Samsung's Galaxy S8 facial recognition feature defeated with digital photo

12346»

Comments

  • Reply 101 of 117
    mobird said:
    First to market, first to fail.
    They are complete losers. Galaxy S8 and Galaxy S8 Plus. Hmm Plus sounds familiar. And while we are at it let's stick a hokey facial recognition feature in the phone that's not fully baked yet. Fail once again. 
    watto_cobra
  • Reply 102 of 117
    foggyhillfoggyhill Posts: 4,663member
    crowley said:
    crowley said:
    Not great, but what are the chances that someone who stole your phone has a picture of you?
    The threat isn't from muggers on the street, it's from a targeted compromise. very easy to go after someone's device. Here's a common domestic scenario -- unlocking the device of a parent, sibling, or SO. 
    That might be true (and very serious in some instances), but it's not really what the majority of people are concerned about with phone security.  Muggers on the street and identity theft are what I'm concerned about (my patent, sibling or SO are more likely to play a practical joke than look for or find any nefarious materials), and those people are very unlikely to have a readily available quality photograph of me.

    Not trying to downplay it, it's a major fu from Samsung, but I doubt the majority of people are going to be that bothered.
    Most people that get in other people's phone are not strangers, just like most rapes or child abduction are not done by strangers.
    So, you're telling me people prefer the illusion of security than actual security? Guess so... Samsung should be set then cause their thing is a complete joke.
    Rayz2016watto_cobra
  • Reply 103 of 117
    The FBI is no doubt pleased that the Galaxy S8 is so easy to unlock.
    pscooter63watto_cobra
  • Reply 104 of 117
    Rayz2016Rayz2016 Posts: 3,606member
    So, would the inclusion of 3D camera tech mean that the phone could tell the difference between a real face and a photograph?
    watto_cobra
  • Reply 105 of 117
    avon b7 said:
    avon b7 said:
    avon b7 said:
    glynh said:
    avon b7 said:

    I think I have got AirDrop to work just once. Last night I had to transfer a note from an iPad Air 2 and miraculously, my iPad Mini 2 showed up in AirDrop! I nearly fainted. I chose the Mini and the Air 2 said 'waiting'. I was optmistic. Sadly, it sat there 'waiting' until I cancelled the operation. 15 minutes of my life stolen. However, encouraged by just seeing the Mini 2, I retried. This time I got the notification on the Mini 2. Wow! I thought nothing could go wrong from here but then a message popped up: 'to complete this operation, you must download an App from the App Store'.

    That would require an AppleID password which I didn't have to hand, so I gave up.

    You may be wondering what I was trying to transfer. It was a link, simply copy/pasted into a note. Absolutely nothing else.

    That, my friend, is the definition of half baked and if you look this issue up on Google you will see I am not alone and the only real potential solution is complete overkill: a restore.

    Of course, exactly why I have to use the half baked AirDrop in the first place (which requires Bluetooth to be on, iCloud and users logged into AppleID etc) is a complete mystery. You can send a file by Bluetooth from a Mac to any other Bluetooth device with the right BT profile in seconds. Same with Android phones. Why can't iDevices do the same and why isn't AirDrop freaking bulletproof years after launch?

    Ouch...you obviously like to make things difficult for yourself.

    That my friend is the definition of half-baked!

    Never heard of Universal Clipboard?

    <chuckle>


    No. Using universal clipboard definitely would make things difficult for myself as my Mini doesn't support it.


    Your Mini 2 supports Universal Clipboard.

    https://support.apple.com/en-us/HT204681#clipboard
    No. The Mini 2 supports it if it is running continuity requirements. My Mini 2 doesn't support it. 
    Well, that's certainly splitting hairs. 

    This is is like saying your Ford F-150 doesn't support pulling a trailer because you've chosen not to add a (free) hitch. 


    Please don't get me started on the utter crud that iTunes is. Pure voodoo.


    I'm wondering who got you started with all the other stuff in the first place. Wish that didn't happen...

    watto_cobra
  • Reply 106 of 117
    foggyhillfoggyhill Posts: 4,663member
    avon b7 said:
    avon b7 said:
    avon b7 said:
    glynh said:
    avon b7 said:

    I think I have got AirDrop to work just once. Last night I had to transfer a note from an iPad Air 2 and miraculously, my iPad Mini 2 showed up in AirDrop! I nearly fainted. I chose the Mini and the Air 2 said 'waiting'. I was optmistic. Sadly, it sat there 'waiting' until I cancelled the operation. 15 minutes of my life stolen. However, encouraged by just seeing the Mini 2, I retried. This time I got the notification on the Mini 2. Wow! I thought nothing could go wrong from here but then a message popped up: 'to complete this operation, you must download an App from the App Store'.

