DS Forums

 
 

No IPhone 5S discussion?


Reply
Thread Tools Search this Thread
Old 27-10-2013, 19:45
IslandNiles
Forum Member
 
Join Date: Apr 2005
Posts: 13,091
Quick question. Do you actually have to use the fingerprint scanner? Or can it be turned off?
You can have no security, or a passcode, or Touch ID (with a passcode).
IslandNiles is offline   Reply With Quote
Please sign in or register to remove this advertisement.
Old 27-10-2013, 19:46
anyonefortennis
Forum Member
 
Join Date: Sep 2011
Location: 🇬🇧
Posts: 60,865
Very secure.

http://support.apple.com/kb/HT5949



They also said this which was probably nonsense and sheer guess work.

Quick question. Do you actually have to use the fingerprint scanner? Or can it be turned off?
You don't have to activate it if you don't want to. You can just carry on using a passcode (or not)
anyonefortennis is offline   Reply With Quote
Old 27-10-2013, 19:47
psionic
Forum Member
 
Join Date: May 2002
Location: Crystal Palace TX
Posts: 19,702
So if someone clones my fingerprint they also need to enter a PIN ? I wasnt aware it worked that way ?
If they're quick with the cloning they won't need the PIN. If they try and do anything suspicious they still need your account password (not your PIN). The fingerprint is just for casual replacement of entering a PIN several times a day or purchases from iTunes/App store. The fact that it works so seamlessly and fast is really handy for those especially who find typing the PIN in several times a total PITA. As I say, the moment you try and change security settings or even if its been too long since the phone was used you have no choice but to enter the PIN (lock screen) or Password (security settings or online purchases).
psionic is offline Follow this poster on Twitter   Reply With Quote
Old 27-10-2013, 19:47
Stiggles
Forum Member
 
Join Date: Jan 2011
Location: Dundee, Scotland
Posts: 9,293
You can have no security, or a passcode, or Touch ID (with a passcode).
You don't have to activate it if you don't want to. You can just carry on using a passcode (or not)
Cheers
Stiggles is offline   Reply With Quote
Old 27-10-2013, 19:47
calico_pie
Forum Member
 
Join Date: Oct 2012
Posts: 9,428
Very secure.

http://support.apple.com/kb/HT5949

They also said this which was probably nonsense and sheer guess work.

Quick question. Do you actually have to use the fingerprint scanner? Or can it be turned off?
Which part of that article do you disagree with?

The scanner is optional, just as the passcode is optional.

Why?
calico_pie is offline   Reply With Quote
Old 27-10-2013, 19:51
Stiggles
Forum Member
 
Join Date: Jan 2011
Location: Dundee, Scotland
Posts: 9,293
Which part of that article do you disagree with?
Did i say i disagree with any part of it?

The scanner is optional, just as the passcode is optional.

Why?
Because i wanted to know. Is that ok?!
Stiggles is offline   Reply With Quote
Old 27-10-2013, 19:51
psionic
Forum Member
 
Join Date: May 2002
Location: Crystal Palace TX
Posts: 19,702
Just to be clear - if you do use TouchID then you are forced to also create a PIN - the PIN is not optional (it's a backup if the fingerprint fails).
psionic is offline Follow this poster on Twitter   Reply With Quote
Old 27-10-2013, 19:51
calico_pie
Forum Member
 
Join Date: Oct 2012
Posts: 9,428
Controlled environment? I have all the stuff to do that at my work which is a hotel!!
Controlled insomuch as:

1. They had access to a good quality print.

2. They knew what equipment and materials they needed to make a good enough copy.

3. They knew how to make a good enough copy.

4. They were using a phone that wasn't about to be wiped remotely.

I would wager that the typical opportunistic thief would be quite so knowledgeable or fortunate.
calico_pie is offline   Reply With Quote
Old 27-10-2013, 19:54
calico_pie
Forum Member
 
Join Date: Oct 2012
Posts: 9,428
Did i say i disagree with any part of it?

Because i wanted to know. Is that ok?!
I just wasn't sure what you feel Apple have claimed that doesn't stand up to scrutiny.

Yes, of course it's OK. Why wouldn't it be? Defensive, much!

I just wondered what the relevance was.
calico_pie is offline   Reply With Quote
Old 27-10-2013, 19:54
Stiggles
Forum Member
 
Join Date: Jan 2011
Location: Dundee, Scotland
Posts: 9,293
Controlled insomuch as:

1. They had access to a good quality print.

2. They knew what equipment and materials they needed to make a good enough copy.

3. They knew how to make a good enough copy.

4. They were using a phone that wasn't about to be wiped remotely.

I would wager that the typical opportunistic thief would be quite so knowledgeable or fortunate.
So not controlled at all then!!

I think you're missing the point here. Its been cracked. Simple as that. Like any fingerprint scanner, it can be spoofed one way or another. Doesnt matter whether its easy or not.
Stiggles is offline   Reply With Quote
Old 27-10-2013, 19:56
Stiggles
Forum Member
 
Join Date: Jan 2011
Location: Dundee, Scotland
Posts: 9,293
I just wasn't sure what you feel Apple have claimed that doesn't stand up to scrutiny.

