With apples home button problems would putting a finger print scanner under the home button be a good thing? I think putting it on the side of the phone would be a better option. Think of how you hold the phone when you look at it. all you would have to do is press it on the side with your thumb and it would unlock the phone.
As your fingerprint vectors would never leave the phone, there would be no chance of building dictionaries of them on the web.
That's really where the concern is over biometrics though. If someone either compromised a phone or persuaded you to use a hacked device, they could get hold of the source data from the scan, which is like a master key. They can inject the data directly into the hardware to unlock it. After stealing a phone, they could even replace the home button with a hacked one or maybe plug something in the Lightning port that works with a copy of a fingerprint and doesn't require a finger.
Even if the encryption process just sampled a portion of the scan to use as the encryption key, the verification program would have to ask for that pattern during another scan.
I think people have learned over the years that having a static master key is not a good idea. Obviously it can be made very difficult to get to but they'd probably have to encrypt data on the sensor itself and make that encryption unique to each button so that replacing the home button couldn't send the same data but they can't do this because breaking your home button would leave the device inaccessible.
That means every sensor has to output the same data and people can figure out how to replicate that. I think it's still better than a passcode unlock but not for all remote authentication. I prefer the idea of renewable keys because even if a vulnerability is found, you can update them.
Seems to make more sense on the screen. Reads your fingerprint when you swipe to unlock. If it can't read the fingerprint for some reason (wearing winter touchscreen-compatible gloves maybe) the traditional keypad appears asking for your pin.
uh fingerprint sensor ??? Where is your NFC, iPhone?
Well, Apple has been working on the FIngerprint ID technology and it takes a while. Do you not understand R&D takes time that they first have to buy the company, merge together and then being the development cycle.
NFC? Well, there are probably 2 or 3 valid reasons.
1. Charlie Miller, a well known hacker, has hacked NFC phones, and it's been in the process of getting patched, but not all phones have been patched. While you might feel this is old news, Apple might have decided to wait for them to get a better handle on NFC and if it is really that secure and needed. Your average smartphone probably doesn't know if their phone has an NFC chip, if they do most average users probably couldn't tell you what it does, and if they could they probably haven't used it, or it they have it's probably not that big of a deal where they actually use it on a daily basis. My guess is only phone geeks know and maybe use it, which is s small percentage of the population. Just because you know about doesn't mean everyone else does.
2. Apple might be waiting for a new chip out of Qualcomm, which is supposed to have it integrated and that chip wasn't available to use until after the iPhone 5 was ready to get announced.
3. It's still not widely used or at least not 6 months ago when they were finalizing the iPhone 5, so Apple probably left it out to get passbook because that's something they'd rather push because they can update pre-existing phones to use it.
THere might be other reasons, but these are the three obvious ones I can think of.
I'm sure when Apple feels it's ready for them to announce it, they will, because it's technology that might not be that important as SOME might think.
This is purely MY opinion, if you want more clarification, go ask Apple.
I may need to see an eye doctor, but where do you guys see in this article any reference to replacing username/passwords anywhere outside of an iPhone? The writer is suggesting that Apple will put this AuthenTec sensor under the home button and that is highly possible. He is not even going beyond the Apple apps, which I think he should. All apps that would need any sort of authentication (banks/subscriptions/etc.) should work with this sensor.
Another great feature I'd love to see come to Passbook are loyalty cards. I have a billion of those that get lost in my wallet or i just don't have at the time i'm in a store that I'd love for Apple to take initiative with.
That's really where the concern is over biometrics though. If someone either compromised a phone or persuaded you to use a hacked device, they could get hold of the source data from the scan, which is like a master key. They can inject the data directly into the hardware to unlock it. After stealing a phone, they could even replace the home button with a hacked one or maybe plug something in the Lightning port that works with a copy of a fingerprint and doesn't require a finger.
Unless the biometrics is used as part of a multi factor authentication system.
Fingerprint, voice or face recognition plus a passcode is a lot more secure than any single one.
But many folks don't like biometrics so meh but given I don't want to carry anything else to use my phone it's probably the only option if you want to go two-factor.
