Whats to stop someone from going into iCloud and remotely wiping the phone? The police cannot disable iCloud without the AppleID. I realize it may be seized and off any network, but if you're quick enough perhaps it could work.
This is also why you should password protect Notes. Even if they had the unlocked phone they couldn't access the secured notes without a password or fingerprint.
A Faraday case. It then gets taken to a Faraday room where they can work on it.
Could just hold the suspects finger, like while rolling his fingers on the ink pad for fingerprinting, and force him to unlock his phone. Home button, ink pad, fingerprint card. Done.
This is why I see fingerprint sensors more as convenience technology than security technology. If you use it, it's like having one password that you never change. Using it in conjunction with a typed password is better.
My Honor 7 with Android 6 allows me to use different fingerprints to unlock the device and I can set a print to give 'guest' access to the unit, limiting access to certain areas but not the entire phone. The fingerprint sensor also supports gestures and is situated on the rear of the phone, making one handed use very simple.
It would be simple for criminals with this setup to avoid these police tactics by making calls in guest mode and reserving full access to when they are in 'safe' environments
Apple could take these ideas further.
You're talking about restricting full access to another person you might allow to use the phone, not a person that is capable of hacking into your phone. I would imagine the hardest part of hacking into a phone is getting pass the lock screen. Once a hacker pass that, the rest is easy, even if you're in "guest" mode.
And if you do use 2 fingerprints that can unlock the phone, then law enforcement have a better chance of unlocking the phone because there's now two fingerprints that will do it. That's a 2 in 10 chance of guessing the right fingerprint to use. Where as with a a single fingerprint unlock, they only have a 1 in 10 chance. And don't forget they have multiple attempts before the phone locks and a pass code is needed. What there need is to be is an option to lock the phone, after just 1or 2 failed attempts. (If it isn't already an option or an app that will do that.)
On another related topic, didn't I read here, a while back, that Apple has a patent that can detect if an iPhone is snatched from a user's hand by using software, the accelerometer and maybe the GPS? Maybe time for Apple to seriously think about having that feature on an iPhone. Probably could be installed with just an iOS update on newer iPhones.
Um ... convictions ... credit card fraud ... who're the good guys here? Perhaps the first thing to say should be 'well done' to the Metropolitan Police for smart thinking as they made a lawful arrest of a villain.
Could be our credit cards next.
If the guy has boxes of phony credit cards, as the photo in the article implies, then they don't need anything on his phone to convict him. And that's true in most cases where a crime has been committed. There's usually plenty of other evidence besides anything on the phone.
Let's say you decided to rob a store today. What would be on your phone that would help in the conviction unless you stupidly sent an email or text that revealed your plans. All it would do is result in 'guilt by association' for the people you had listed in your address book or exchanged emails, etc. with.
Could just hold the suspects finger, like while rolling his fingers on the ink pad for fingerprinting, and force him to unlock his phone. Home button, ink pad, fingerprint card. Done.
1a) We need a "poison finger" option to protect against thieves and unscrupulous governments* compelling us to use our fingerprints. 1b) This is now doable with the new MacBook Pros by creating another account that will launch an app you make with Automator that will call the shell script:
shutdown -h now
2) With the number of snatch-and-grab videos of iPhones being stolen that I've seen over the years, I wish that that Apple had an option that will automatically lock your iPhone if it gets disconnected from your Watch. To wit, out of Bluetooth range.
* Redundant statement.
I'll start a shit storm here...
If Trump gets his way...there will be no security on anything. Because...well thats more convenient to government and law enforcement rather than doing it by the book.
Congress creates the laws and the Supreme Court checks them for constitutional violations when cases are presented. It's no more possible for Trump to be a dictator than it was for Obama... and Obama has come closer than almost any president to acting completely outside the restraints of the office.
Trump has had conversations with Paul Ryan expressing that the office of the presidency has unbalanced the balance of power, so I find it less likely Trump will engage in the type of stuff you imagine.