Yes, of course it's OK. Why wouldn't it be? Defensive, much!

I just wondered what the relevance was.
You asked me why i wanted to know which was a strange thing to ask. Thats all.
Stiggles is offline   Reply With Quote
Old 27-10-2013, 19:58
calico_pie
Forum Member
 
Join Date: Oct 2012
Posts: 9,428
i do think its a great little novelty item at face value. i just worry that if its not been made secure enough then it screws up fingerprint biometric use forever. someone figures out how to harvest all the apple fingerprint data and thats fingerprint use for online banking (etc) knackered. All for a quick unlock.

and thats not a dig at Apple - same goes for the HTC One Max (with fingerprint) and Dell laptops etc. Dont forget Apple arent the first to do this. Look at the recent news about the US monitoring calls and texts - stuff happens !
I think it's more than novelty. It's pretty secure, it's very convenient, it works pretty much flawlessly, and the chances of it being hacked are incredibly slim.
calico_pie is offline   Reply With Quote
Old 27-10-2013, 19:59
calico_pie
Forum Member
 
Join Date: Oct 2012
Posts: 9,428
You asked me why i wanted to know which was a strange thing to ask. Thats all.
It wasn't strange at all. Whilst this is a fun exchange where you first got defensive, and now find option strange, I'm still not sure what the relevance was.
calico_pie is offline   Reply With Quote
Old 27-10-2013, 20:06
anyonefortennis
Forum Member
 
Join Date: Sep 2011
Location: 🇬🇧
Posts: 60,865
Just to be clear - if you do use TouchID then you are forced to also create a PIN - the PIN is not optional (it's a backup if the fingerprint fails).
Yes and if you switch the phone off you have to enter your passcode to access the phone. The pin is another option if you don't want to activate the fingerprint ID. Or you can choose to have neither.
anyonefortennis is offline   Reply With Quote
Old 27-10-2013, 20:06
tdenson
Forum Member
 
Join Date: Aug 2005
Posts: 4,214
It wasn't strange at all. Whilst this is a fun exchange where you first got defensive, and now find option strange, I'm still not sure what the relevance was.
All. I can say is that the proof of the pudding is in the eating.
I am in Kenya ATM doing quite a lot of traveling. It would seem sensible to put a lock code on my phone, right ? (i am actually one of those people who never bothered with one pre Touch id). I spent 8 hours yesterday self driving a 4WD on dirt tracks strewn with boulders and stream crossings using Google Maps for navigation. As it happens I forgot to bring my cigar lighter plug with me so my phone kept timing out and locking the screen. I was able to reactivate it without even looking at it. The thought of having to type a passcode, well ....
tdenson is offline   Reply With Quote
Old 27-10-2013, 20:06
IslandNiles
Forum Member
 
Join Date: Apr 2005
Posts: 13,091
Point is i guess is it's not even close to as secure as apple made out.
How secure did Apple make it out to be?
Which part of that article do you disagree with?
Did i say i disagree with any part of it?
Then I'm not really sure why you linked to it.
IslandNiles is offline   Reply With Quote
Old 27-10-2013, 20:09
anyonefortennis
Forum Member
 
Join Date: Sep 2011
Location: 🇬🇧
Posts: 60,865
All. I can say is that the proof of the pudding is in the eating.
I am in Kenya ATM doing quite a lot of traveling. It would seem sensible to put a lock code on my phone, right ? (i am actually one of those people who never bothered with one pre Touch id). I spent 8 hours yesterday self driving a 4WD on dirt tracks strewn with boulders and stream crossings using Google Maps for navigation. As it happens I forgot to bring my cigar lighter plug with me so my phone kept timing out and locking the screen. I was able to reactivate it without even looking at it. The thought of having to type a passcode, well ....
Who do you think you are, Allan Quartermain.
anyonefortennis is offline   Reply With Quote
Old 27-10-2013, 20:18
IslandNiles
Forum Member
 
Join Date: Apr 2005
Posts: 13,091
So not controlled at all then!!

I think you're missing the point here. Its been cracked. Simple as that. Like any fingerprint scanner, it can be spoofed one way or another. Doesnt matter whether its easy or not.
Of course it matters if it's easy or not.

The exploit that's been demonstrated requires you to have both the phone AND the owner's fingerprint, and enough time and the materials required to create the latex finger.

Okay, maybe if you have the phone you can get a workable fingerprint from somewhere on that phone. But you still need the materials. And you can't switch the phone off and come back to it later, because it'll ask for your passcode when you switch it back on. Meanwhile, if the owner notices it missing, they can put the phone in lost mode and/or wipe it remotely.

