Fingerprints are secure, right?



  • @apple.com said:


    You check your iPhone dozens and dozens of times a day, probably more. Entering a passcode each time just slows you down. But you do it because making sure no one else has access to your iPhone is important. With iPhone 5s, getting into your phone is faster, easier, and even a little futuristic. Introducing Touch ID — a new fingerprint identity sensor.

    Put your finger on the Home button, and just like that your iPhone unlocks. It’s a convenient and highly secure way to access your phone. Your fingerprint can also approve purchases from iTunes Store, the App Store, and the iBooks Store, so you don’t have to enter your password. And Touch ID is capable of 360-degree readability. Which means no matter what its orientation — portrait, landscape, or anything in between — your iPhone reads your fingerprint and knows who you are. And because Touch ID lets you enroll multiple fingerprints, it knows the people you trust, too.

    I mean, it's not like someone could get your fingerprint off of your touch screen based interface, right?

    Semi-seriously, though, does this seem grossly insecure to anyone else? Is there something that I'm missing here, or this idea as fucking dumb as it seems? Using a fingerprint as a single-factor authentication system seems bordering on criminally negligent to me.


  • Considered Harmful

    @mikeTheLiar said:

    @apple.com said:


    You check your iPhone dozens and dozens of times a day, probably more. Entering a passcode each time just slows you down. But you do it because making sure no one else has access to your iPhone is important. With iPhone 5s, getting into your phone is faster, easier, and even a little futuristic. Introducing Touch ID — a new fingerprint identity sensor.

    Put your finger on the Home button, and just like that your iPhone unlocks. It’s a convenient and highly secure way to access your phone. Your fingerprint can also approve purchases from iTunes Store, the App Store, and the iBooks Store, so you don’t have to enter your password. And Touch ID is capable of 360-degree readability. Which means no matter what its orientation — portrait, landscape, or anything in between — your iPhone reads your fingerprint and knows who you are. And because Touch ID lets you enroll multiple fingerprints, it knows the people you trust, too.

    I mean, it's not like someone could get your fingerprint off of your touch screen based interface, right?

    Semi-seriously, though, does this seem grossly insecure to anyone else? Is there something that I'm missing here, or this idea as fucking dumb as it seems? Using a fingerprint as a single-factor authentication system seems bordering on criminally negligent to me.

    1) I have some weird paranoia that I'm going to lose a finger or an eyeball - or get some scar that fucks up the pattern - and get locked out of biometric systems.
    2) I'd rather not bother with a passcode on my phone at all, but my work email won't allow me to sync without one. The fingerprint thing seems like it would remove this hassle for me. Apps like OnePassword still require my passphrase.
    3) Side-WTF, same work policy that requires the passcode mandates that the device completely wipe itself after five invalid attempts.


  • Well, it's not like Android is any better.

    Obviously, if you really care about the security of your phone, you will still be using a passphrase (I mean, they do allow it, right?) - but for simply locking your phone so that your kid won't see all those nude photos of yourself, it's fine enough.



  • @joe.edwards said:

    1) I have some weird paranoia that I'm going to lose a finger or an eyeball - or get some scar that fucks up the pattern - and get locked out of biometric systems.

    I didn't even think of that possibility. Has Minority Report taught us nothing?
    @joe.edwards said:
    2) I'd rather not bother with a passcode on my phone at all, but my work email won't allow me to sync without one. The fingerprint thing seems like it would remove this hassle for me. Apps like OnePassword still require my passphrase.

    Work email won't sync without a passcode on your phone? That seems a little...over-zealous, shall we say? Is your work confidential/otherwise security-heavy?
    @joe.edwards said:
    3) Side-WTF, same work policy that requires the passcode mandates that the device completely wipe itself after five invalid attempts.

    So basically anyone with kids is screwed.


  • Discourse touched me in a no-no place

    @Maciejasjmj said:

    Well, it's not like Android is any better.

    Obviously, if you really care about the security of your phone, you will still be using a passphrase (I mean, they do allow it, right?) - but for simply locking your phone so that your kid won't see all those nude photos of yourself, it's fine enough.

    Isn't that why you wipe the screen periodically?  Just in case, I lay down false trail smudges.