You're really living in denial. Just look at the crazies Trump wants for his cabinet. And the Supreme Court might not be so helpful if Trump gets some extreme right-wing fanatic in there. Obama has not acted outside the restraints of the office in that he has issued about the same number of executive orders as previous recent Presidents and far less than many. And in the few cases where one could argue that he did, the Supreme Court did step in: Obama: 260 executive orders W. Bush: 291 Clinton: 364 H.W. Bush: 166 (1 term) Reagan: 381 Carter: 320 (1 term) Ford: 169 (1 term +) Nixon: 346 LBJ: 325 (1 year + 1 term) JFK: 214 (3 years) IKE: 484 HST: 907 FDR: 3721 (3 terms +)
Could just hold the suspects finger, like while rolling his fingers on the ink pad for fingerprinting, and force him to unlock his phone. Home button, ink pad, fingerprint card. Done.
This is why I see fingerprint sensors more as convenience technology than security technology. If you use it, it's like having one password that you never change. Using it in conjunction with a typed password is better.
My Honor 7 with Android 6 allows me to use different fingerprints to unlock the device and I can set a print to give 'guest' access to the unit, limiting access to certain areas but not the entire phone. The fingerprint sensor also supports gestures and is situated on the rear of the phone, making one handed use very simple.
It would be simple for criminals with this setup to avoid these police tactics by making calls in guest mode and reserving full access to when they are in 'safe' environments
Apple could take these ideas further.
You're talking about restricting full access to another person you might allow to use the phone, not a person that is capable of hacking into your phone. I would imagine the hardest part of hacking into a phone is getting pass the lock screen. Once a hacker pass that, the rest is easy, even if you're in "guest" mode.
And if you do use 2 fingerprints that can unlock the phone, then law enforcement have a better chance of unlocking the phone because there's now two fingerprints that will do it. That's a 2 in 10 chance of guessing the right fingerprint to use. Where as with a a single fingerprint unlock, they only have a 1 in 10 chance. And don't forget they have multiple attempts before the phone locks and a pass code is needed. What there need is to be is an option to lock the phone, after just 1or 2 failed attempts. (If it isn't already an option or an app that will do that.)
On another related topic, didn't I read here, a while back, that Apple has a patent that can detect if an iPhone is snatched from a user's hand by using software, the accelerometer and maybe the GPS? Maybe time for Apple to seriously think about having that feature on an iPhone. Probably could be installed with just an iOS update on newer iPhones.
That seems like reasonable logic although I'm not sure how it works from a security access point of view.
For me the finger print sensor is more a convenience so I have multiple fingerprints on the phone from both hands. Being able to use the swipe down gesture on the sensor from either hand for notifications and direct access is something I now can't live without.
Either way, guest access is a great feature that I hope gets developed further, both from practical and a security perspective.
Um ... convictions ... credit card fraud ... who're the good guys here? Perhaps the first thing to say should be 'well done' to the Metropolitan Police for smart thinking as they made a lawful arrest of a villain.
Could be our credit cards next.
Fair point. It was lawful seizure. They did well. The thing is, with the way police forces are getting out of hand, the way some of us respond to police actually doing their jobs lawfully has been impacted with immediate suspicion. This is a self-inflicted injury. If the police were held to a higher standard and didn't get away with criminal behavior, maybe they'd be given more benefit of the doubt by more people.
1a) We need a "poison finger" option to protect against thieves and unscrupulous governments* compelling us to use our fingerprints. 1b) This is now doable with the new MacBook Pros by creating another account that will launch an app you make with Automator that will call the shell script:
shutdown -h now
2) With the number of snatch-and-grab videos of iPhones being stolen that I've seen over the years, I wish that that Apple had an option that will automatically lock your iPhone if it gets disconnected from your Watch. To wit, out of Bluetooth range.
* Redundant statement.
I'll start a shit storm here...
If Trump gets his way...there will be no security on anything. Because...well thats more convenient to government and law enforcement rather than doing it by the book.
Congress creates the laws and the Supreme Court checks them for constitutional violations when cases are presented. It's no more possible for Trump to be a dictator than it was for Obama... and Obama has come closer than almost any president to acting completely outside the restraints of the office.
