have watched it, and understood everything, but he wants an official answer. The keynote is in reality one big advertisement. He wants an official statement from Apple.
Click to expand...

Why? Do we live in a dictatorship? If it's bad, Apple will lose money. Senators are supposed to legislate. Not act as super privacy watchdogs.
 
developer13245 said:
Funny how the 1:50,000 failure rate of TouchID was kept secret until they needed to make TouchID looks like it sucks, just so they can sell you a better 1:1000,000 system....
Click to expand...
The "50,000" number was public knowledge long time ago.
[doublepost=1505425699][/doublepost]
jinnj said:
The data is encrypted. You can't access the ID data in the enclave without the passcode.
Click to expand...
That's not how it works. You can't access the ID data in the secure enclave. Not at all. With or without passcode. All you could do with TouchID was ask the secure enclave whether the fingerprint with TouchID matches the stored fingerprint, and the secure enclave answers "Yes" or "No". Same with FaceID. There is no way to get the information out. You can only ask the secure enclave whether the face in front of the phone matches.
[doublepost=1505426581][/doublepost]
itguy06 said:
And he's pretty inept too. I nearly fell out of my chair with the absurdity of the "diversity" BS question. Of course they need to train it on a diverse set of faces. If they only did whites then non whites would have a hard time using it. If they only did blacks then non blacks would have a hard time. Only asians non asians would have a hard time. Get the point - it's diverse because it has to be. Not because some dolt senator is trying to fuel the race fire.
Click to expand...
What you say is logical. However, there has been one PC manufacturer who built facial recognition software to unlock their computers, and they completely missed the logic of what you said. Their bloody system was totally and utterly incapable of not only recognizing the face of a black person, but recognising that there was a face at all. So the question is indeed a good question.

Also, I think with a photo based system it would probably be harder to recognise darker faces because there is less light. FaceId doesn't have that problems because it measures the exact shape of your face, so your skin colour doesn't matter to it at all.
 
  • Like
Reactions: kdarling
Grandstanding. (MR deleted me saying this. What happened to freedom of speech in the USA MR?)

I don't think I need to elaborate and one word was enough to make my point. Apple is in the lime light this week and this politician wanted some of it. Move along, nothing to see here...
 
kdarling said:
No, we live in a Republic.

Franken is the Ranking Member of the Senate Subcommittee on Privacy, Technology and the Law.

It's his job.
Click to expand...

So the job of senate committees is to bother corporations with questions about a new product? Where nothing has happened yet and no consumers have been affected? Where is that written? Sounds very big brother and intrusive to me. We punish for violations that have occurred in this country. We don't go looking for violations that have not yet happened. Senate committees are not super regulators. The FTC regulates companies in the privacy sphere, unless another regulator does. I don't think the role of govt is to go looking for potential problems because someone heard a media announcement. Since when does a republic have individual senators snoop around corporations?
[doublepost=1505431970][/doublepost]
dancefreak said:
He's a troll because he's engaging fact finding within the subcommittee that oversees this exact thing? How does that make sense?

People like to scream that politicians do nothing and then they get just as angry when a politician is actually doing his job. It's obviously fine to not agree with his POV on things, but why is requesting answers to a large issue in an official format so objectionable? This happens ALL THE TIME by the way. The request is made public because it's an open request in the public interest. And by making the request public, people will look for Apple's response. If the answers would be released publicly, the questions need to be public as well. And frankly, unless Apple is trying to pull a fast one on people, I have to think they're extremely happy for the opportunity to explain all this in written official detail. If it wasn't public, Apple may not bother responding or it might require a subpoena which is usually a last resort for in depth investigations--not inquiry questions. A hearing obviously isn't necessary at this point so there's no need for private advance questions either.
Click to expand...

His job is not to go attempt to look for trouble. If and when something happens the committee can draft a bill and pass a law. That's their job. Not reading media statements and looking for trouble when the product isn't even in the hands of consumers. Being proactive is bad when it comes to the govt. let them be reactive.
 
Of the people on this thread who question the security behind Face ID and Touch ID, how many have bothered to set a strong password on their phone? Every iPhone user I've ever encountered sticks with a 4-6 digit numeric code and leave it at that.
 
