Yup, that's a good point. Will this be another "closed" API in their "open" operating system? I'm not sure how they can guarantee security if access to the code is broad.
If letting the public see the code threatens security in any way, then the implementation cannot be considered secure in the first place. Correctly written code will remain secure regardless of who can see the code.
If letting the public see the code threatens security in any way, then the implementation cannot be considered secure in the first place.
Yah, true. Security of the implementation depends on whether or not those accessing the code have malicious intent. If the code is open to the public, then "good" hackers can contribute back fixes and improvements, while "bad" hackers may try to exploit those bugs. If the code is closed-source, then bug fixes would be entirely dependent on Google's own competence at identifying and fixing the bugs. But with closed-source code, existing bugs may not even get exploited due to nobody knowing about them.
I don't envy Google. They want to provide an "open" platform, but it's a fine line to walk.
Doesn't matter. Apple didn't come up with the idea, nor the tech. They purchased it.
Did the company that they bought have the full implementation done exactly as Apple has provided it, with the Secure Enclave as part of the main processor?
They purchased the company, and THEN enhanced the tech. It's not just about the fingerprint sensor, but how the full implementation and integration with the system was done. That's Apple's work.
Yup, that's a good point. Will this be another "closed" API in their "open" operating system? I'm not sure how they can guarantee security if access to the code is broad.
You mention Google and security in the same sentence I thought the two were mutually exclusive?
Perhaps but will google sell my fingerprints to the highest bidder?
You mention Google and security in the same sentence I thought the two were mutually exclusive? No doubt they already scan our faces and have some ingenious way of selling that to the highest bidder as well?
Perhaps but will google sell my fingerprints to the highest bidder?
Will you say ["how innovative that is!"] when Apple adds split screen multitasking to iPad? It's rumored to be coming to iOS 9.
yup, because when Apple does it, it will be easy to use and broadly compatible with myriad third party apps, not just a tick-mark on a feature list with a wanky implementation.
What many people don't realize is the whole reason for the Fappening, where celebs got their photos leaked, was due to lack of Touch ID. It wasn't a flaw in Apple's system. When a celebrity is sitting outside at a cafe and being filmed by paparazzi, they shrug off the annoyance and go about their business. Well, what you take for granted, like entering your Apple ID to download an app, its caught on film. You think they are snapping pics of your pretty face, the whole time they are stealing your ID.
Touch ID is the only viable way to prevent this intrusion.
yup, because when Apple does it, it will be easy to use and broadly compatible with myriad third party apps, not just a tick-mark on a feature list with a wanky implementation.
Agree- Innovation only can be called truly innovative if it works , building designing software that doesn't work very well is hardly innovative, the world is full of great ideas poorly implemented
Agree- Innovation only can be called truly innovative if it works , building designing software that doesn't work very well is hardly innovative, the world is full of great ideas poorly implemented: case in point Microsoft windows isn't exactly innovative, it simply re-cycling old ideas in a rather cumbersome package, yes they might have made it look a tad better but underneath it's still the same mish mash of buggy, substandard and fatally flawed OS software and networking services
Another issue is how does Google securely store fingerprint data? Apple has the Secure Enclave (which also performs other functions besides Touch ID, such as encryption). This is a custom piece of hardware inside their processors.
The only way Google could make this work properly is if they designed some sort of hardware standard that companies like Qualcomm, Samsung, Mediatek and other ARM processor builders would follow and add to their own processors. This way they would all have a version of the Secure Enclave.
I think this would be very hard for Google to achieve. And if they introduce this feature without some type of hardware support, then you know it's going to be some half-baked solution with all sorts of potential security issues.
Another issue is how does Google securely store fingerprint data? [...] The only way Google could make this work properly is if they designed some sort of hardware standard [...] I think this would be very hard for Google to achieve.
Really, you think this would be very hard for Google to achieve? After the secure erase function in most Android smartphones was found not to be secure at all? I actually think it would be impossible for Google to achieve.
Yup, that's a good point. Will this be another "closed" API in their "open" operating system? I'm not sure how they can guarantee security if access to the code is broad.
If they have to hide the code, then the solution is probably insecure to begin with.