  • @Maciejasjmj said:

    Well, it's not like Android is any better.

    Obviously, if you really care about the security of your phone, you will still be using a passphrase (I mean, they do allow it, right?) - but for simply locking your phone so that your kid won't see all those nude photos of yourself, it's fine enough.

    Reports differ. Assuming you wipe your screen off.


  • @mikeTheLiar said:

    I mean, it's not like someone could get your fingerprint off of your touch screen based interface, right?

    Semi-seriously, though, does this seem grossly insecure to anyone else? Is there something that I'm missing here, or this idea as fucking dumb as it seems? Using a fingerprint as a single-factor authentication system seems bordering on criminally negligent to me.

    You really think that your fingerprint is less secure than a password?  It's one-factor authentication either way.  On Apple, 99% use a 4-digit PIN.  (You can update it to use a regular password, as I have done... hard to type, though.)  For the people who are really worried about security, I'm sure you can also specify a passcode.

    @joe.edwards said:

    1) I have some weird paranoia that I'm going to lose a finger or an eyeball - or get some scar that fucks up the pattern - and get locked out of biometric systems.
    So either put ALL your fingers in as pass-fingers, or I'd be surprised if it didn't also let you put a different password on it.

    @joe.edwards said:

    3) Side-WTF, same work policy that requires the passcode mandates that the device completely wipe itself after five invalid attempts.
    Anyone with a code, that works at his work, and lets the kid play with the phone...



  • @mikeTheLiar said:

    Reports differ. Assuming you wipe your screen off.

    Well, if you wipe your screen off, you don't really have to worry about fingerprints that much either. At least I think it would take a bit more than a Toys-R-Us fingerprint kit.



  • @Maciejasjmj said:

    @mikeTheLiar said:
    Reports differ. Assuming you wipe your screen off.

    Well, if you wipe your screen off, you don't really have to worry about fingerprints that much either. At least I think it would take a bit more than a Toys-R-Us fingerprint kit.

    I don't bother to wipe the back of my phone. Really, I only wipe off the pattern because my screen's all smudged up and that drive me crazy.


  • @mikeTheLiar said:

    @joe.edwards said:
    1) I have some weird paranoia that I'm going to lose a finger or an eyeball - or get some scar that fucks up the pattern - and get locked out of biometric systems.

    I didn't even think of that possibility. Has Minority Report taught us nothing?
    @joe.edwards said:
    2) I'd rather not bother with a passcode on my phone at all, but my work email won't allow me to sync without one. The fingerprint thing seems like it would remove this hassle for me. Apps like OnePassword still require my passphrase.

    Work email won't sync without a passcode on your phone? That seems a little...over-zealous, shall we say? Is your work confidential/otherwise security-heavy?
    @joe.edwards said:
    3) Side-WTF, same work policy that requires the passcode mandates that the device completely wipe itself after five invalid attempts.

    So basically anyone with kids is screwed.

    I've got a blackberry (yes, a WTF on its own) that does that. After too many invalid attempts it asks you to type "blackberry" before your next attempt. To defeat exactly that. I managed to find out once after I took my phone out of my pocket...



  • @mikeTheLiar said:

    Work email won't sync without a passcode on your phone? That seems a little...over-zealous, shall we say? Is your work confidential/otherwise security-heavy?

    I would think that's corporate standard, no matter what industry you're in.

    In any case, it's built into ActiveSync to require a level of security (or none at all) before a device can sync.

    Admission: My phone unlock is the same as my voicemail is the same as my ATM card PIN (origin was my high school student ID)



  • @joe.edwards said:

    2) I'd rather not bother with a passcode on my phone at all, but my work email won't allow me to sync without one. The fingerprint thing seems like it would remove this hassle for me. Apps like OnePassword still require my passphrase.
    3) Side-WTF, same work policy that requires the passcode mandates that the device completely wipe itself after five invalid attempts.
     

    I'd rather not bother with a passcode either, but my pocket insists on sending messages to people on my contacts list. Unlocking pattern is simple enough for that.

    My job email won't test for a passcode, but they want the option of resetting my phone at any time, thus I don't receive work email in my phone.