Al, please do sit down and shut up already. If you bothered to pay attention you would understand that FaceID is/will be treated exactly like TouchID, so therefore your questions are already answered.
 
caesarp said:
So the job of senate committees is to bother corporations with questions about a new product? Where nothing has happened yet and no consumers have been affected?
Click to expand...

Well, yes. It's not smart to wait until something has happened before passing legislation.

His job is not to go attempt to look for trouble. If and when something happens the committee can draft a bill and pass a law. That's their job.
Click to expand...

Wrong. That is their job. Like Boy Scouts, they must be prepared. They cannot just sit around waiting to react. They have to look at the past, present and future.

Senate committees and investigations exist in order to aid in drafting laws, determining which ones to draft, and then making sure they've made sense once passed.

They also give oversight of the executive and judicial branches. Remember the Watergate investigation? Not to mention keeping an eye on the intelligence community to make sure they don't overstep their bounds.

Without the knowledge gained from such committees and investigations, the Senate could not do an effective job of determining which laws to pass.

I think the problem is that you and some others see his request as an attack, when it's simply information gathering that Apple itself does not fear... and instead likely sees as a chance to publicize their security.
 
Last edited:
  • Like
Reactions: Ntombi
kdarling said:
Well, yes. It's not smart to wait until something has happened before passing legislation.



Wrong. That is their job. Like Boy Scouts, they must be prepared. They cannot just sit around waiting to react. They have to look at the past, present and future.

Senate committees and investigations exist in order to aid in drafting laws, determining which ones to draft, and then making sure they've made sense once passed.

They also give oversight of the executive and judicial branches. Remember the Watergate investigation? Not to mention keeping an eye on the intelligence community to make sure they don't overstep their bounds.

Without the knowledge gained from such committees and investigations, the Senate could not do an effective job of determining which laws to pass.

I think the problem is that you and some others see his request as an attack, when it's simply information gathering that Apple itself does not fear... and instead likely sees as a chance to publicize their security.
Click to expand...

I don't look at it as an attack. I look at it as government overreach and intrusiveness. A senate committee shouldn't proactively reach out to anybody unless they have a very specific need based on complaints from citizens or something else that is a clear concise issue that requires an investigation at the highest levels of government. Yes, I remember Watergate -- they didn't proactively investigate. There was a burglary and then a suspected cover-up, which was why there was an investigation and that makes sense. That's not what happened here. And Apple isn't the presidency.

Otherwise, it seems very heavy-handed, like something the Kremlin or some dictatorship would do. That's not what our government is (or should be) about. The last thing you want is anyone from the gov't bothering you or knocking on your door. If you did something wrong -- yes. Otherwise the gov't should leave us alone. But to start looking for things to do? -- that's not their job. We have plenty of privacy laws on the books -- Biometric data is already covered in many state laws (and there is no overarching federal privacy law).

I also think you don't realize what happens when a company receives something like that. It's a huge pain in the neck, requiring legal and compliance review and probably will be reviewed by dozens of people. It's not a matter of someone simply spending 45 minutes to draft a response. More than likely they will need to engage outside counsel. It's a big production -- because someone on a committee has "questions"? Don't you realize how scary that is, that someone in Washington DC can simply pose "questions" that you "HAVE" to answer or they will likely use their power against you? I don't know about you, but that's not the U.S. I grew up in. This is now a regulatory crazy environment (and I'm a liberal). Unless you did something wrong, the gov't should NOT be breathing down your neck and asking questions!
 
  • Like
Reactions: theotherphil
I want you to save a copy of what you just posted, sock it away somewhere and read it again in two years, and see if you still feel the same way.
[doublepost=1505514076][/doublepost]
caesarp said:
Why? Do we live in a dictatorship? If it's bad, Apple will lose money. Senators are supposed to legislate. Not act as super privacy watchdogs.
Click to expand...

Here, try this: https://www.usa.gov/topics
[doublepost=1505515914][/doublepost]https://www.engadget.com/2017/09/15/study-says-apple-data-mining-safeguards-dont-protect-privacy-en/
 
WatchFromAfar said:
But before Apple told you touchID was 1 in 50,000 times secure you trusted your life with it. Now just because their new thing has a bigger number you're all in on that? How about asking why Apple's current line up (SE, 6S, 6S+, 7, 7+) all use a system 20 times less secure than the flagship model.
Click to expand...

