This year's Galaxy S8 has already suffered an embarrassment related to the fact that its face recognition feature for unlocking the phone could be tricked to unlock with a simple photo of the person who set it up."
If you read the comments in the article, you would know that this is NOT a security feature and been around in Android for years. Even a few years ago they already proved that it was not a security feature, and when activated the phone tells you it does not recommend you use it.
This is but one example from this long article where facts get missed. Seems that is all that D "Fake News" ED can do.
Say what? Did you forget what Google did with Face Unlock after it was fooled by a picture? They added Liveness Check where you had to blink to "prove" you're not a picture.
It's beyond ridiculous that Samsung could have missed this given the publicity surrounding Face Unlock the first time it was fooled. Did they even test it with a picture when they were developing this? Shows how terrible Samsung is with software.
And why do we need 3 unlocking systems (face, iris, fingerprint)? Maybe they were thinking: "Google has 27 different messaging systems. We need to up our game and have multiple login methods."
Security options depend on individuals' needs. The more we have to choose from, the better. IIRC, chemotherapy patients can have problematic prints. I'm sure there are multiple reasons why some people could prefer one option over another.
Nice apology for Samsung doing their usual "throw everything at the wall to see what sticks" method of developing products/features. Bonus points for trying to play the cancer angle to justify what is a stupid feature.
Why don't you answer his other question in his previous post?
Should the iPhone force users to come up with strong passcodes? Should all SIMs ship with PINs? Should two factor security be an obligation?
Can you imagine the frustration for non tech users if their phones refused to accept their preferred codes because they were considered too weak?
This year's Galaxy S8 has already suffered an embarrassment related to the fact that its face recognition feature for unlocking the phone could be tricked to unlock with a simple photo of the person who set it up."
If you read the comments in the article, you would know that this is NOT a security feature and been around in Android for years. Even a few years ago they already proved that it was not a security feature, and when activated the phone tells you it does not recommend you use it.
This is but one example from this long article where facts get missed. Seems that is all that D "Fake News" ED can do.
Say what? Did you forget what Google did with Face Unlock after it was fooled by a picture? They added Liveness Check where you had to blink to "prove" you're not a picture.
It's beyond ridiculous that Samsung could have missed this given the publicity surrounding Face Unlock the first time it was fooled. Did they even test it with a picture when they were developing this? Shows how terrible Samsung is with software.
And why do we need 3 unlocking systems (face, iris, fingerprint)? Maybe they were thinking: "Google has 27 different messaging systems. We need to up our game and have multiple login methods."
Security options depend on individuals' needs. The more we have to choose from, the better. IIRC, chemotherapy patients can have problematic prints. I'm sure there are multiple reasons why some people could prefer one option over another.
Nice apology for Samsung doing their usual "throw everything at the wall to see what sticks" method of developing products/features. Bonus points for trying to play the cancer angle to justify what is a stupid feature.
Why don't you answer his other question in his previous post?
Should the iPhone force users to come up with strong passcodes? Should all SIMs ship with PINs? Should two factor security be an obligation?
Can you imagine the frustration for non tech users if their phones refused to accept their preferred codes because they were considered too weak?
Sorry, who are you again and why should I listen to you?
This year's Galaxy S8 has already suffered an embarrassment related to the fact that its face recognition feature for unlocking the phone could be tricked to unlock with a simple photo of the person who set it up."
If you read the comments in the article, you would know that this is NOT a security feature and been around in Android for years. Even a few years ago they already proved that it was not a security feature, and when activated the phone tells you it does not recommend you use it.
This is but one example from this long article where facts get missed. Seems that is all that D "Fake News" ED can do.
Say what? Did you forget what Google did with Face Unlock after it was fooled by a picture? They added Liveness Check where you had to blink to "prove" you're not a picture.
It's beyond ridiculous that Samsung could have missed this given the publicity surrounding Face Unlock the first time it was fooled. Did they even test it with a picture when they were developing this? Shows how terrible Samsung is with software.
And why do we need 3 unlocking systems (face, iris, fingerprint)? Maybe they were thinking: "Google has 27 different messaging systems. We need to up our game and have multiple login methods."
Security options depend on individuals' needs. The more we have to choose from, the better. IIRC, chemotherapy patients can have problematic prints. I'm sure there are multiple reasons why some people could prefer one option over another.