Trump has had conversations with Paul Ryan expressing that the office of the presidency has unbalanced the balance of power, so I find it less likely Trump will engage in the type of stuff you imagine.
You're really living in denial. Just look at the crazies Trump wants for his cabinet. And the Supreme Court might not be so helpful if Trump gets some extreme right-wing fanatic in there. Obama has not acted outside the restraints of the office in that he has issued about the same number of executive orders as previous recent Presidents and far less than many. And in the few cases where one could argue that he did, the Supreme Court did step in: Obama: 260 executive orders W. Bush: 291 Clinton: 364 H.W. Bush: 166 (1 term) Reagan: 381 Carter: 320 (1 term) Ford: 169 (1 term +) Nixon: 346 LBJ: 325 (1 year + 1 term) JFK: 214 (3 years) IKE: 484 HST: 907 FDR: 3721 (3 terms +)
When you point out the facts of the executive order numbers their next argument will be "yeah, but Obama's were worse." What a dictator Obama was by creating a sound plan to bring healthcare to the people so they could have a decent chance at life just to have it gutted by the Obstructionists and then to have to rebranded as Trump Care with the original provisions Obama originally tried to pass. He's a monster¡
Could just hold the suspects finger, like while rolling his fingers on the ink pad for fingerprinting, and force him to unlock his phone. Home button, ink pad, fingerprint card. Done.
They would have to know which finger. If you choose wrong 3 times, and the iPhone will only accept a passcode. So, don't use a thumb or index finger
Could just hold the suspects finger, like while rolling his fingers on the ink pad for fingerprinting, and force him to unlock his phone. Home button, ink pad, fingerprint card. Done.
They would have to know which finger. If you choose wrong 3 times, and the iPhone will only accept a passcode. So, don't use a thumb or index finger
You don't even use the "pads" of your phalanges for Touch ID to work which could mean that they wouldn't likely be able to lift your print from the device to then access via Touch ID as then you'd then be using your thumb to press the Home Button which would obfuscate the print you did use. This isn't the most convenient method, but it's not so inconvenient and arguably less of an issue than inputting a password for security every time.
Could just hold the suspects finger, like while rolling his fingers on the ink pad for fingerprinting, and force him to unlock his phone. Home button, ink pad, fingerprint card. Done.
This is why I see fingerprint sensors more as convenience technology than security technology. If you use it, it's like having one password that you never change.
Touch ID is and always has been a convenience feature, not a security one. It only bridges security because without it most people didn't use any PIN and those that did were unlikely to have the device lock immediately.
Using it in conjunction with a typed password is better.
:sigh: The passcode is a requirement for Touch ID. If you don't use it within a certain timeframe the passcode is required. If you have too many failed attempts with Touch ID the passcode is required. If the device is restarted the passcode is required.
My Honor 7 with Android 6 allows me to use different fingerprints to unlock the device and I can set a print to give 'guest' access to the unit, limiting access to certain areas but not the entire phone. The fingerprint sensor also supports gestures and is situated on the rear of the phone, making one handed use very simple.
No.
'No'
Ha. Having used both systems, I can assure you that for phone use, the Huawei implementation is far more useful than Apple's. Not just a little. It is miles ahead.
I fully expect Apple to take 'hints' from it in the future.
'Sigh'
Ha again. Finger print for convenience in conjunction with a passcode for security.
Example: online banking
My online banking app gives me the option to access my account using a passcode ordirectly if I have used the fingerprint sensor.
I believe he's sighing at your remark because iOS already requires a passcode when using TouchID. Touch ID is about convenience. thus your suggestion that one do so is sigh-worthy. Perhaps if you had an iphone you'd know this?
1a) We need a "poison finger" option to protect against thieves and unscrupulous governments* compelling us to use our fingerprints. 1b) This is now doable with the new MacBook Pros by creating another account that will launch an app you make with Automator that will call the shell script:
shutdown -h now
2) With the number of snatch-and-grab videos of iPhones being stolen that I've seen over the years, I wish that that Apple had an option that will automatically lock your iPhone if it gets disconnected from your Watch. To wit, out of Bluetooth range.