Touch ID is still 5x better than a 4 digit passcode and the convenience means people actually use it. Things move on....it's like complaining how Mercedes' latest flagship is faster than the previous models.
 
If you can't engage in a little self-directed learning from what I have provided, then I can't help you. Sorry.
[doublepost=1505526986][/doublepost]
caesarp said:
I don't look at it as an attack. I look at it as government overreach and intrusiveness. A senate committee shouldn't proactively reach out to anybody unless they have a very specific need based on complaints from citizens or something else that is a clear concise issue that requires an investigation at the highest levels of government. Yes, I remember Watergate -- they didn't proactively investigate. There was a burglary and then a suspected cover-up, which was why there was an investigation and that makes sense. That's not what happened here. And Apple isn't the presidency.

Otherwise, it seems very heavy-handed, like something the Kremlin or some dictatorship would do. That's not what our government is (or should be) about. The last thing you want is anyone from the gov't bothering you or knocking on your door. If you did something wrong -- yes. Otherwise the gov't should leave us alone. But to start looking for things to do? -- that's not their job. We have plenty of privacy laws on the books -- Biometric data is already covered in many state laws (and there is no overarching federal privacy law).

I also think you don't realize what happens when a company receives something like that. It's a huge pain in the neck, requiring legal and compliance review and probably will be reviewed by dozens of people. It's not a matter of someone simply spending 45 minutes to draft a response. More than likely they will need to engage outside counsel. It's a big production -- because someone on a committee has "questions"? Don't you realize how scary that is, that someone in Washington DC can simply pose "questions" that you "HAVE" to answer or they will likely use their power against you? I don't know about you, but that's not the U.S. I grew up in. This is now a regulatory crazy environment (and I'm a liberal). Unless you did something wrong, the gov't should NOT be breathing down your neck and asking questions!
Click to expand...

The US is now a "deregulated" version of the U.S. where you grew up. The inquiry -without saying as much- is more about A.I. than about questions like "How rosy is that gold in your watchband?" Put this "intrusiveness" into perspective with idea: https://www.aopa.org/news-and-media/all-news/2017/july/12/get-the-facts-about-atc-privatization
 
BaldiMac said:
Point taken. Another example of Hollywood entitlement and sexual assault. But what does that have to do with whether his privacy concerns are legitimate?
Click to expand...

Because he’s a fraud

A man who poses in a photo groping a woman who is passed out, and writes it off as failed humor but who also gets (fake) outraged on twitter by someone saying they want to marry bacon, DOESNT CARE about your privacy. This is all a facade.

If you think he does, you are disillusioned

Harvey Weinstein, serial predator and rapist, is a humanitarian too? Is that something you would equally entertain?
 
BaldiMac said:
Point taken. Another example of Hollywood entitlement and sexual assault. But what does that have to do with whether his privacy concerns are legitimate?
Click to expand...
Agreed. I never liked the guy anyway and always felt that his going after Apple was just for publicity, but that's the name of the game in politics: you always have to find ways to pander to your voter base.
 
morcutt11 said:
Agreed. I never liked the guy anyway and always felt that his going after Apple was just for publicity, but that's the name of the game in politics: you always have to find ways to pander to your voter base.
Click to expand...

That’s my point. It was for publicity and positive theatrics, for him and for Apple. Not for transparency purposes of the tech and to quell legitimate privacy concerns.

I’m not suggesting FaceID is going to cia database and specific proof is Bc Franken gropes, I’m saying his concerns were pandering. Complete and utter pandering. And making apple look good. Two fold.



Tim Cook is a Weasley Backdoor politician full time and a CEO part time (imo)

His time will come, too
tim-cook-and-john-podesta.jpg


No one is immune from public scrutiny, in this climate
 
Last edited:
thadoggfather said:
Because he’s a fraud

A man who poses in a photo groping a woman who is passed out, and writes it off as failed humor but who also gets (fake) outraged on twitter by someone saying they want to marry bacon, DOESNT CARE about your privacy. This is all a facade.

If you think he does, you are disillusioned

Harvey Weinstein, serial predator and rapist, is a humanitarian too? Is that something you would equally entertain?
Click to expand...
Ahh. So no connection. Just a rant. My bad.
 
  • Like
Reactions: CarlJ
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back