    That would require an AppleID password which I didn't have to hand, so I gave up.

    You may be wondering what I was trying to transfer. It was a link, simply copy/pasted into a note. Absolutely nothing else.

    That, my friend, is the definition of half baked and if you look this issue up on Google you will see I am not alone and the only real potential solution is complete overkill: a restore.

    Of course, exactly why I have to use the half baked AirDrop in the first place (which requires Bluetooth to be on, iCloud and users logged into AppleID etc) is a complete mystery. You can send a file by Bluetooth from a Mac to any other Bluetooth device with the right BT profile in seconds. Same with Android phones. Why can't iDevices do the same and why isn't AirDrop freaking bulletproof years after launch?

    Ouch...you obviously like to make things difficult for yourself.

    That my friend is the definition of half-baked!

    Never heard of Universal Clipboard?

    <chuckle>


    No. Using universal clipboard definitely would make things difficult for myself as my Mini doesn't support it.


    Your Mini 2 supports Universal Clipboard.

    https://support.apple.com/en-us/HT204681#clipboard
    No. The Mini 2 supports it if it is running continuity requirements. My Mini 2 doesn't support it. 
    Well, that's certainly splitting hairs. 

    This is is like saying your Ford F-150 doesn't support pulling a trailer because you've chosen not to add a (free) hitch. 


    Please don't get me started on the utter crud that iTunes is. Pure voodoo.


    I'm wondering who got you started with all the other stuff in the first place. Wish that didn't happen...

    To be fair, ITune's pretty much always had a weird UI just its kind of weirdness was much more mainstream in 2002 than now.
    It just tries to do a bit too much; basically like operator overloading in a programming language :-).
    edited April 2017
  • Reply 107 of 117
    avon b7avon b7 Posts: 2,206member
    foggyhill said:
    crowley said:
    crowley said:
    Not great, but what are the chances that someone who stole your phone has a picture of you?
    The threat isn't from muggers on the street, it's from a targeted compromise. very easy to go after someone's device. Here's a common domestic scenario -- unlocking the device of a parent, sibling, or SO. 
    That might be true (and very serious in some instances), but it's not really what the majority of people are concerned about with phone security.  Muggers on the street and identity theft are what I'm concerned about (my patent, sibling or SO are more likely to play a practical joke than look for or find any nefarious materials), and those people are very unlikely to have a readily available quality photograph of me.

    Not trying to downplay it, it's a major fu from Samsung, but I doubt the majority of people are going to be that bothered.
    Most people that get in other people's phone are not strangers, just like most rapes or child abduction are not done by strangers.
    So, you're telling me people prefer the illusion of security than actual security? Guess so... Samsung should be set then cause their thing is a complete joke.
    Where is the illusion of security if the phone itself warns you that security of the feature is less than inter options included on the phone?

    There is no illusión of security.
  • Reply 108 of 117
    Rayz2016Rayz2016 Posts: 3,606member
    eriamjh said:
    Your face should be the username, not the password.


    Some days I come to this forum and read single-line comments that make me wonder how the poster manages to feed himself in the mornings.

    Other  days I come here and read a single-line comment that I feel sure will steer conversations on the forum for the next year or so.

    This post is the latter.

    "Your face should be the username, not the password."

    Well said, sir/madam.

    And the reason why Apple is working so hard on facial recognition is now much clearer to me.

    One of the big problems with getting iPads into business and education is iOS: it's essentially a single-user operating system from the user's point of view. 

    If you want to make it multi-user then you need to know who the user is, as well as his thumbprint scan. 




    edited April 2017 watto_cobra
  • Reply 109 of 117
    Rayz2016Rayz2016 Posts: 3,606member
    avon b7 said:
    foggyhill said:
    crowley said:
    crowley said:
    Not great, but what are the chances that someone who stole your phone has a picture of you?
    The threat isn't from muggers on the street, it's from a targeted compromise. very easy to go after someone's device. Here's a common domestic scenario -- unlocking the device of a parent, sibling, or SO. 
    That might be true (and very serious in some instances), but it's not really what the majority of people are concerned about with phone security.  Muggers on the street and identity theft are what I'm concerned about (my patent, sibling or SO are more likely to play a practical joke than look for or find any nefarious materials), and those people are very unlikely to have a readily available quality photograph of me.