  •  @joe.edwards said:

    3) Side-WTF, same work policy that requires the passcode mandates that the device completely wipe itself after five invalid attempts.

    Filed under: You can completely erase the contents of my phone with less than a minute of random tapping on the number pad.

    An erased phone is a secure phone.



  • @Nexzus said:

    ActiveSync

    Damn, your phone must be old.

    Well, still better than iTunes I guess.



  • @Evo said:

    I've got a blackberry (yes, a WTF on its own)

    How is that a WTF? Blackberry is having a rough time but at the moment there is no more secure product on the market for enterprise customers. I don't understand why one of the other big players did not grab them (say, instead of Nokia) and use their platform to enter the corporate world by the front door.



  • Personally, I wouldn't worry too much about the security. I'd just treat it as a very simple lock (enough to keep out a random idiot with no technical knowledge) and a better way of avoiding pocket-dialing than a simple button.



    The flaw that does immediately come to mind is reliability. Even if you haven't cut your finger, fingerprint readers are never reliable. I had to use one to sign in every day at one job and it took an average of 10 swipes before it'd recognize anyone. How annoying would that be when your phone just refuses to unlock? Even worse if you manage to damage the reader. Apparently Apple is putting some type of scratch-resistant cover on it, but that doesn't mean it's indestructible.



    Pretty much the only thing fingerprint readers are any good for is decoration.

    @joe.edwards said:

    Side-WTF, same work policy that requires the passcode mandates that the device completely wipe itself after five invalid attempts.
    That'd be pretty amazing on either of the Android phones I've owned. They love to get into a state where the touch screen registers a single swipe as a series of rapid touches. I suspect it has to do with humidity and moisture either on the screen or my finger, but wiping both down thoroughly doesn't help much. If there's even the slightest invisible bit of crud on the screen it also tends to register a lot of random touches after removing my finger. The end result of that is that a single attempt to unlock the phone registers 5-10 failed unlock attempts. (Then of course there's the cases where it gets turned on in your pocket, or a kid grabs it, etc.)



    Interestingly I think Google and/or Motorola knew this was an issue, because the older phone would lock you me entirely for 30 seconds after 5 failed attempts. but the newer one doesn't. I'm not sure who to thank for that change.



  • @mikeTheLiar said:

    Semi-seriously, though, does this seem grossly insecure to anyone else? Is there something that I'm missing here, or this idea as fucking dumb as it seems? Using a fingerprint as a single-factor authentication system seems bordering on criminally negligent to me.
    Not that unusual, actually. I had a Thinkpad with a fingerprint reader that was linked to the TPM and could log into Windows; if you forgot your fingerprint you could always type the password instead. It's frankly not that much worse than a password as single-factor (and can't be entered remotely).


  • Discourse touched me in a no-no place

    @Maciejasjmj said:

    [Android] Obviously, if you really care about the security of your phone, you will still be using a passphrase (I mean, they do allow it, right?)

    Yes, but it's restricted to IIRC 16 characters :/ (Not sure if it's a restriction on the encryption aspect of it, or just an arbitrary limit.)



  • @mikeTheLiar said:

    I'd rather not bother with a passcode on my phone at all, but my work email won't allow me to sync without one.
    AFAIK, you can use a 3rd-party mail client to work around that (the mail client will still require a PIN, but it won't affect the rest of the phone).
    @anonymous235 said:
    Damn, your phone must be old.
    ActivSync is the protocol Exchange uses for mobile e-mail.



  •  The real WTF here is that nobady has noticed thth this App dosentrealy scan your finger print. It cant a touch screen does not have the resolution!



  •  go home ipguru, you're drunk



  • @Nexzus said:

    In any case, it's built into ActiveSync to require a level of security (or none at all) before a device can sync.

    <pedant>

    The activesync client supports an activesync server requiring a set of security options (and those options can be suprisingly complex, down to enforcing application blacklists, or requiring full filesystem encryption on the device), but it's not a requirement. If an activesync server doesn't set those options then the client doesn't require them.

     </pedant>

     



  • Oh, Apple is going in a new design direction eh? Well this could be interest...

    WTF IS THIS SHIT?