Another issue is how does Google securely store fingerprint data? Apple has the Secure Enclave (which also performs other functions besides Touch ID, such as encryption). This is a custom piece of hardware inside their processors.
The only way Google could make this work properly is if they designed some sort of hardware standard that companies like Qualcomm, Samsung, Mediatek and other ARM processor builders would follow and add to their own processors. This way they would all have a version of the Secure Enclave.
I think this would be very hard for Google to achieve. And if they introduce this feature without some type of hardware support, then you know it's going to be some half-baked solution with all sorts of potential security issues.
It can be set it so that the shape is never visible.
Sorry, can you read? He said that he figured out the shape from his friends hand motion- he didnt actually see it. Whether the shape is visible or not makes no difference.
Quote:
Originally Posted by dasanman69
Fingerprint scanners on smartphones existed before 2013.
Thanks for the incredible insight. They were complete shit (hardware wise), and they weren't integrated deep into the OS like it is in iOS.
Quote:
Originally Posted by dasanman69
Doesn't matter. Apple didn't come up with the idea, nor the tech. They purchased it.
You're just full of wisdom, aren't you? Yes, they had the foresight to purchase the core tech, and then engineered the **** out of it to create the final product and integrate it into their devices. I love how you give them zero credit for that, and pretend that all they did was throw some cash out. All your posts in this thread have been either purposefully obtuse, lies, or trolling.
Quote:
Originally Posted by Rogifan
Will you say that when Apple adds split screen multitasking to iPad? It's rumored to be coming to iOS 9.
Why, is split screen a built in Android feature right now? No, it isn't. Way to completely miss the point. When Apple implements something, it isn't to flagrantly attempt to reproduce the success of something else. When others do, its usually to reproduce Apple's success. Thats the obvious difference. Apple made biometrics mainstream and reliable. Thats why others are now focusing more on it. Apple adds features when it truly believes it can do them better and that they enhance the product.
It will be interesting to learn how Google intends to secure fingerprint data.
Will fingerprint data be stored on the Android devices in a secure enclave or will the fingerprint data be transmitted to Google's servers?
If fingerprint data is sent to Google's servers, will Android users be able to have that data deleted or will the data become the irrevocable property of Google just as so much other data is?
Also, if fingerprint data is sent to Google's servers, will Google promise to never access the data for any reason whatsoever?
I am trying to not laugh or snicker as I type this.
Google I/O is coming and the answers to my questions may get answered.
Doesn't matter. Apple didn't come up with the idea, nor the tech. They purchased it.
Did the company that they bought have the full implementation done exactly as Apple has provided it, with the Secure Enclave as part of the main processor?
They purchased the company, and THEN enhanced the tech. It's not just about the fingerprint sensor, but how the full implementation and integration with the system was done. That's Apple's work.
The implementation is all Apple but the idea isn't.
Comments
Very innovative.
Will you say that when Apple adds split screen multitasking to iPad? It's rumored to be coming to iOS 9.
Yup, that's a good point. Will this be another "closed" API in their "open" operating system? I'm not sure how they can guarantee security if access to the code is broad.
If letting the public see the code threatens security in any way, then the implementation cannot be considered secure in the first place. Correctly written code will remain secure regardless of who can see the code.
If letting the public see the code threatens security in any way, then the implementation cannot be considered secure in the first place.
Yah, true. Security of the implementation depends on whether or not those accessing the code have malicious intent. If the code is open to the public, then "good" hackers can contribute back fixes and improvements, while "bad" hackers may try to exploit those bugs. If the code is closed-source, then bug fixes would be entirely dependent on Google's own competence at identifying and fixing the bugs. But with closed-source code, existing bugs may not even get exploited due to nobody knowing about them.
I don't envy Google. They want to provide an "open" platform, but it's a fine line to walk.
Doesn't matter. Apple didn't come up with the idea, nor the tech. They purchased it.
Did the company that they bought have the full implementation done exactly as Apple has provided it, with the Secure Enclave as part of the main processor?
They purchased the company, and THEN enhanced the tech. It's not just about the fingerprint sensor, but how the full implementation and integration with the system was done. That's Apple's work.
You mention Google and security in the same sentence I thought the two were mutually exclusive?
