You're aware of course that sapphire doesn't necessarily mean jewellery, but is often used because it is really clear compared to most glass alternatives (clearer than silicon glass if I recall actually) while being harder and more scratch resistant. The iPhone already uses sapphire glass in the camera casing for this reason.
Years ago Mythbusters did an episode on such security. Bypassing the fingerprint scanner, which the vendor said had never been bypassed, was easily bypassed. This super advanced sensors also measured if the finger was alive but licking the finger made of the user's fingerprint was enough to fool the device. I don't know more modern devices measure blood pressure but I bet they can be fooled by simulating the same pressure found in humans (it can't be the same as when the scan was input as this varies) or use whatever method it uses (e.g.: sound, radio, etc.) to mimic the same resistance as with blood within a certain range of pressure. There are just too many technologies that mimic human blood and tissue that I don't think any biometric will be hard to bypass. I bet that any biometric Apple adds will be bypassed in less time than it takes to jailbreak the next iOS version.
I was already wondering what would happen if you put the bleeding end in your mouth, sealed with lips and held with teeth and increased the pressure each second ... then put the thought out of my mind and grabbed my coffee...
Concerning the sapphire crystal, it would be good if they could cover the whole front of the phone with it for durability and it would be seamless. One thing I don't like about the physical home button is the inconsistency with the feel. Some buttons are harder to press than others and broken ones make the phone or iPad pretty much unusable. There would have to be a difference in how it's pressed. Swipe left/right could be back/forward (to help with the back button placement), swipe down to go home, swipe up for multi-tasking. Tap-hold can also be home and double-tap can be Siri.
Not that I don't want the whole front of the phone to be sapphire crystal, but you don't want the front to be seamless. Well, you want the home button to be recessed, which would make it far more tricky making the entire front in one piece. This is so you can feel for the button. All that gesture nonsense would be exactly that on a iOS device bezel. The current solution certainly has it's failure rates, and there is perhaps a better solution, but gesturing around the bottom bezel is not it. It's not a good experience and totally unintuitive. Perhaps for now at least, a better engineered, more reliable home button might be the best solution of all. Yes, a home button that doesn't move would basically never fail, but that doesn't mean it's a better user experience in use. It might be a bad experience in use, with accidental presses happening too often, and the lack of a positive click to reinforce the buttons use might make it a terrible idea. Perhaps a sound plus a particular simultaneous vibration might suffice in place of the current button movement plus a physical click? Perhaps, but it doesn't feel like it would. I don't know, this is a deceptively difficult problem to solve. Gestures are not the answer, I know that much.
The New York mayor is already complaining about high crime on stolen high tech smartphones, and now putting sapphire on it? Apple, one day the Newyorkers will sue you of being a high tech company.
If the home button ceases to be a physical button, this will be the boldest move since the introduction of the iPhone. There's just something inherently satisfying, and confidence inducing, and actually having the button depress. I despise capacitive buttons. If Apple can figure out a way to give a decent amount of feedback while preventing accidental usage, then I agree, it would be an improvement. But the current button is definitely a major part of the iPhone's intuitiveness.
Agree. I have played with many Android phones and I have never "got" the capacitive buttons. They are not only horrible to use, I think they qualify as "bad design."
It's a separate button but it's is part of a unified assembly containing the screen and almost indistinguishable from it. It needs to be separate from the screen and easily activated to work but contains no clear visual or tactile clues as to it's location or boundaries and gives no feedback on it's state to the user. How is that good?
When the iPhone first arrived all the critics were going crazy about how it lacked tactile feedback and how this was such a huge problem. Yet perversely, these same critics *love* the capacitive buttons on Android devices, because ....?
A good "button" (virtual, physical or otherwise), needs to be:
- easily locatable with defined boundaries
- have "glanceable" state information
- reliable function (do the same thing always)
- give feedback to the user on it's action and it's state.
- be difficult to actuate by mistake
The capacitive buttons in Android fail on all of these tests.
It might be possible to recreate a rubber finger from a fingerprint that can fool that type of scanner but it shouldn't be as simple as the Mythbuster's tests. It doesn't really matter though because important authentication should be combined with a changeable key anyway. The scanner is just a convenient way to unlock the phone. If someone stole the phone, maybe they'd have the equipment to lift prints from the glass and then recreate a finger from it to then unlock the device but it's not likely and by the time they figure it out, the user could possibly do a remote wipe and if the theft was for the phone itself, it's not a big deal - the thief will just wipe the phone.