Nice apology for Samsung doing their usual "throw everything at the wall to see what sticks" method of developing products/features. Bonus points for trying to play the cancer angle to justify what is a stupid feature.
Why don't you answer his other question in his previous post?
Should the iPhone force users to come up with strong passcodes? Should all SIMs ship with PINs? Should two factor security be an obligation?
Can you imagine the frustration for non tech users if their phones refused to accept their preferred codes because they were considered too weak?
As of iOS 9, already moved from a 4-digit to a 6-digit PIN, which increases the number of possible combinations by a factor of 100.
It's probably worth noting that if VIV was worth buying, Apple would have bought it. The technical demonstration of VIV was impressive, but it didn't actually offer much more than what Apple would have probably been able to develop internally with Siri. (Context and new domains have already made their way into Siri, further enhancement is obvious.)
Isn't VIV nothing more then Siri? Same group of people making the same thing once again. Remember Siri did do more and Apple limited it when it was acquired. What I don't understand is why Apple didn't sue? To me it looks like just redoing your work once again and selling it to another company.
This year's Galaxy S8 has already suffered an embarrassment related to the fact that its face recognition feature for unlocking the phone could be tricked to unlock with a simple photo of the person who set it up."
If you read the comments in the article, you would know that this is NOT a security feature and been around in Android for years. Even a few years ago they already proved that it was not a security feature, and when activated the phone tells you it does not recommend you use it.
This is but one example from this long article where facts get missed. Seems that is all that D "Fake News" ED can do.
Say what? Did you forget what Google did with Face Unlock after it was fooled by a picture? They added Liveness Check where you had to blink to "prove" you're not a picture.
It's beyond ridiculous that Samsung could have missed this given the publicity surrounding Face Unlock the first time it was fooled. Did they even test it with a picture when they were developing this? Shows how terrible Samsung is with software.
And why do we need 3 unlocking systems (face, iris, fingerprint)? Maybe they were thinking: "Google has 27 different messaging systems. We need to up our game and have multiple login methods."
Security options depend on individuals' needs. The more we have to choose from, the better. IIRC, chemotherapy patients can have problematic prints. I'm sure there are multiple reasons why some people could prefer one option over another.
Nice apology for Samsung doing their usual "throw everything at the wall to see what sticks" method of developing products/features. Bonus points for trying to play the cancer angle to justify what is a stupid feature.
Why don't you answer his other question in his previous post?
Should the iPhone force users to come up with strong passcodes? Should all SIMs ship with PINs? Should two factor security be an obligation?
Can you imagine the frustration for non tech users if their phones refused to accept their preferred codes because they were considered too weak?
Sorry, who are you again and why should I listen to you?
Since you replied to one of Avon B7's posts, I just asked if you could answer to his previous post in the same thread related to the same topic with lot more details. Agreed, it is absolutely your choice to ignore posts. Just wanted to let you know why I posted what I posted. You can ignore this as well. No need to reply.
I just watched the 2015 Chinese animated film 'The Autobots'. Released in hundreds of Chinese theatres. I've never seen anything like it! Truly, unique creative genius at work!
This year's Galaxy S8 has already suffered an embarrassment related to the fact that its face recognition feature for unlocking the phone could be tricked to unlock with a simple photo of the person who set it up."
If you read the comments in the article, you would know that this is NOT a security feature and been around in Android for years. Even a few years ago they already proved that it was not a security feature, and when activated the phone tells you it does not recommend you use it.
1) you're right it's not a security feature -- it's a security risk. allowing easily tricked device authentication is a security vulnerability. A flaw. Weakness.
2) you're saying it makes sense to offer a feature that the phone itself then tells you not to use? that's insanity. can you honestly imagine an iphone doing this? no. and that's why these crappy samsung phones are only knockoffs of the real thing.
It's not insanity. It's convenience.
By your logic we can conclude that any phone that allows you to use none of its security features, or very weak options (like guessable passcodes) is a security risk.
I've already been over this with you. Even a four digit passcode is far more secure than a device which lets you grab a photo off the mantle and authenticate with it. That is a vulnerability -- but it wold take many many tries to randomly guess a passcode, potentially wiping it in the proces of failed guesses.