Quote:
I think people have learned over the years that having a static master key is not a good idea. Obviously it can be made very difficult to get to but they'd probably have to encrypt data on the sensor itself and make that encryption unique to each button so that replacing the home button couldn't send the same data but they can't do this because breaking your home button would leave the device inaccessible.
Nah. The device can provide the button with it's public key to encrypt data to send to the device.
Again, You totally missed my point. I don't want Passbook AND a vendor app. Passbook should be THE app to store that crap. Currently you have to have Passbook and every other F@*^@King app to go with it. That's just stupid and a waste of my storage space. I'm so sick of people saying, "there'a an App for that!". I don't want MORE apps, I want simplicity. That's what Passbook was marketed as, and it doesn't work that way. It doesn't eliminate all the other crap apps you have to download to use passbook. It's Crap, It sucks and I refuse to use it!
you must have hacked your phone, because that setting is not on a US iPhone. Or at least it's not a Native/Standard App setting.
It's not a hack, it was a free app, FileSystem, but it's not in the store anymore. It's pretty useless, as it only shows the directory structure. For geeks still cool though...
Lenovo laptops have had fingerprint sensors built in for the past 7 or 8 years, and they range on any given day from great to terrible and frustrating, depending on how finicky the sensor and or software can be, to how sweaty your hands are, to if you've got a scratch on your finger, to the relative humidity in the room you're in.
Unlocking the phone with a 4-digit pin is quick. Using a fingerprint sensor is very slightly quicker. Trying the fingerprint sensor unsuccessfully 4 or 5 times before giving up, selecting "use pincode" and typing the 4-digit pincode once every 10-100 tries is irritating enough to turn the feature off. Think Windows Vista security irritating.
There are a number of android phones out today that use finger print scanners. That said, the implementation i used recently had a scanner on the power/wake button. It was notoriously frustrating to use. Hopefully apple will have a better implementation.
Comments
dup. please delete
Originally Posted by jason98
The home button is an archaism.
Complete nonsense.
The era of edge-to-edge button-less design is coming and nothing can stop it.
Common sense will.
With apples home button problems would putting a finger print scanner under the home button be a good thing? I think putting it on the side of the phone would be a better option. Think of how you hold the phone when you look at it. all you would have to do is press it on the side with your thumb and it would unlock the phone.
That's really where the concern is over biometrics though. If someone either compromised a phone or persuaded you to use a hacked device, they could get hold of the source data from the scan, which is like a master key. They can inject the data directly into the hardware to unlock it. After stealing a phone, they could even replace the home button with a hacked one or maybe plug something in the Lightning port that works with a copy of a fingerprint and doesn't require a finger.
Even if the encryption process just sampled a portion of the scan to use as the encryption key, the verification program would have to ask for that pattern during another scan.
I think people have learned over the years that having a static master key is not a good idea. Obviously it can be made very difficult to get to but they'd probably have to encrypt data on the sensor itself and make that encryption unique to each button so that replacing the home button couldn't send the same data but they can't do this because breaking your home button would leave the device inaccessible.
That means every sensor has to output the same data and people can figure out how to replicate that. I think it's still better than a passcode unlock but not for all remote authentication. I prefer the idea of renewable keys because even if a vulnerability is found, you can update them.
Quote:
Originally Posted by sirdir
Please don't. Fingerprint readers are just a nuisance.
Just like everything else Apple would give you the option to use it or not use it.
Quote:
Originally Posted by Ricardo Dawkins
uh fingerprint sensor ??? Where is your NFC, iPhone?
Well, Apple has been working on the FIngerprint ID technology and it takes a while. Do you not understand R&D takes time that they first have to buy the company, merge together and then being the development cycle.
NFC? Well, there are probably 2 or 3 valid reasons.
1. Charlie Miller, a well known hacker, has hacked NFC phones, and it's been in the process of getting patched, but not all phones have been patched. While you might feel this is old news, Apple might have decided to wait for them to get a better handle on NFC and if it is really that secure and needed. Your average smartphone probably doesn't know if their phone has an NFC chip, if they do most average users probably couldn't tell you what it does, and if they could they probably haven't used it, or it they have it's probably not that big of a deal where they actually use it on a daily basis. My guess is only phone geeks know and maybe use it, which is s small percentage of the population. Just because you know about doesn't mean everyone else does.