EDIT: For me, the biggest potential flaw is that Touch ID is completely optional, even when it's enabled. You can still choose to use the passcode instead. And, as the support document that you linked to mentioned, that's a less secure method if it's a four digit number. I've changed mine now to a longer alphanumeric code, given the convenience that Touch ID provides.
IslandNiles is offline   Reply With Quote
Old 27-10-2013, 20:27
Stuart_h
Forum Member
 
Join Date: Jul 2005
Posts: 3,474
I think it's more than novelty. It's pretty secure, it's very convenient, it works pretty much flawlessly, and the chances of it being hacked are incredibly slim.
Its pretty secure for you or I where nobody wants to get into our phones THAT much but for someone who really wants to get on a phone its perfectly do-able and then always repeatable.

And Im aware that the print info is stored locally and is encrypted but we all know that 'things happen' ... an app starts harvesting details ... an encryption key is broken .... if it was the government asking to store your fingerprint info there would (quite rightly) be uproar ! Just look at the latest headlines about apple being able to read imessages ! i dont know if they can or cant but for some people out there security is made to be broken. a regularly changed passcode is a much safe bet surely ?
Stuart_h is offline   Reply With Quote
Old 27-10-2013, 20:30
psionic
Forum Member
 
Join Date: May 2002
Location: Crystal Palace TX
Posts: 19,702
Controlled insomuch as:

1. They had access to a good quality print.

2. They knew what equipment and materials they needed to make a good enough copy.

3. They knew how to make a good enough copy.

4. They were using a phone that wasn't about to be wiped remotely.

I would wager that the typical opportunistic thief would be quite so knowledgeable or fortunate.
5. In attempting the hack they don't make too many failed attempts or PIN/Password will still be required.
psionic is offline Follow this poster on Twitter   Reply With Quote
Old 27-10-2013, 20:30
jonner101
Forum Member
 
Join Date: Apr 2008
Posts: 3,153
Since the fingerprint is stored locally on the phone and isn't backed up to the cloud, nobody's going to harvest all the Apple fingerprints.

It's more about convenience than security. It provides the same level of security as a passcode lock but saves time, particularly as it can also be used for iTunes and App Store purchases.

It's worked really well for me so far, anyway. I just press the home button as I normally would to unlock, then keep my thumb on the button and I'm straight in. The whole thing takes under a second and is tied to an action that I would have taken anyway.
This is the best explanation of it. I actually have it enabled as it provides some basic security without the hassle as I just find entering a pin code each time a total PITA.

like you say the fingerprint is stored locally on device and most probably encrypted using an irreversible SHA-1 style hashing algorithm.

If the hackers can get an iPhone and actually reverse engineer a picture of the fingerprint by hacking into the chip then that would be impressive.

I couldn't imaging any system that really needs super high security could work with a fingerprint scan ( it would perhaps be one element if it ) as fingerprints can be duplicated.
jonner101 is offline   Reply With Quote
Old 27-10-2013, 20:49
IslandNiles
Forum Member
 
Join Date: Apr 2005
Posts: 13,091
Its pretty secure for you or I where nobody wants to get into our phones THAT much but for someone who really wants to get on a phone its perfectly do-able and then always repeatable.

And Im aware that the print info is stored locally and is encrypted but we all know that 'things happen' ... an app starts harvesting details ... an encryption key is broken .... if it was the government asking to store your fingerprint info there would (quite rightly) be uproar ! Just look at the latest headlines about apple being able to read imessages ! i dont know if they can or cant but for some people out there security is made to be broken. a regularly changed passcode is a much safe bet surely ?
I thought iMessages were encrypted end to end and therefore pretty secure? I'm sure I remember reading that Apple can't read them even if they wanted to. Might be wrong though.
IslandNiles is offline   Reply With Quote
Old 27-10-2013, 21:06
Stuart_h
Forum Member
 
Join Date: Jul 2005
Posts: 3,474
I thought iMessages were encrypted end to end and therefore pretty secure? I'm sure I remember reading that Apple can't read them even if they wanted to. Might be wrong though.
to be honest i dont know either way. i'd hope they were secure. but lots of news articles flying around currently stating otherwise. My point was that just because someone tries to build it safe, and says its safe .... doesnt always mean it IS safe.
Stuart_h is offline   Reply With Quote
Old 27-10-2013, 21:07
CarrieNYC
Forum Member
 
Join Date: Jan 2012
Posts: 404
Was there this much fuss and negativity over samsungs face id?
CarrieNYC is offline   Reply With Quote
Old 27-10-2013, 21:12
anyonefortennis
Forum Member
 
Join Date: Sep 2011
Location: 🇬🇧
Posts: 60,865
to be honest i dont know either way. i'd hope they were secure. but lots of news articles flying around currently stating otherwise. My point was that just because someone tries to build it safe, and says its safe .... doesnt always mean it IS safe.
Until I start reading reports about peoples iphone 5s's being stolen and broken into, I think it's safe to assume they are very secure.
anyonefortennis is offline   Reply With Quote
 
Reply




 
Forum Jump


All times are GMT. The time now is 04:53.