Neither is akin to not using authentication at all. The obvious difference is when using a form of authentication one believes it to be reasonably secure. This knockoff with an easily circumvented lock screen is not reasonably secured. Choosing not to use any authentication gives no false sense of security.
This year's Galaxy S8 has already suffered an embarrassment related to the fact that its face recognition feature for unlocking the phone could be tricked to unlock with a simple photo of the person who set it up."
If you read the comments in the article, you would know that this is NOT a security feature and been around in Android for years. Even a few years ago they already proved that it was not a security feature, and when activated the phone tells you it does not recommend you use it.
This is but one example from this long article where facts get missed. Seems that is all that D "Fake News" ED can do.
Say what? Did you forget what Google did with Face Unlock after it was fooled by a picture? They added Liveness Check where you had to blink to "prove" you're not a picture.
It's beyond ridiculous that Samsung could have missed this given the publicity surrounding Face Unlock the first time it was fooled. Did they even test it with a picture when they were developing this? Shows how terrible Samsung is with software.
And why do we need 3 unlocking systems (face, iris, fingerprint)? Maybe they were thinking: "Google has 27 different messaging systems. We need to up our game and have multiple login methods."
Security options depend on individuals' needs. The more we have to choose from, the better. IIRC, chemotherapy patients can have problematic prints. I'm sure there are multiple reasons why some people could prefer one option over another.
Nice apology for Samsung doing their usual "throw everything at the wall to see what sticks" method of developing products/features. Bonus points for trying to play the cancer angle to justify what is a stupid feature.
One of my clients had cancer and chemotherapy 30 years ago. She has always mentioned the print problem as a result. I don't know how much truth there is in it but it's what she says. Independently of that factor my comment still stands. It is not an apology for Samsung. No doubt Apple will do the same and add more security options as they become feasible.
This year's Galaxy S8 has already suffered an embarrassment related to the fact that its face recognition feature for unlocking the phone could be tricked to unlock with a simple photo of the person who set it up."
If you read the comments in the article, you would know that this is NOT a security feature and been around in Android for years. Even a few years ago they already proved that it was not a security feature, and when activated the phone tells you it does not recommend you use it.
1) you're right it's not a security feature -- it's a security risk. allowing easily tricked device authentication is a security vulnerability. A flaw. Weakness.
2) you're saying it makes sense to offer a feature that the phone itself then tells you not to use? that's insanity. can you honestly imagine an iphone doing this? no. and that's why these crappy samsung phones are only knockoffs of the real thing.
It's not insanity. It's convenience.
By your logic we can conclude that any phone that allows you to use none of its security features, or very weak options (like guessable passcodes) is a security risk.
I've already been over this with you. Even a four digit passcode is far more secure than a device which lets you grab a photo off the mantle and authenticate with it. That is a vulnerability -- but it wold take many many tries to randomly guess a passcode, potentially wiping it in the proces of failed guesses.
Neither is akin to not using authentication at all. The obvious difference is when using a form of authentication one believes it to be reasonably secure. This knockoff with an easily circumvented lock screen is not reasonably secured. Choosing not to use any authentication gives no false sense of security.
You've lost me. You are knocking Samsung for providing an option that is weak even though the system itself warns you that there are better options on the same phone but have no issue with a phone that allows you to use weak four digit codes or none at all and possibly gives you no warning.
You label the former a security risk but the latter is OK?
If you argue the latter is fine because the user can freely decide to turn passcode on/off or choose a very weak one, it conflicts with your criticism of Samsung's facial recognition because the user has the same options as with passcodes and to top things off even gets a warning when the feature is turned on.
The only decent resolution of this conflict would be for the phone to reject weak/repeated passcodes and not allow you to turn them off.
Why do assume that the user might assume a feature to be relatively secure if the feature warns the user when it is turned on?
As for the mantle photo scenario, I think it would fail as a thief is unlikely to have your photo and if it were a case of privacy, as opposed to theft, the user would have probably heeded the warning on facial recognition and chosen another option.
This year's Galaxy S8 has already suffered an embarrassment related to the fact that its face recognition feature for unlocking the phone could be tricked to unlock with a simple photo of the person who set it up."