* Redundant statement.
I was thinking an option to lock the phone if an unregistered finger touches the home button.
Isn't that already there, to a certain extent? If a fingerprint unlock fails enough times, iOS forces you to enter your password. That can be accomplished by using an unregistered finger, or even a registered finger that can't be read accurately (e.g., the finger or home button is sufficiently wet or dirty). If you don't register one of the "obvious" fingers (pointer or thumb, I figure), you could probably fail enough attempts to force the need for a password before anyone figured out what you were up to.
The other option, of course, is to disable Touch ID and rely only on strong passwords if you're involved in the commission of a major crime, such as credit card fraud.
This is nothing new, police have been doing similar things with hackers and their laptops and computers. Good hackers will have self-destruct routines built into the their computer, if someone logs in too many time wrong it would erase everything or if they did not log in every few days it would erase everything things and so on.
When police or Investigators would raid the persons house they would have to do it in a way to catch the person already logged into the computer so to by pass the self-destruct routines, the only difference here is Apple did it for consumers.
I just like how people thinks this is a novel idea, this is how the FBI caught the guy who ran the Silk Road on the dark net and other hackers.
Could just hold the suspects finger, like while rolling his fingers on the ink pad for fingerprinting, and force him to unlock his phone. Home button, ink pad, fingerprint card. Done.
This is why I see fingerprint sensors more as convenience technology than security technology. If you use it, it's like having one password that you never change.
Touch ID is and always has been a convenience feature, not a security one. It only bridges security because without it most people didn't use any PIN and those that did were unlikely to have the device lock immediately.
Using it in conjunction with a typed password is better.
:sigh: The passcode is a requirement for Touch ID. If you don't use it within a certain timeframe the passcode is required. If you have too many failed attempts with Touch ID the passcode is required. If the device is restarted the passcode is required.
My Honor 7 with Android 6 allows me to use different fingerprints to unlock the device and I can set a print to give 'guest' access to the unit, limiting access to certain areas but not the entire phone. The fingerprint sensor also supports gestures and is situated on the rear of the phone, making one handed use very simple.
No.
'No'
Ha. Having used both systems, I can assure you that for phone use, the Huawei implementation is far more useful than Apple's. Not just a little. It is miles ahead.
I fully expect Apple to take 'hints' from it in the future.
'Sigh'
Ha again. Finger print for convenience in conjunction with a passcode for security.
Example: online banking
My online banking app gives me the option to access my account using a passcode ordirectly if I have used the fingerprint sensor.
I believe he's sighing at your remark because iOS already requires a passcode when using TouchID. Touch ID is about convenience. thus your suggestion that one do so is sigh-worthy. Perhaps if you had an iphone you'd know this?
Yes. I know why he 'sighed'. I know about the passcode. I have Touch ID devices at home.
My point was to use the fingerprint scanner for convenience in conjunction with a password for security and then, in reply to his 'sigh', I gave a very simple example to highlight an everyday use case.
If he had thought things through before 'sighing' or even simply asked for clarification first, I would have gone into more detail.
Detail that I thought was unnecessary as I think it is impossible to setup the fingerprint scanner without having established a passcode. At least on my Android device, after a startup I must first input my SIM PIN, followed by my passcode. The scanner won't work if it hasn't had the code pumped in previously.
My guess is that he just jumped to a wrong conclusion. I have no problem with that. It can happen to anyone but was the sigh really necessary?
His comical 'No' was just that, comical. However, I defended that point too.
If anyone else wants to chime in on the Huawei implementation of the fingerprint scanner and compare it to Apple's, I'm all ears, but in my experience, the Huawei implementation runs rings around Apple's. That's why I said Apple could take some hints from Huawei.
I think even Google has taken hints from them in the latest version of Android.
Could just hold the suspects finger, like while rolling his fingers on the ink pad for fingerprinting, and force him to unlock his phone. Home button, ink pad, fingerprint card. Done.
This is why I see fingerprint sensors more as convenience technology than security technology. If you use it, it's like having one password that you never change.