Passcodes are going to be a thing of the past eventually:
Concerning the sapphire crystal, it would be good if they could cover the whole front of the phone with it for durability and it would be seamless. One thing I don't like about the physical home button is the inconsistency with the feel. Some buttons are harder to press than others and broken ones make the phone or iPad pretty much unusable. There would have to be a difference in how it's pressed. Swipe left/right could be back/forward (to help with the back button placement), swipe down to go home, swipe up for multi-tasking. Tap-hold can also be home and double-tap can be Siri.
As far as the user is concerned, it would behave much like the old button and have instant recognition to turn the device on but it gives them the option to scale down the area it uses up and there should be more room inside the phone as the button doesn't have to be pressed down.
1) Right, but that just means it's better than the old tech, it doesn't mean it's secure, or even more secure today than the older tech was back then because the methods to bypass security methods also evolve.
2) I don't see how a memorized passcode will ever be a thing of the past, especially when the alternative is something that is outside the body. Nothing has proven to be more secure than something you retain in your memory. Having a 2-step authentication where you incorporate a biometric and a passcode have their place, but biometrics alone have yet to come close to proving themselves for truly secure environments.
The New York mayor is already complaining about high crime on stolen high tech smartphones, and now putting sapphire on it? Apple, one day the Newyorkers will sue you of being a high tech company.
Apple is not responsible for societies crimes. I detest this polical thinking. Perhaps the fucking mayor should solve his own crime problems and quit diverting blame.
If the home button ceases to be a physical button, this will be the boldest move since the introduction of the iPhone. There's just something inherently satisfying, and confidence inducing, and actually having the button depress. I despise capacitive buttons. If Apple can figure out a way to give a decent amount of feedback while preventing accidental usage, then I agree, it would be an improvement. But the current button is definitely a major part of the iPhone's intuitiveness.
1) Right, but that just means it's better than the old tech, it doesn't mean it's secure, or even more secure today than the older tech was back then because the methods to bypass security methods also evolve.
2) I don't see how a memorized passcode will ever be a thing of the past, especially when the alternative is something that is outside the body. Nothing has proven to be more secure than something you retain in your memory. Having a 2-step authentication where you incorporate a biometric and a passcode have their place, but biometrics alone have yet to come close to proving themselves for truly secure environments.
Huh ? Being better in security can also mean more secure of course, unless you already decided in your mind that it won't be secure for whatever personal reason. The example you quoted applies to other technologies. Those same tricks don't apply here.
As for pass code becoming obsolete, it will likely take a long time to do so. Perhaps never because updating software, especially security software takes time and $$$$$.
Nothing in the fingerprinting technologies exclude multi-factor authentication. In fact, the sensor itself should already consider multiple factors in your fingers. But app developers can also throw in a camera shot, security question, etc. to further strengthen their security needs.
I just can't see the physical home button going away, as while the mechanism can certainly be improved, physical buttons are so much more reliable than capacitive buttons when it comes to feel. I do like the use of sapphire crystal though, would definitely give it a signature feel, and a fingerprint sensor is a very secure, proven reliable form of security (especially when compared to facial recognition).
I agree with you. I think having a home button is an ideal, "high end" solution and they should simply try to make improvements to the mechanical technology as time goes by, or offer support for it if it is indeed a huge problem for so many people.
So many people want "touch" everything, and I don't necessarily see "touch" as an improvement. What a physical home button allows you to do at a functional level is pass your finger over it or rest it there without having to worry that you're going to activate it. It's the same as typing on a qwerty keyboard using a proper "home key" method. I type about 90wpm but couldn't possibly do this on a keyboard that I couldn't rest my fingers on. There are a few, but objective, advantages to mechanical buttons. I'm not sure how you'd mimic the "touch but don't activate" utility of a physical button. Coding a delay would be annoying because when I Want to activate the home button, there IS no delay, so creating a software delay would be frustrating.
At the end of the day, I see some mechanical processes as being inherently better than "touch," and consider them "high end." Sure, touch makes the screen look less busy, but there is a wonderful utility that is lost. I'm willing to buy apple care for longer to protect myself if I have to, but I respect that some people have had trouble and would prefer a touch solution. Frankly, though, the home button, when it works, is, in my eyes, the best way to navigate to a homescreen on any device, and it is higher quality than Samsung's.
Huh ? Being better in security can also mean more secure of course, unless you already decided in your mind that it won't be secure for whatever personal reason. The example you quoted applies to other technologies. Those same tricks don't apply here.