If you read the comments in the article, you would know that this is NOT a security feature and been around in Android for years. Even a few years ago they already proved that it was not a security feature, and when activated the phone tells you it does not recommend you use it.
This is but one example from this long article where facts get missed. Seems that is all that D "Fake News" ED can do.
If it's not a security feature, why have it? Just have a wake button, if you're going to do that.
This is the warning the phone gives you to use facial recognition.
It really can't be made more clearer by Samsung FROM THE START that the feature isn't safe. Honestly, it's a none issue. And that it's the only issue people can pick up should tell you what a good phone it is.
This year's Galaxy S8 has already suffered an embarrassment related to the fact that its face recognition feature for unlocking the phone could be tricked to unlock with a simple photo of the person who set it up."
If you read the comments in the article, you would know that this is NOT a security feature and been around in Android for years. Even a few years ago they already proved that it was not a security feature, and when activated the phone tells you it does not recommend you use it.
This is but one example from this long article where facts get missed. Seems that is all that D "Fake News" ED can do.
Say what? Did you forget what Google did with Face Unlock after it was fooled by a picture? They added Liveness Check where you had to blink to "prove" you're not a picture.
It's beyond ridiculous that Samsung could have missed this given the publicity surrounding Face Unlock the first time it was fooled. Did they even test it with a picture when they were developing this? Shows how terrible Samsung is with software.
And why do we need 3 unlocking systems (face, iris, fingerprint)? Maybe they were thinking: "Google has 27 different messaging systems. We need to up our game and have multiple login methods."
avon b7 said: You've lost me. You are knocking Samsung for providing an option that is weak even though the system itself warns you that there are better options on the same phone but have no issue with a phone that allows you to use weak four digit codes or none at all and possibly gives you no warning.
You label the former a security risk but the latter is OK?
If you argue the latter is fine because the user can freely decide to turn passcode on/off or choose a very weak one, it conflicts with your criticism of Samsung's facial recognition because the user has the same options as with passcodes and to top things off even gets a warning when the feature is turned on.
The only decent resolution of this conflict would be for the phone to reject weak/repeated passcodes and not allow you to turn them off.
Why do assume that the user might assume a feature to be relatively secure if the feature warns the user when it is turned on?
As for the mantle photo scenario, I think it would fail as a thief is unlikely to have your photo and if it were a case of privacy, as opposed to theft, the user would have probably heeded the warning on facial recognition and chosen another option.
These two items aren't equivalent; a weak passcode vs bad facial recognition.
Even a 4 digit passcode requires near governmental level resources to hack. (given 10000 possibilities, of which the average to find a match is about 5000, which could be reduced by half again if we use advanced methods and focus on more common numerical patterns, you are still looking at more than 2000 hours of work to unlock the phone, or about 1 man year)
The facial recognition on the S8 can be bypassed by a 12 year old with your facebook profile picture in 10 minutes.
Think of this in terms of real locks; I know my $25 front door lock isn't as hardened as say a bank vault lock, but I do expect it to not be so easily bypassed as to be trivial; like having the screws on the outside or something....
Even a 4 digit passcode requires near governmental level resources to hack. (given 10000 possibilities, of which the average to find a match is about 5000, which could be reduced by half again if we use advanced methods and focus on more common numerical patterns, you are still looking at more than 2000 hours of work to unlock the phone, or about 1 man year)
I agree with the premise of your response, but your summation is based on the median for a randomly chosen PIN.
A table of the top 20 found passwords in shown at the right. A staggering 26.83% of all passwords could be guessed by attempting these 20 combinations!
And if you try to set up artificial barriers so that certain patterns can't be used, you also reduce the pool of possible combinations.
I say create a password. Even just 4 characters long is over 1 billion options on iOS with all the special character options, which are easily accessible. If they ever allow emoji characters the possibilities skyrocket even more.
This is the warning the phone gives you to use facial recognition.
It really can't be made more clearer by Samsung FROM THE START that the feature isn't safe. Honestly, it's a none issue. And that it's the only issue people can pick up should tell you what a good phone it is.
Wow. That is really bad. Why include it if it isn't safe?