Touch ID is and always has been a convenience feature, not a security one. It only bridges security because without it most people didn't use any PIN and those that did were unlikely to have the device lock immediately.
Using it in conjunction with a typed password is better.
:sigh: The passcode is a requirement for Touch ID. If you don't use it within a certain timeframe the passcode is required. If you have too many failed attempts with Touch ID the passcode is required. If the device is restarted the passcode is required.
My Honor 7 with Android 6 allows me to use different fingerprints to unlock the device and I can set a print to give 'guest' access to the unit, limiting access to certain areas but not the entire phone. The fingerprint sensor also supports gestures and is situated on the rear of the phone, making one handed use very simple.
No.
'No'
Ha. Having used both systems, I can assure you that for phone use, the Huawei implementation is far more useful than Apple's. Not just a little. It is miles ahead.
I fully expect Apple to take 'hints' from it in the future.
'Sigh'
Ha again. Finger print for convenience in conjunction with a passcode for security.
Example: online banking
My online banking app gives me the option to access my account using a passcode ordirectly if I have used the fingerprint sensor.
I believe he's sighing at your remark because iOS already requires a passcode when using TouchID. Touch ID is about convenience. thus your suggestion that one do so is sigh-worthy. Perhaps if you had an iphone you'd know this?
Yes. I know why he 'sighed'. I know about the passcode. I have Touch ID devices at home.
My point was to use the fingerprint scanner for convenience in conjunction with a password for security and then, in reply to his 'sigh', I gave a very simple example to highlight an everyday use case.
If he had thought things through before 'sighing' or even simply asked for clarification first, I would have gone into more detail.
Detail that I thought was unnecessary as I think it is impossible to setup the fingerprint scanner without having established a passcode. At least on my Android device, after a startup I must first input my SIM PIN, followed by my passcode. The scanner won't work if it hasn't had the code pumped in previously.
My guess is that he just jumped to a wrong conclusion. I have no problem with that. It can happen to anyone but was the sigh really necessary?
His comical 'No' was just that, comical. However, I defended that point too.
If anyone else wants to chime in on the Huawei implementation of the fingerprint scanner and compare it to Apple's, I'm all ears, but in my experience, the Huawei implementation runs rings around Apple's. That's why I said Apple could take some hints from Huawei.
I think even Google has taken hints from them in the latest version of Android.
I still don't understand why you're suggesting use of a password in conjunction with Touch ID when it already requires one to use a passcode as backup. Are you honestly suggesting iOS uses have double authentication -- use their fingerprint AND a passcode/password input in order to unlock? If so, keep dreaming.
1a) We need a "poison finger" option to protect against thieves and unscrupulous governments* compelling us to use our fingerprints. 1b) This is now doable with the new MacBook Pros by creating another account that will launch an app you make with Automator that will call the shell script:
shutdown -h now
2) With the number of snatch-and-grab videos of iPhones being stolen that I've seen over the years, I wish that that Apple had an option that will automatically lock your iPhone if it gets disconnected from your Watch. To wit, out of Bluetooth range.
* Redundant statement.
What it needs is a "duress" code. eg using your middle finger, or a specific pin (eg 000000) makes the device delete it's encyption keys so it can't be recovered without restoring from a backup.
It doesn't help in a situation where law enforcement seizes your device the second you unlock it. However I need to suggest something obvious here. If you're in the business of crime, why the hell are you storing ANYTHING on the device. This is the prime answer to "cloud services" is that whatever you store your communication on, is not within the law jurisdiction of the country you are in. This is why all the criminals hiding behind Cloudflare claim they are in Canada or France, but the only part that is in US law jurisdiction is the cloudflare end-point. That means US Law enforcement and DMCA requests should be able to nuke the DNS of the site even if they can't get the server down.
Just never save passwords on your devices, it's inconvenient, but if you are up to something nefarious the last thing you'd ever want is the device to be compromised thus compromising everything and everyone connected to whatever you're into.
Could just hold the suspects finger, like while rolling his fingers on the ink pad for fingerprinting, and force him to unlock his phone. Home button, ink pad, fingerprint card. Done.