Perhaps but will google sell my fingerprints to the highest bidder?
Will you say ["how innovative that is!"] when Apple adds split screen multitasking to iPad? It's rumored to be coming to iOS 9.
yup, because when Apple does it, it will be easy to use and broadly compatible with myriad third party apps, not just a tick-mark on a feature list with a wanky implementation.
Touch ID is the only viable way to prevent this intrusion.
Google sucks everything of course and sells it on rather like credit default swaps , same principle once it's sold you have no control over it .
Agree- Innovation only can be called truly innovative if it works , building designing software that doesn't work very well is hardly innovative, the world is full of great ideas poorly implemented
Another issue is how does Google securely store fingerprint data? Apple has the Secure Enclave (which also performs other functions besides Touch ID, such as encryption). This is a custom piece of hardware inside their processors.
The only way Google could make this work properly is if they designed some sort of hardware standard that companies like Qualcomm, Samsung, Mediatek and other ARM processor builders would follow and add to their own processors. This way they would all have a version of the Secure Enclave.
I think this would be very hard for Google to achieve. And if they introduce this feature without some type of hardware support, then you know it's going to be some half-baked solution with all sorts of potential security issues.
Another issue is how does Google securely store fingerprint data? [...] The only way Google could make this work properly is if they designed some sort of hardware standard [...] I think this would be very hard for Google to achieve.
Really, you think this would be very hard for Google to achieve? After the secure erase function in most Android smartphones was found not to be secure at all? I actually think it would be impossible for Google to achieve.
If they have to hide the code, then the solution is probably insecure to begin with.
Another issue is how does Google securely store fingerprint data? Apple has the Secure Enclave (which also performs other functions besides Touch ID, such as encryption). This is a custom piece of hardware inside their processors.
The only way Google could make this work properly is if they designed some sort of hardware standard that companies like Qualcomm, Samsung, Mediatek and other ARM processor builders would follow and add to their own processors. This way they would all have a version of the Secure Enclave.
I think this would be very hard for Google to achieve. And if they introduce this feature without some type of hardware support, then you know it's going to be some half-baked solution with all sorts of potential security issues.
A hardware standard like ARM TrustZone? Android has supported TrustZone-based secure storage for a while (http://nelenkov.blogspot.com/2013/08/credential-storage-enhancements-android-43.html); whether it is used correctly for particular applications is of course a separate matter.
It can be set it so that the shape is never visible.
Sorry, can you read? He said that he figured out the shape from his friends hand motion- he didnt actually see it. Whether the shape is visible or not makes no difference.
Fingerprint scanners on smartphones existed before 2013.
Thanks for the incredible insight. They were complete shit (hardware wise), and they weren't integrated deep into the OS like it is in iOS.
Doesn't matter. Apple didn't come up with the idea, nor the tech. They purchased it.
You're just full of wisdom, aren't you? Yes, they had the foresight to purchase the core tech, and then engineered the **** out of it to create the final product and integrate it into their devices. I love how you give them zero credit for that, and pretend that all they did was throw some cash out. All your posts in this thread have been either purposefully obtuse, lies, or trolling.
Will you say that when Apple adds split screen multitasking to iPad? It's rumored to be coming to iOS 9.
Why, is split screen a built in Android feature right now? No, it isn't. Way to completely miss the point. When Apple implements something, it isn't to flagrantly attempt to reproduce the success of something else. When others do, its usually to reproduce Apple's success. Thats the obvious difference. Apple made biometrics mainstream and reliable. Thats why others are now focusing more on it. Apple adds features when it truly believes it can do them better and that they enhance the product.
It will be interesting to learn how Google intends to secure fingerprint data.
Will fingerprint data be stored on the Android devices in a secure enclave or will the fingerprint data be transmitted to Google's servers?
If fingerprint data is sent to Google's servers, will Android users be able to have that data deleted or will the data become the irrevocable property of Google just as so much other data is?
Also, if fingerprint data is sent to Google's servers, will Google promise to never access the data for any reason whatsoever?
I am trying to not laugh or snicker as I type this.
Google I/O is coming and the answers to my questions may get answered.
The implementation is all Apple but the idea isn't.