As for pass code becoming obsolete, it will likely take a long time to do so. Perhaps never because updating software, especially security software takes time and $$$$$.
Nothing in the fingerprinting technologies exclude multi-factor authentication. In fact, the sensor itself should already consider multiple factors in your fingers. But app developers can also throw in a camera shot, security question, etc. to further strengthen their security needs.
Of course better means more. The problem is you're comparing it to a tech if you are comparing it to a tech on the market that is a decade old that only means it's better than the old tech, but does not mean it's secure by today's standards. For example, WEP is better than no security but it's easily hacked with freely available methods. Why would you use that when there is WPA2 available? If one can bypass a biometric with today's tech then why trust that without the use of something that would need brute force or social engineering to bypass? Are you willing to trade in your PIN number for a fingerprint reader at the ATM? I'm not! I'd be willing to allow my phone or a fingerprint reader allow me access to my car, but things I actually care about I want something that actually private, not something I'm leaving all over the damn place.
Of course better means more. The problem is you're comparing it to a tech if you are comparing it to a tech on the market that is a decade old that only means it's better than the old tech, but does not mean it's secure by today's standards. For example, WEP is better than no security but it's easily hacked with freely available methods. Why would you use that when there is WPA2 available? If one can bypass a biometric with today's tech then why trust that without the use of something that would need brute force or social engineering to bypass? Are you willing to trade in your PIN number for a fingerprint reader at the ATM? I'm not! I'd be willing to allow my phone or a fingerprint reader allow me access to my car, but things I actually care about I want something that actually private, not something I'm leaving all over the damn place.
Why would you need to trade pin for fingerprinting ? Why can't the ATM machine detect my fingerprint while I key in my pin ? Why can't fingerprint replace your ATM card instead ?
It also depends on your app:
e.g., For simple balance checking, a fingerprint may be secure enough. Your mileage may vary.
I don't think we need to dismiss the technology so early. WPA and what not are completely different tech. I don't think one can generalize from there before the fact.
I hope for poor Ming's sake that he gets most of his predictions right because otherwise he's going to have to lose his ubiquitous trademark 'well connected' epithet.
He's often referred to as "noted analyst" as well, in AI articles.
I've repeatedly asked what claim this Ming-chi Kuo guy (gal?) has to being well-connected or noted, and I've never got an answer.....
Why would you need to trade pin for fingerprinting ? Why can't the ATM machine detect my fingerprint while I key in my pin ? Why can't fingerprint replace your ATM card instead ?
if a biometric replaces a card it's not security that's the value, but convenience. The best biometrics can offer so far are in increase to security when added to other secure features. Biometrics are not nor never have been a good form of security in and of themselves, which is the premise of the "but it measures the ridges in your finger and blood pressure, and heart rate yada yada yada" comments. Don't allow yourself to get a false sense of protection because you think you're the only one who access to your biometric signature. Remember, it's not measuring you, but what it reads off of you.
if a biometric replaces a card it's not security that's the value, but convenience. The best biometrics can offer so far are in increase to security when added to other secure features. Biometrics are not nor never have been a good form of security in and of themselves, which is the premise of the "but it measures the ridges in your finger and blood pressure, and heart rate yada yada yada" comments. Don't allow yourself to get a false sense of protection because you think you're the only one who access to your biometric signature. Remember, it's not measuring you, but what it reads off of you.
Nope. At the end of the day, it is the total package that count. Security and convenience can come together. e.g., For the sake of convenience, people write down their pass code on a piece of paper. That weakens the security.
In general, security is a function of what you want to protect vs the cost of implementation ( in terms of convenience, money, effort, etc ).
A biometric fingerprinting technology should be a valuable addition to the arsenal, if implemented well. It can indeed be more secure than the status quo.
I hate it when my son peek over my shoulder and discover my pass lock. At the minimal, the default fingerprint unlock should sidestep this problem for me. The rest will depend on the app developers. I can see it being used as the confirmation step for a multi-factor authentication and authorization workflow too.
the home button should go away for the same reason that the keyboard needed to go. It is useless mod of the time.
Give the same functionality to the power button or something to have a safe way out, but eliminate that and cram a bigger screen on it.
Contrary. As I have posted before, the home button could easily become a touch sensitive input device allowing scrolling, zoom in and out, as well as other gestures. I say this being that your thumb is nearer to the home button than the rest of the screen, it would be easier to scroll page text, zoom in and out for the camera, swipe side to side for content change (as you do now on the screen).
