Tho I have concerns myself, I have serious reservations that Al Frankenstein (auto correct did it!) is the one to come to the rescue/actually cares
Good PR! Good game
Good PR! Good game
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
U.S. Senator Raises Questions About Security and Privacy of Face ID
- Thread starter MacRumors
- Start date
- Sort by reaction score
I think you're a bit naive to believe facial recognition is "safe & secure". Wait until the first report off law enforcement pointing iPhone X at a suspect's face to unlock his/her iPhone for whatever reason. You surrender your privacy so freely at your own peril. Or maybe you just don't value it as much as others.
"It looks bad"? Trusting that everything will be okay if we don't ask questions looks, and ends up feeling, when things start to go wrong, worse.
Um Presumably those questions were "addressed" by Apple's marketing team. These questions will be dealt with by Apple's legal team. Very different...
I did wonder about the 'billion' images used for FaceID to learn. I reckon the machine learning Apple introduced last year in Photos has been a core part of this process.
Except Apple is not the first to use facial recognition. Where was he a year ago when Samsung debuted it on the Note 7?
1, The eyes need to be open.
2, The eyes need to be looking at the camera, not away.
3, There is a panic button. By hitting the side button 5x, FaceID is disabled (just like Touch ID).
The interesting thing is, my 9yo bypassed my Touch ID whilst I was asleep by holding it to my finger. Face ID will stop that.
it’s a formality, not a big deal for people to care about. he’s just doing he’s job...
In what way? It builds a map of their actual face and stores it as a hash in a secure enclave. It will work just as well on the population group.
[doublepost=1505366174][/doublepost]
Face ID didn't fail on the keynote. The phone had been placed on the desk without Face ID being activated. It was clear in the video that it asked for a pin code to enable Face ID. This is the same message you get when starting a device for the first time. It was user error, not machine error.
Last edited:
TouchID was hacked in two days, using a technique to make 3D print copies known since the turn of the century. Later, more ways were found. It was even shown that a good photograph of someone's fingers from about five feet away could be a usable source.
But since it takes an hour or two to make a fake print, few people consider it a day to day threat.
A few seconds spent researching instead of posting, would be a good idea.
I would bet you could extrapolate usable print data points as well. But it doesn't matter, because Apple stores the print data in the Secure Enclave, where apps cannot reach. No doubt the same is done for facial.
Samsung explicitly stated that their facial unlock was not meant to be secure.
[doublepost=1505367665][/doublepost]
Nope, it's not the same message. The restart message says it's a restart.
At least he's asking this stuff to get attention, politicians do way less useful things to get in the news.
And hey, some of these questions may have already been answered, but some not explicitly or not as detailed as a written reply might be.
It's not like we can't learn anything new from this, whether we have rightful assumptions already or not doesn't matter a lot.
Glassed Silver:ios
well yeah as a member of the senate committee its kind of his job. he likely does this to Samsung and every other company but Apple is still the internet's favor hit fodder so why write about all those other companies
There are plenty of ways to trace people. Heck, when Apple forbade apps from using the device id, shared databases of MAC ids were created instead.
Does not mean Apple was selling personal info, any more than the claim that Google sells personal info.
Thank you for clarifying. Yes, even Apple demands that banks give them anonymized info on Apple Pay purchases.
People concentrate on Google, yet it has every reason to make sure it keeps our personal data private. It is, after all, both how it makes money from selling anonymous ad slots, and how it provides personalized assistance.
The real problem is with all the other entities who make a living from actually and truly selling our personal data.
Last edited:
not exactly true. it was hacked but it was essentially "lab conditions" much like when someone creates a proof of concept virus that can affect MacOS.
now could someone pick up a random phone and manage to get a usable print, probably not. so these hacks using perfect prints and photos of perfect prints etc are basically moot
It's not transmitted. It is stored just like fingerprint data in the "secure enclave".
Does anyone ever read?
Really? It's a facial scan.
"Secure enclave". It may adapt to correct scans. Incorrect scans go into a bit bucket.
That is a good question, but how is this any different than a fingerprint?
They can also store distance information based on how far the phone was from the face.
Someone else holding the phone will probably not be in the same range.
The same way they do fingerprint data. They don't have it. It gets stored in the "secure enclave". Anything else and it can't be trusted. Banks are trusting Apple Pay based on the unlock method.
Yawn. He still doesn't understand.
He could get most of the information from the press release if he read it.
well a video of the keynote might be since they can clearly ID the folks saying what, but yes they prefer on paper with letterheads and signatures.
Thank you for confirming what I said (that it was not a restart situation).
Instead, it was what I and others had suggested: that it had been locked by others looking at it.
One question Apple hasn't answered, and which many of us are wondering about, is the diversity of the teaching faces, and how that will translate into real world success/failure of Face ID for people with darker skin. I did a ton of reading on the tech behind Face ID today, and I can see how it starts with a greater chance of success than some other similar tech, but considering I still can't get the automatic faucet to work in some places, this isn't idle chit chat.
Like the rest of his questions (many of which were answered elsewhere, you're right), this isn't him just shooting from the hip, but doing his job and getting Apple on the record. It's not adversarial.
Right, for regular daily use by regular people, TouchId was "good enough" security.
That said, if someone or an agency wanted to target a specific person and spend the time getting a good print source, then they could get into that person's phone any time they wanted.
[doublepost=1505371323][/doublepost]
Another poster too lazy to research which other companies Franken has requested info from.