  • @Zadkiel said:

    @Nexzus said:

    In any case, it's built into ActiveSync to require a level of security (or none at all) before a device can sync.

    <pedant>

    The activesync client supports an activesync server requiring a set of security options (and those options can be suprisingly complex, down to enforcing application blacklists, or requiring full filesystem encryption on the device), but it's not a requirement. If an activesync server doesn't set those options then the client doesn't require them.

     </pedant>

     

     

    Bleh, and of course, after the post delete timer has expired, I notice the 'or none at all' part of your post which shows you knew that already. That'll teach me to try and be a smart-ass.

     



  • @Sutherlands said:

    @joe.edwards said:
    1) I have some weird paranoia that I'm going to lose a finger or an eyeball - or get some scar that fucks up the pattern - and get locked out of biometric systems.
    So either put ALL your fingers in as pass-fingers, or I'd be surprised if it didn't also let you put a different password on it.

    And for a backup, simply cut off one of your fingers and keep it in a refrigerated fire-proof safe at home!



  • Considered Harmful

    @mikeTheLiar said:

    @joe.edwards said:
    2) I'd rather not bother with a passcode on my phone at all, but my work email won't allow me to sync without one. The fingerprint thing seems like it would remove this hassle for me. Apps like OnePassword still require my passphrase.

    Work email won't sync without a passcode on your phone? That seems a little...over-zealous, shall we say? Is your work confidential/otherwise security-heavy?

    There are business units of my employer that do defense contracts and the like; but I'm just the tech lead of the marketing/communications unit. I don't see much of anything confidential except maybe business plans and upcoming products.



  • @joe.edwards said:

    @mikeTheLiar said:
    @joe.edwards said:
    2) I'd rather not bother with a passcode on my phone at all, but my work email won't allow me to sync without one. The fingerprint thing seems like it would remove this hassle for me. Apps like OnePassword still require my passphrase.
    Work email won't sync without a passcode on your phone? That seems a little...over-zealous, shall we say? Is your work confidential/otherwise security-heavy?
    There are business units of my employer that do defense contracts and the like; but I'm just the tech lead of the marketing/communications unit. I don't see much of anything confidential except maybe business plans and upcoming products.
     

    It's not only about the confidentiality of your email, it's also about the damage you can do with the access.

    After a night at the pub, 8 pints in, Tom goes to the loo and leaves his mobile on the table. His 'mate' Andy, the practical joker, decides it would be HILARIOUS to reply to an email on his phone from a major client telling them they are a C*nt.

    Do you lock your work computer when you are away from it? Does it auto-lock after a certain amount of time? Why shouldn't a phone be treated the same.

     


  • Discourse touched me in a no-no place

    @Zadkiel said:

    Do you lock your work computer when you are away from it? Does it auto-lock after a certain amount of time?
    I've trained mine to go in a sulk if I get too far from it for too long.


  • Considered Harmful

    @Zadkiel said:

    @joe.edwards said:

    @mikeTheLiar said:
    @joe.edwards said:
    2) I'd rather not bother with a passcode on my phone at all, but my work email won't allow me to sync without one. The fingerprint thing seems like it would remove this hassle for me. Apps like OnePassword still require my passphrase.

    Work email won't sync without a passcode on your phone? That seems a little...over-zealous, shall we say? Is your work confidential/otherwise security-heavy?

    There are business units of my employer that do defense contracts and the like; but I'm just the tech lead of the marketing/communications unit. I don't see much of anything confidential except maybe business plans and upcoming products.
     

    It's not only about the confidentiality of your email, it's also about the damage you can do with the access.

    After a night at the pub, 8 pints in, Tom goes to the loo and leaves his mobile on the table. His 'mate' Andy, the practical joker, decides it would be HILARIOUS to reply to an email on his phone from a major client telling them they are a C*nt.

    Do you lock your work computer when you are away from it? Does it auto-lock after a certain amount of time? Why shouldn't a phone be treated the same.

     

    Except Andy watched Tom unlock his phone six times prior that night and knows Tom's passcode.

    I had my phone stolen once by a high school kid who said he needed to call his mom to get a ride home. I unlocked it for him, put it on the dial pad screen, and he pretended to make a phone call. One minute later he took off running.