This is why I see fingerprint sensors more as convenience technology than security technology. If you use it, it's like having one password that you never change.
Touch ID is and always has been a convenience feature, not a security one. It only bridges security because without it most people didn't use any PIN and those that did were unlikely to have the device lock immediately.
Using it in conjunction with a typed password is better.
:sigh: The passcode is a requirement for Touch ID. If you don't use it within a certain timeframe the passcode is required. If you have too many failed attempts with Touch ID the passcode is required. If the device is restarted the passcode is required.
My Honor 7 with Android 6 allows me to use different fingerprints to unlock the device and I can set a print to give 'guest' access to the unit, limiting access to certain areas but not the entire phone. The fingerprint sensor also supports gestures and is situated on the rear of the phone, making one handed use very simple.
No.
'No'
Ha. Having used both systems, I can assure you that for phone use, the Huawei implementation is far more useful than Apple's. Not just a little. It is miles ahead.
I fully expect Apple to take 'hints' from it in the future.
'Sigh'
Ha again. Finger print for convenience in conjunction with a passcode for security.
Example: online banking
My online banking app gives me the option to access my account using a passcode ordirectly if I have used the fingerprint sensor.
I believe he's sighing at your remark because iOS already requires a passcode when using TouchID. Touch ID is about convenience. thus your suggestion that one do so is sigh-worthy. Perhaps if you had an iphone you'd know this?
Yes. I know why he 'sighed'. I know about the passcode. I have Touch ID devices at home.
My point was to use the fingerprint scanner for convenience in conjunction with a password for security and then, in reply to his 'sigh', I gave a very simple example to highlight an everyday use case.
If he had thought things through before 'sighing' or even simply asked for clarification first, I would have gone into more detail.
Detail that I thought was unnecessary as I think it is impossible to setup the fingerprint scanner without having established a passcode. At least on my Android device, after a startup I must first input my SIM PIN, followed by my passcode. The scanner won't work if it hasn't had the code pumped in previously.
My guess is that he just jumped to a wrong conclusion. I have no problem with that. It can happen to anyone but was the sigh really necessary?
His comical 'No' was just that, comical. However, I defended that point too.
If anyone else wants to chime in on the Huawei implementation of the fingerprint scanner and compare it to Apple's, I'm all ears, but in my experience, the Huawei implementation runs rings around Apple's. That's why I said Apple could take some hints from Huawei.
I think even Google has taken hints from them in the latest version of Android.
I still don't understand why you're suggesting use of a password in conjunction with Touch ID when it already requires one to use a passcode as backup. Are you honestly suggesting iOS uses have double authentication -- use their fingerprint AND a passcode/password input in order to unlock? If so, keep dreaming.
No. I have made it clear and given a clear example. Once you have pumped in your passode, you can go for days or weeks using just your fingerprint. That is great for convenience but not the best option for security.
My online banking app gives me the option to access my account using the fingerprint scanner or a passcode.
There are many different security situations on many different levels that cover anything from nosey partners through to organised crime.
Your security decisions will be taken on your risk levels and your own personal thinking on security.
My opinion is that the best options involve one method on conjunction with another and for them to be highly configurable.
For most people though, the default settings will be enough.
Comments
You're talking about restricting full access to another person you might allow to use the phone, not a person that is capable of hacking into your phone. I would imagine the hardest part of hacking into a phone is getting pass the lock screen. Once a hacker pass that, the rest is easy, even if you're in "guest" mode.
And if you do use 2 fingerprints that can unlock the phone, then law enforcement have a better chance of unlocking the phone because there's now two fingerprints that will do it. That's a 2 in 10 chance of guessing the right fingerprint to use. Where as with a a single fingerprint unlock, they only have a 1 in 10 chance. And don't forget they have multiple attempts before the phone locks and a pass code is needed. What there need is to be is an option to lock the phone, after just 1or 2 failed attempts. (If it isn't already an option or an app that will do that.)
On another related topic, didn't I read here, a while back, that Apple has a patent that can detect if an iPhone is snatched from a user's hand by using software, the accelerometer and maybe the GPS? Maybe time for Apple to seriously think about having that feature on an iPhone. Probably could be installed with just an iOS update on newer iPhones.