This would then also save the screen from being touched as often and therefore less fingerprints.
Comments
Quote:
Originally Posted by maccherry
A bling home button? Who writes this crap?
You're aware of course that sapphire doesn't necessarily mean jewellery, but is often used because it is really clear compared to most glass alternatives (clearer than silicon glass if I recall actually) while being harder and more scratch resistant. The iPhone already uses sapphire glass in the camera casing for this reason.
I was already wondering what would happen if you put the bleeding end in your mouth, sealed with lips and held with teeth and increased the pressure each second ... then put the thought out of my mind and grabbed my coffee...
Not that I don't want the whole front of the phone to be sapphire crystal, but you don't want the front to be seamless. Well, you want the home button to be recessed, which would make it far more tricky making the entire front in one piece. This is so you can feel for the button. All that gesture nonsense would be exactly that on a iOS device bezel. The current solution certainly has it's failure rates, and there is perhaps a better solution, but gesturing around the bottom bezel is not it. It's not a good experience and totally unintuitive. Perhaps for now at least, a better engineered, more reliable home button might be the best solution of all. Yes, a home button that doesn't move would basically never fail, but that doesn't mean it's a better user experience in use. It might be a bad experience in use, with accidental presses happening too often, and the lack of a positive click to reinforce the buttons use might make it a terrible idea. Perhaps a sound plus a particular simultaneous vibration might suffice in place of the current button movement plus a physical click? Perhaps, but it doesn't feel like it would. I don't know, this is a deceptively difficult problem to solve. Gestures are not the answer, I know that much.
Quote:
Originally Posted by Slurpy
If the home button ceases to be a physical button, this will be the boldest move since the introduction of the iPhone. There's just something inherently satisfying, and confidence inducing, and actually having the button depress. I despise capacitive buttons. If Apple can figure out a way to give a decent amount of feedback while preventing accidental usage, then I agree, it would be an improvement. But the current button is definitely a major part of the iPhone's intuitiveness.
Agree. I have played with many Android phones and I have never "got" the capacitive buttons. They are not only horrible to use, I think they qualify as "bad design."
It's a separate button but it's is part of a unified assembly containing the screen and almost indistinguishable from it. It needs to be separate from the screen and easily activated to work but contains no clear visual or tactile clues as to it's location or boundaries and gives no feedback on it's state to the user. How is that good?
When the iPhone first arrived all the critics were going crazy about how it lacked tactile feedback and how this was such a huge problem. Yet perversely, these same critics *love* the capacitive buttons on Android devices, because ....?
A good "button" (virtual, physical or otherwise), needs to be:
- easily locatable with defined boundaries
- have "glanceable" state information
- reliable function (do the same thing always)
- give feedback to the user on it's action and it's state.
- be difficult to actuate by mistake
The capacitive buttons in Android fail on all of these tests.
1) Right, but that just means it's better than the old tech, it doesn't mean it's secure, or even more secure today than the older tech was back then because the methods to bypass security methods also evolve.
2) I don't see how a memorized passcode will ever be a thing of the past, especially when the alternative is something that is outside the body. Nothing has proven to be more secure than something you retain in your memory. Having a 2-step authentication where you incorporate a biometric and a passcode have their place, but biometrics alone have yet to come close to proving themselves for truly secure environments.
Apple is not responsible for societies crimes. I detest this polical thinking. Perhaps the fucking mayor should solve his own crime problems and quit diverting blame.
Perhaps next year. Perhaps. We'll (and Apple) see how it goes for iPhone and iPad first.
Couldn't have said it better.
Huh ? Being better in security can also mean more secure of course, unless you already decided in your mind that it won't be secure for whatever personal reason. The example you quoted applies to other technologies. Those same tricks don't apply here.
As for pass code becoming obsolete, it will likely take a long time to do so. Perhaps never because updating software, especially security software takes time and $$$$$.
Nothing in the fingerprinting technologies exclude multi-factor authentication. In fact, the sensor itself should already consider multiple factors in your fingers. But app developers can also throw in a camera shot, security question, etc. to further strengthen their security needs.
Quote:
Originally Posted by Mike Barriault
I just can't see the physical home button going away, as while the mechanism can certainly be improved, physical buttons are so much more reliable than capacitive buttons when it comes to feel. I do like the use of sapphire crystal though, would definitely give it a signature feel, and a fingerprint sensor is a very secure, proven reliable form of security (especially when compared to facial recognition).