    Not trying to downplay it, it's a major fu from Samsung, but I doubt the majority of people are going to be that bothered.
    Most people that get in other people's phone are not strangers, just like most rapes or child abduction are not done by strangers.
    So, you're telling me people prefer the illusion of security than actual security? Guess so... Samsung should be set then cause their thing is a complete joke.
    Where is the illusion of security if the phone itself warns you that security of the feature is less than inter options included on the phone?

    There is no illusión of security.
    Yes, it's rather like Samsung's warning that their retina scanner could cause eye damage. I have to wonder if it would be better to make it safe before putting it in the phone at all. 
  • Reply 110 of 117
    eriamjh said:
    Your face should be the username, not the password.

    This ^^^ I fail to see why they cannot make it a combination of the two. It will make the phone at least marginally more secure.
  • Reply 111 of 117
    avon b7avon b7 Posts: 2,206member
    Rayz2016 said:
    avon b7 said:
    foggyhill said:
    crowley said:
    crowley said:
    Not great, but what are the chances that someone who stole your phone has a picture of you?
    The threat isn't from muggers on the street, it's from a targeted compromise. very easy to go after someone's device. Here's a common domestic scenario -- unlocking the device of a parent, sibling, or SO. 
    That might be true (and very serious in some instances), but it's not really what the majority of people are concerned about with phone security.  Muggers on the street and identity theft are what I'm concerned about (my patent, sibling or SO are more likely to play a practical joke than look for or find any nefarious materials), and those people are very unlikely to have a readily available quality photograph of me.

    Not trying to downplay it, it's a major fu from Samsung, but I doubt the majority of people are going to be that bothered.
    Most people that get in other people's phone are not strangers, just like most rapes or child abduction are not done by strangers.
    So, you're telling me people prefer the illusion of security than actual security? Guess so... Samsung should be set then cause their thing is a complete joke.
    Where is the illusion of security if the phone itself warns you that security of the feature is less than inter options included on the phone?

    There is no illusión of security.
    Yes, it's rather like Samsung's warning that their retina scanner could cause eye damage. I have to wonder if it would be better to make it safe before putting it in the phone at all. 
    I've never owned a Samsung and didn't know they had retina scanners ( which would seem very complicated without dilating your pupils) but this is about security, not safety and my point stands. 

    Just as you use a weak passcode at your own risk, you use facial recognition in the same way. You are even informed of this when you activate the feature. No illusion, no promises, nothing. Just a convenience option. You can take it or leave it. You have the iris scanner and the fingerprint scanner to use as alternatives, but as governments begin to expand their biometric databases we may end up falling back on the passcode and skipping biometrics altogether.
  • Reply 112 of 117
    i'm as game to bash samsung as anyone. lots of hype, but little follow through.  you'd think these things would be tested with actual customers.  multi factor login isn't the answer either.  last thing i want to do is double the time to login or access an app.  as for touchid, ever tried to login to your iphone after washing your hands?  or when its cold? or when you just got out of the gym and are sweating?  doesn't exactly work like a charm.  and my son can log me in with a fruit roll up print of my finger.  not sure i'm ready to let an ex dig into every account i own with this level of security.  people are testing better stuff every day that will be fast and secure.  can't be long.
  • Reply 113 of 117
    mac_128mac_128 Posts: 3,022member
    Rayz2016 said:
    eriamjh said:
    Your face should be the username, not the password.


    Some days I come to this forum and read single-line comments that make me wonder how the poster manages to feed himself in the mornings.

    Other  days I come here and read a single-line comment that I feel sure will steer conversations on the forum for the next year or so.

    This post is the latter.

    "Your face should be the username, not the password."

    Well said, sir/madam.

    And the reason why Apple is working so hard on facial recognition is now much clearer to me.

    One of the big problems with getting iPads into business and education is iOS: it's essentially a single-user operating system from the user's point of view. 

    If you want to make it multi-user then you need to know who the user is, as well as his thumbprint scan. 