A smart decision by Samsung - by releasing Bixby in its current state and disappointing users would have been a mistake. Samsung so desperately wants to lessen their huge dependence on Google software, but don't have the expertise to do it. Apple is getting close with their alternative offerings ... Apple Maps, Mail/Calendar, (Bing), Safari, Siri, Home Kit, Productivity apps... but still not yet the preferred choice or best in class in all of these categories.
Very true. Samsung is very keen on reducing their dependence on Google services. In turn, Google is trying to lessen their dependence on Samsung hardware. It is obvious that excellent hardware is far harder to duplicate than excellent software. Not that the software side is easy. Apple has struggled at times in trying to match Google services also, but more likely the struggle has been due to their respect for privacy while Google doesn't care.
If Bixby turns out to be quite useful, it will have the effect of blunting Google's assistant on the best Android product on the market. Most people have a tendency to just use what comes integrated into the device. It is better for Samsung to get it right than to put forth a half baked product on time. The Apple maps roll out needs not to be duplicated.
I understand the disdain and scorn for Google. The company is as bad as Microsoft was during their heady days of software dominance.
I don't understand the same thing directed at Samsung. They actually make very nice hardware. So much so that Apple used them to build the A series SOCs for a lot of years. Apple is now using them to build huge numbers of OLED panels. It is having serious repercussions for the rest of the Android OEMs who are losing out on the ability to produce high end smartphones with the technology, Google itself included in that.
Samsung's international phones also include the Exynos SOC which outperforms the QCOM equivalent with better battery life to boot. The Pixel uses the Snapdragon 821 exclusively. The Galaxy S8 will use the Snapdragon 835 for the US model and the Exynos 8895 for the international one. Though Samsung claims both versions will have equivalent performance, I suspect that battery life will be much better with the Exynos CPU.
And Tizen isn't half bad speaking from the perspective of owning the Gear S3 Frontier which allows me to make phone calls on the AT&T network independently of a phone. It perhaps may be a security nightmare, but then again so is Android itself. The Apple Watch is nice, but until Apple delivers on puttting an independent baseband radio into it, the device has little appeal for me. Samsung is the only manufacturer that has delivered a compelling wearable. LG and Huawei's Android Wear watches are atrocious designs.
Samsung has many advantages over Google and even Apple as they make a vast array of home appliances. Tizen is going to be the center of their IoT efforts. Google will not be playing in any of Samsung's products outside of the smartphone and there is coming a time when the flagship phone comes with Tizen and Android is relegated to a less capable model.
Apple should be working closely with Samsung's IoT efforts making iOS the preferred platform for integration.
I even have a great deal of respect for Amazon. And they are probably the fiercest Apple competitor of all. They have built a worthy competitor to iTunes and also to Siri. But they did not do it the way Google did with iOS. Amazon has no one sitting on the Apple board of directors like Schmidt who literally stole the iOS interface and design. Had Google not done that, Bing wouldn't be driving Siri's search results, there would be no Apple maps and YouTube would still be included as a default app. Google is slowly being choked off from the most profitable group of mobile users, those who use iOS. And now Samsung is attempting to do the same. And they won't stop until they best Google. It may take some time, but it will come. Back in the 90's the notion that Samsung and LG would be the premier consumer electronics companies over the likes of Sony, JVC, Panasonic, Sharp and the like seemed preposterous too. But it happened. Even the brainiacs from MIT gave Hyundai no chance against the Japanese, yet they now build vehicles with better technology than any Japanese nameplate.
Samsung is Apple's true competitor. Google is going to go by the wayside. It is just a matter of time. That being said, the two companies have far more to gain by collaborating than trying to wantonly compete. A Wintel type allliance would be best for both. And in doing so, Google can see their nightmare come true. Being locked out of the premier hardware systems. It was their worry with respect to Microsoft and now they are worried about Samsung also. Why else are they building the Pixel along with that half baked Home product. They lost that market too. To Amazon of all companies.
Apple and Samsung should work closely together on more than just OLED panels. Porting Apple maps, iChat, etc. over to Tizen would go a long ways in reducing Samsung's need for Android. Apple could also make use of Samsung's 3D flash memory product also. Toshiba's product is falling behind and Micron is overpriced.
Apple and Samsung could easily have a very amicable and collaborative relationship. Both make premier hardware. They both profit from making smartphones although Apple does take the vast majority of the profits. However, Samsung can take the profits Google now makes from the software side allowing Apple to keep what they are already making. Both companies could be quite profitable and keep the market divided between themselves much like Intel and Microsoft did in the 90's and early 2000's.