Let's say you decided to rob a store today. What would be on your phone that would help in the conviction unless you stupidly sent an email or text that revealed your plans. All it would do is result in 'guilt by association' for the people you had listed in your address book or exchanged emails, etc. with.
You're really living in denial. Just look at the crazies Trump wants for his cabinet. And the Supreme Court might not be so helpful if Trump gets some extreme right-wing fanatic in there. Obama has not acted outside the restraints of the office in that he has issued about the same number of executive orders as previous recent Presidents and far less than many. And in the few cases where one could argue that he did, the Supreme Court did step in:
Obama: 260 executive orders
W. Bush: 291
Clinton: 364
H.W. Bush: 166 (1 term)
Reagan: 381
Carter: 320 (1 term)
Ford: 169 (1 term +)
Nixon: 346
LBJ: 325 (1 year + 1 term)
JFK: 214 (3 years)
IKE: 484
HST: 907
FDR: 3721 (3 terms +)
For me the finger print sensor is more a convenience so I have multiple fingerprints on the phone from both hands. Being able to use the swipe down gesture on the sensor from either hand for notifications and direct access is something I now can't live without.
Either way, guest access is a great feature that I hope gets developed further, both from practical and a security perspective.
So, don't use a thumb or index finger
This is nothing new, police have been doing similar things with hackers and their laptops and computers. Good hackers will have self-destruct routines built into the their computer, if someone logs in too many time wrong it would erase everything or if they did not log in every few days it would erase everything things and so on.
When police or Investigators would raid the persons house they would have to do it in a way to catch the person already logged into the computer so to by pass the self-destruct routines, the only difference here is Apple did it for consumers.
I just like how people thinks this is a novel idea, this is how the FBI caught the guy who ran the Silk Road on the dark net and other hackers.
My point was to use the fingerprint scanner for convenience in conjunction with a password for security and then, in reply to his 'sigh', I gave a very simple example to highlight an everyday use case.
If he had thought things through before 'sighing' or even simply asked for clarification first, I would have gone into more detail.
Detail that I thought was unnecessary as I think it is impossible to setup the fingerprint scanner without having established a passcode. At least on my Android device, after a startup I must first input my SIM PIN, followed by my passcode. The scanner won't work if it hasn't had the code pumped in previously.
My guess is that he just jumped to a wrong conclusion. I have no problem with that. It can happen to anyone but was the sigh really necessary?
His comical 'No' was just that, comical. However, I defended that point too.
If anyone else wants to chime in on the Huawei implementation of the fingerprint scanner and compare it to Apple's, I'm all ears, but in my experience, the Huawei implementation runs rings around Apple's. That's why I said Apple could take some hints from Huawei.
I think even Google has taken hints from them in the latest version of Android.
What it needs is a "duress" code. eg using your middle finger, or a specific pin (eg 000000) makes the device delete it's encyption keys so it can't be recovered without restoring from a backup.
It doesn't help in a situation where law enforcement seizes your device the second you unlock it. However I need to suggest something obvious here. If you're in the business of crime, why the hell are you storing ANYTHING on the device. This is the prime answer to "cloud services" is that whatever you store your communication on, is not within the law jurisdiction of the country you are in. This is why all the criminals hiding behind Cloudflare claim they are in Canada or France, but the only part that is in US law jurisdiction is the cloudflare end-point. That means US Law enforcement and DMCA requests should be able to nuke the DNS of the site even if they can't get the server down.
The obligatory xkcd https://xkcd.com/538/
Just never save passwords on your devices, it's inconvenient, but if you are up to something nefarious the last thing you'd ever want is the device to be compromised thus compromising everything and everyone connected to whatever you're into.
My online banking app gives me the option to access my account using the fingerprint scanner or a passcode.
There are many different security situations on many different levels that cover anything from nosey partners through to organised crime.
Your security decisions will be taken on your risk levels and your own personal thinking on security.
My opinion is that the best options involve one method on conjunction with another and for them to be highly configurable.
For most people though, the default settings will be enough.