    Or a retina scan, which is the same as a single function security mechanism -- identify user looking at the phone, then scan that user's retina to compare to secure enclave, then unlock or not. No secondary effort required by the user.
  • Reply 114 of 117
    Rayz2016Rayz2016 Posts: 3,606member
    mac_128 said:
    Rayz2016 said:
    eriamjh said:
    Your face should be the username, not the password.


    Some days I come to this forum and read single-line comments that make me wonder how the poster manages to feed himself in the mornings.

    Other  days I come here and read a single-line comment that I feel sure will steer conversations on the forum for the next year or so.

    This post is the latter.

    "Your face should be the username, not the password."

    Well said, sir/madam.

    And the reason why Apple is working so hard on facial recognition is now much clearer to me.

    One of the big problems with getting iPads into business and education is iOS: it's essentially a single-user operating system from the user's point of view. 

    If you want to make it multi-user then you need to know who the user is, as well as his thumbprint scan. 




    Or a retina scan, which is the same as a single function security mechanism -- identify user looking at the phone, then scan that user's retina to compare to secure enclave, then unlock or not. No secondary effort required by the user.
    That's also a possibility, but only if they have a retina scan mechanism that is 100% safe to use so they don't have to display a warning about eye damage. 
  • Reply 115 of 117
    Rayz2016Rayz2016 Posts: 3,606member
    avon b7 said:
    Rayz2016 said:
    avon b7 said:
    foggyhill said:
    crowley said:
    crowley said:
    Not great, but what are the chances that someone who stole your phone has a picture of you?
    The threat isn't from muggers on the street, it's from a targeted compromise. very easy to go after someone's device. Here's a common domestic scenario -- unlocking the device of a parent, sibling, or SO. 
    That might be true (and very serious in some instances), but it's not really what the majority of people are concerned about with phone security.  Muggers on the street and identity theft are what I'm concerned about (my patent, sibling or SO are more likely to play a practical joke than look for or find any nefarious materials), and those people are very unlikely to have a readily available quality photograph of me.

    Not trying to downplay it, it's a major fu from Samsung, but I doubt the majority of people are going to be that bothered.
    Most people that get in other people's phone are not strangers, just like most rapes or child abduction are not done by strangers.
    So, you're telling me people prefer the illusion of security than actual security? Guess so... Samsung should be set then cause their thing is a complete joke.
    Where is the illusion of security if the phone itself warns you that security of the feature is less than inter options included on the phone?

    There is no illusión of security.
    Yes, it's rather like Samsung's warning that their retina scanner could cause eye damage. I have to wonder if it would be better to make it safe before putting it in the phone at all. 
    I've never owned a Samsung and didn't know they had retina scanners ( which would seem very complicated without dilating your pupils) but this is about security, not safety and my point stands. 

    Just as you use a weak passcode at your own risk, you use facial recognition in the same way. You are even informed of this when you activate the feature. No illusion, no promises, nothing. Just a convenience option. You can take it or leave it. You have the iris scanner and the fingerprint scanner to use as alternatives, but as governments begin to expand their biometric databases we may end up falling back on the passcode and skipping biometrics altogether.
    Oh I agree, your point does stand. If you are happy with compromised security then that's okay, but it's not okay with Apple. This the difference between Apple and Samsung. Apple would not introduce something that they know is insecure even if it provides an added convenience. It's a question of priorities. Putting a warning on the screen is, to Apple's mind, a cop-out. It is either secure or it's not. 
    edited April 2017
  • Reply 116 of 117
    cornchipcornchip Posts: 1,051member
    Are there any other videos on this? Maybe an English speaking version?
  • Reply 117 of 117
    foggyhill said:
    To be fair, ITune’s pretty much always had a weird UI just its kind of weirdness was much more mainstream in 2002 than now. It just tries to do a bit too much; basically like operator overloading in a programming language :-).
    I don’t think it does too much, but iTunes needs a complete UI overhaul. Yet again. They’ll get it right eventually, but they sure as fuck haven’t done so yet. AND BRING BACK THE ABILITY TO RESIZE MY ARTWORK. I DIDN’T GO TO THE TROUBLE OF FINDING HIGH RES IMAGES JUST TO HAVE THEM MAX OUT AT 170x170 ON MY 27” MONITOR, APPLE.
Sign In or Register to comment.