I agree with you. I think having a home button is an ideal, "high end" solution and they should simply try to make improvements to the mechanical technology as time goes by, or offer support for it if it is indeed a huge problem for so many people.
So many people want "touch" everything, and I don't necessarily see "touch" as an improvement. What a physical home button allows you to do at a functional level is pass your finger over it or rest it there without having to worry that you're going to activate it. It's the same as typing on a qwerty keyboard using a proper "home key" method. I type about 90wpm but couldn't possibly do this on a keyboard that I couldn't rest my fingers on. There are a few, but objective, advantages to mechanical buttons. I'm not sure how you'd mimic the "touch but don't activate" utility of a physical button. Coding a delay would be annoying because when I Want to activate the home button, there IS no delay, so creating a software delay would be frustrating.
At the end of the day, I see some mechanical processes as being inherently better than "touch," and consider them "high end." Sure, touch makes the screen look less busy, but there is a wonderful utility that is lost. I'm willing to buy apple care for longer to protect myself if I have to, but I respect that some people have had trouble and would prefer a touch solution. Frankly, though, the home button, when it works, is, in my eyes, the best way to navigate to a homescreen on any device, and it is higher quality than Samsung's.
Of course better means more. The problem is you're comparing it to a tech if you are comparing it to a tech on the market that is a decade old that only means it's better than the old tech, but does not mean it's secure by today's standards. For example, WEP is better than no security but it's easily hacked with freely available methods. Why would you use that when there is WPA2 available? If one can bypass a biometric with today's tech then why trust that without the use of something that would need brute force or social engineering to bypass? Are you willing to trade in your PIN number for a fingerprint reader at the ATM? I'm not! I'd be willing to allow my phone or a fingerprint reader allow me access to my car, but things I actually care about I want something that actually private, not something I'm leaving all over the damn place.
Why would you need to trade pin for fingerprinting ? Why can't the ATM machine detect my fingerprint while I key in my pin ? Why can't fingerprint replace your ATM card instead ?
It also depends on your app:
e.g., For simple balance checking, a fingerprint may be secure enough. Your mileage may vary.
I don't think we need to dismiss the technology so early. WPA and what not are completely different tech. I don't think one can generalize from there before the fact.
Quote:
Originally Posted by AnalogJack
"...Well-connected analyst Ming-Chi Kuo said..."
I hope for poor Ming's sake that he gets most of his predictions right because otherwise he's going to have to lose his ubiquitous trademark 'well connected' epithet.
He's often referred to as "noted analyst" as well, in AI articles.
I've repeatedly asked what claim this Ming-chi Kuo guy (gal?) has to being well-connected or noted, and I've never got an answer.....
if a biometric replaces a card it's not security that's the value, but convenience. The best biometrics can offer so far are in increase to security when added to other secure features. Biometrics are not nor never have been a good form of security in and of themselves, which is the premise of the "but it measures the ridges in your finger and blood pressure, and heart rate yada yada yada" comments. Don't allow yourself to get a false sense of protection because you think you're the only one who access to your biometric signature. Remember, it's not measuring you, but what it reads off of you.
Nope. At the end of the day, it is the total package that count. Security and convenience can come together. e.g., For the sake of convenience, people write down their pass code on a piece of paper. That weakens the security.
In general, security is a function of what you want to protect vs the cost of implementation ( in terms of convenience, money, effort, etc ).
A biometric fingerprinting technology should be a valuable addition to the arsenal, if implemented well. It can indeed be more secure than the status quo.
I hate it when my son peek over my shoulder and discover my pass lock. At the minimal, the default fingerprint unlock should sidestep this problem for me. The rest will depend on the app developers. I can see it being used as the confirmation step for a multi-factor authentication and authorization workflow too.
Quote:
Originally Posted by pedromartins
the home button should go away for the same reason that the keyboard needed to go. It is useless mod of the time.
Give the same functionality to the power button or something to have a safe way out, but eliminate that and cram a bigger screen on it.
Contrary. As I have posted before, the home button could easily become a touch sensitive input device allowing scrolling, zoom in and out, as well as other gestures. I say this being that your thumb is nearer to the home button than the rest of the screen, it would be easier to scroll page text, zoom in and out for the camera, swipe side to side for content change (as you do now on the screen).
This would then also save the screen from being touched as often and therefore less fingerprints.