2. Apple might be waiting for a new chip out of Qualcomm, which is supposed to have it integrated and that chip wasn't available to use until after the iPhone 5 was ready to get announced.
3. It's still not widely used or at least not 6 months ago when they were finalizing the iPhone 5, so Apple probably left it out to get passbook because that's something they'd rather push because they can update pre-existing phones to use it.
THere might be other reasons, but these are the three obvious ones I can think of.
I'm sure when Apple feels it's ready for them to announce it, they will, because it's technology that might not be that important as SOME might think.
This is purely MY opinion, if you want more clarification, go ask Apple.
CardStar?
http://www.cardstar.com/
It's been around for years...
Sure it does; it's in /Library/Keychains, just where one would expect it to be:
Quote:
Originally Posted by Marvin
That's really where the concern is over biometrics though. If someone either compromised a phone or persuaded you to use a hacked device, they could get hold of the source data from the scan, which is like a master key. They can inject the data directly into the hardware to unlock it. After stealing a phone, they could even replace the home button with a hacked one or maybe plug something in the Lightning port that works with a copy of a fingerprint and doesn't require a finger.
Unless the biometrics is used as part of a multi factor authentication system.
Fingerprint, voice or face recognition plus a passcode is a lot more secure than any single one.
But many folks don't like biometrics so meh but given I don't want to carry anything else to use my phone it's probably the only option if you want to go two-factor.
Quote:
I think people have learned over the years that having a static master key is not a good idea. Obviously it can be made very difficult to get to but they'd probably have to encrypt data on the sensor itself and make that encryption unique to each button so that replacing the home button couldn't send the same data but they can't do this because breaking your home button would leave the device inaccessible.
Nah. The device can provide the button with it's public key to encrypt data to send to the device.
Quote:
Originally Posted by PhilBoogie
Sure it does; it's in /Library/Keychains, just where one would expect it to be:
you must have hacked your phone, because that setting is not on a US iPhone. Or at least it's not a Native/Standard App setting.
Quote:
Originally Posted by Michael Scrip
CardStar?
http://www.cardstar.com/
It's been around for years...
Never heard of them but it appears Cardstar does everything I wish Passbook did. Its rated 4 stars at the App Store too.
Quote:
Originally Posted by Michael Scrip
CardStar?
http://www.cardstar.com/
It's been around for years...
Great, another f#@king App. That's all I want...you totally missed my point. Native man...
Quote:
Originally Posted by SockRolid
The AMC app works exactly like that. You should try it. It's free.
Come to think of it, Starbucks and Fandango do too. Right there in Passbook.
In fact, Apple's iOS 6 page has all the details that you've apparently missed:
Here ya go. Enlighten yourself: http://www.apple.com/ios/whats-new/#passbook
Again, You totally missed my point. I don't want Passbook AND a vendor app. Passbook should be THE app to store that crap. Currently you have to have Passbook and every other F@*^@King app to go with it. That's just stupid and a waste of my storage space. I'm so sick of people saying, "there'a an App for that!". I don't want MORE apps, I want simplicity. That's what Passbook was marketed as, and it doesn't work that way. It doesn't eliminate all the other crap apps you have to download to use passbook. It's Crap, It sucks and I refuse to use it!
It's not a hack, it was a free app, FileSystem, but it's not in the store anymore. It's pretty useless, as it only shows the directory structure. For geeks still cool though...
Unlocking the phone with a 4-digit pin is quick. Using a fingerprint sensor is very slightly quicker. Trying the fingerprint sensor unsuccessfully 4 or 5 times before giving up, selecting "use pincode" and typing the 4-digit pincode once every 10-100 tries is irritating enough to turn the feature off. Think Windows Vista security irritating.
Fingerprint sensors were not practicle/useless on PDAs, PDA phones and PCs! Will it be different on the iphone??