    He got away with it.



  • @Maciejasjmj said:

    @mikeTheLiar said:
    Reports differ. Assuming you wipe your screen off.

    Well, if you wipe your screen off, you don't really have to worry about fingerprints that much either. At least I think it would take a bit more than a Toys-R-Us fingerprint kit.

     Yeah. You have to know how to make gummi candy, too



  • @mikeTheLiar said:


    I mean, it's not like someone could get your fingerprint off of your touch screen based interface, right?

    It's not like someone could watch you type in your password... oh wait.


  • @taustin said:

    @Maciejasjmj said:
    @mikeTheLiar said:
    Reports differ. Assuming you wipe your screen off.

    Well, if you wipe your screen off, you don't really have to worry about fingerprints that much either. At least I think it would take a bit more than a Toys-R-Us fingerprint kit.

     Yeah. You have to know how to make gummi candy, too

    That's like Mission: Impossible (the series)...

    @Linked article said:

    "After [the reader] lets you in, eat the evidence" BT chief technology officer Bruce Schneier said of the so-called Gummi Bear attack



  • @lolwtf said:

    That'd be pretty amazing on either of the Android phones I've owned. They love to get into a state where the touch screen registers a single swipe as a series of rapid touches. I suspect it has to do with humidity and moisture either on the screen or my finger, but wiping both down thoroughly doesn't help much. If there's even the slightest invisible bit of crud on the screen it also tends to register a lot of random touches after removing my finger. The end result of that is that a single attempt to unlock the phone registers 5-10 failed unlock attempts. (Then of course there's the cases where it gets turned on in your pocket, or a kid grabs it, etc.)

    Interestingly I think Google and/or Motorola knew this was an issue, because the older phone would lock you me entirely for 30 seconds after 5 failed attempts. but the newer one doesn't. I'm not sure who to thank for that change.
    That has nothing to do with being Andriod phones, and everything to do with Google and/or Motorola having chosen to use touch screen controller chips from the wrong company. By sheer coincidence, I sat through a presentation today that included illustrations on this exact topic.



  • @HardwareGeek said:

    By sheer coincidence, I sat through a presentation today that included illustrations on this exact topic.

    There is a name for that


  • Discourse touched me in a no-no place

    @lolwtf said:

    @joe.edwards said:
    Side-WTF, same work policy that requires the passcode mandates that the device completely wipe itself after five invalid attempts.
    That'd be pretty amazing on either of the Android phones I've owned. They love to get into a state where the touch screen registers a single swipe as a series of rapid touches. I suspect it has to do with humidity and moisture either on the screen or my finger, but wiping both down thoroughly doesn't help much. If there's even the slightest invisible bit of crud on the screen it also tends to register a lot of random touches after removing my finger. The end result of that is that a single attempt to unlock the phone registers 5-10 failed unlock attempts. (Then of course there's the cases where it gets turned on in your pocket, or a kid grabs it, etc.)



    Interestingly I think Google and/or Motorola knew this was an issue, because the older phone would lock you me entirely for 30 seconds after 5 failed attempts. but the newer one doesn't. I'm not sure who to thank for that change.

    Interesting. Perhaps it's a flaw in Moto's hardware? I've owned an HTC and a Samsung Android phone and never seen anything like that. I actually use a pattern lock because I think it's a bit easier than a PIN.


  • Discourse touched me in a no-no place

    @Zadkiel said:

    @joe.edwards said:

    @mikeTheLiar said:
    @joe.edwards said:
    2) I'd rather not bother with a passcode on my phone at all, but my work email won't allow me to sync without one. The fingerprint thing seems like it would remove this hassle for me. Apps like OnePassword still require my passphrase.

    Work email won't sync without a passcode on your phone? That seems a little...over-zealous, shall we say? Is your work confidential/otherwise security-heavy?

    There are business units of my employer that do defense contracts and the like; but I'm just the tech lead of the marketing/communications unit. I don't see much of anything confidential except maybe business plans and upcoming products.
     

    It's not only about the confidentiality of your email, it's also about the damage you can do with the access.

    After a night at the pub, 8 pints in, Tom goes to the loo and leaves his mobile on the table. His 'mate' Andy, the practical joker, decides it would be HILARIOUS to reply to an email on his phone from a major client telling them they are a C*nt.

    Do you lock your work computer when you are away from it? Does it auto-lock after a certain amount of time? Why shouldn't a phone be treated the same.

     

    My boss at one place thought it was hilarious to send out an "I Quit!" email to everyone in the department if he found your screen unlocked. That cured me of it. The place I work now people sometimes ask me, and I tell 'em the story and just say it's a habit I don't see it as worth breaking.

    I actually managed to pull that prank on him once. It was pretty awesome.


  • Discourse touched me in a no-no place

    @English Man said:

    @mikeTheLiar said:


    I mean, it's not like someone could get your fingerprint off of your touch screen based interface, right?

    It's not like someone could watch you type in your password... oh wait.

    That's probably an argument for a pattern lock. I wouldn't type my pin or draw the pattern where someone could see it for whom I didn't have a modicum of trust.


  • Discourse touched me in a no-no place

    @Mcoder said:

    @joe.edwards said:

    2) I'd rather not bother with a passcode on my phone at all, but my work email won't allow me to sync without one. The fingerprint thing seems like it would remove this hassle for me. Apps like OnePassword still require my passphrase.

    3) Side-WTF, same work policy that requires the passcode mandates that the device completely wipe itself after five invalid attempts.
     

    I'd rather not bother with a passcode either, but my pocket insists on sending messages to people on my contacts list. Unlocking pattern is simple enough for that.

    My job email won't test for a passcode, but they want the option of resetting my phone at any time, thus I don't receive work email in my phone.

    Who still makes a phone in this day and age that doesn't have a lock?! On my last three phones, you had to physically press a hardware button to wake up the screen. That essentially eliminates butt dialing. Before that I had flip phones, which make it even harder to butt dial. Hell, even the cheapassiest Nokia dumb phones I've ever had required a two-key unlock sequence.


  • Discourse touched me in a no-no place

    @English Man said:

    It's not like someone could watch you type in your password... oh wait.
    Depends on how complicated it is. (three numbers, two specials and 11 letters don't take that long to type in, especially when you've been doing it a while and your muscle memory's got a hold of it.)


  • Discourse touched me in a no-no place

    @PJH said:

    Depends on how complicated it is. (three numbers, two specials and 11 letters don't take that long to type in, especially when you've been doing it a while and your muscle memory's got a hold of it.)
    Touch screen “keyboards” on phones and tablets are a very different thing to actual physical keyboards. The usual way to compensate for the problems and accelerate input is to put a predictive text engine processing the output of the “keyboard” as if it was an input method processor and to use that to clean up the input before handing it on to the app; that's precisely what you don't want with password entry.


  • Discourse touched me in a no-no place

    @dkf said:

    [spell-correctors for OSKs] that's precisely what you don't want with password entry.
    Which is why it doesn't happen for password entry fields. At least on my phone it doesn't.


  • Discourse touched me in a no-no place

    @PJH said:

    @dkf said:
    [spell-correctors for OSKs] that's precisely what you don't want with password entry.
    Which is why it doesn't happen for password entry fields. At least on my phone it doesn't.
    Yes, but that in turn means you've got to lay out the keyboard for that use differently, with more space per key. That in turn makes it easier for someone else to shoulder-surf.


  • Discourse touched me in a no-no place

    @dkf said:

    @PJH said:
    @dkf said:
    [spell-correctors for OSKs] that's precisely what you don't want with password entry.
    Which is why it doesn't happen for password entry fields. At least on my phone it doesn't.
    Yes, but that in turn means you've got to lay out the keyboard for that use differently, with more space per key.
    No. It doesn't. It really doesn't. The keyboard on my phone is no different when used for normal text entry than it is for password entry:





  • @PJH said:

    The keyboard on my phone is no different when used for normal text entry than it is for password entry: [pic of dvorak phone keyboard]

    Why would you use dvorak on your phone?


  • Discourse touched me in a no-no place

    @locallunatic said:

    Why would you use dvorak on your phone?
    Alternation.


Log in to reply