If the Google/Android fans don't like it, tough. Denial isn't going to change what is happening. Perhaps Google should start investing its billions into developing something worthwhile instead of stealing my personal data and selling it to advertisers. Tizen may be a coding disaster, but Samsung isn't stealing my data the same way Google would and blast me with targeted advertising. And the company does build the best components in the industry. So they can do something right. They just need to apply the same standards to their software as they do with their hardware. They need to hire a guy like Avie Tevanian. Seoul National University produces the among the best scientists and engineers on the planet. Many of them go straight to Samsung. They are quite capable. They only need capable leadership and guidance. Apple could and should help them there. Google provides virtually no value to Apple. Samsung is an entirely different matter.
Take a look at Alexa Voice Remote for Amazon Echo and Echo Dot for an amazing Apple remote knockoff.
I've asked this before but no one has dared comment. Should the iPhone force users to come up with strong passcodes? Should all SIMs ship with PINs? Should two factor security be an obligation?
I don't think it's really a question no one daring to answer.
It's a bit like when you walk past a man standing on a soapbox and shouting that the world is flat. No one ever argues with him because they know that if he honestly believes that then waving evidence at him is a waste of time.
I've asked this before but no one has dared comment. Should the iPhone force users to come up with strong passcodes? Should all SIMs ship with PINs? Should two factor security be an obligation?
I don't think it's really a question no one daring to answer.
It's a bit like when you walk past a man standing on a soapbox and shouting that the world is flat. No one ever argues with him because they know that if he honestly believes that then waving evidence at him is a waste of time.
Comments
Why don't you answer his other question in his previous post?
Should the iPhone force users to come up with strong passcodes? Should all SIMs ship with PINs? Should two factor security be an obligation?
Can you imagine the frustration for non tech users if their phones refused to accept their preferred codes because they were considered too weak?
Sorry, who are you again and why should I listen to you?
Since you replied to one of Avon B7's posts, I just asked if you could answer to his previous post in the same thread related to the same topic with lot more details. Agreed, it is absolutely your choice to ignore posts. Just wanted to let you know why I posted what I posted. You can ignore this as well. No need to reply.
Neither is akin to not using authentication at all. The obvious difference is when using a form of authentication one believes it to be reasonably secure. This knockoff with an easily circumvented lock screen is not reasonably secured. Choosing not to use any authentication gives no false sense of security.
You label the former a security risk but the latter is OK?
If you argue the latter is fine because the user can freely decide to turn passcode on/off or choose a very weak one, it conflicts with your criticism of Samsung's facial recognition because the user has the same options as with passcodes and to top things off even gets a warning when the feature is turned on.
The only decent resolution of this conflict would be for the phone to reject weak/repeated passcodes and not allow you to turn them off.
Why do assume that the user might assume a feature to be relatively secure if the feature warns the user when it is turned on?
As for the mantle photo scenario, I think it would fail as a thief is unlikely to have your photo and if it were a case of privacy, as opposed to theft, the user would have probably heeded the warning on facial recognition and chosen another option.
It really can't be made more clearer by Samsung FROM THE START that the feature isn't safe. Honestly, it's a none issue. And that it's the only issue people can pick up should tell you what a good phone it is.
Even a 4 digit passcode requires near governmental level resources to hack. (given 10000 possibilities, of which the average to find a match is about 5000, which could be reduced by half again if we use advanced methods and focus on more common numerical patterns, you are still looking at more than 2000 hours of work to unlock the phone, or about 1 man year)
The facial recognition on the S8 can be bypassed by a 12 year old with your facebook profile picture in 10 minutes.
Think of this in terms of real locks; I know my $25 front door lock isn't as hardened as say a bank vault lock, but I do expect it to not be so easily bypassed as to be trivial; like having the screws on the outside or something....
And if you try to set up artificial barriers so that certain patterns can't be used, you also reduce the pool of possible combinations.
I say create a password. Even just 4 characters long is over 1 billion options on iOS with all the special character options, which are easily accessible. If they ever allow emoji characters the possibilities skyrocket even more.
Wow. That is really bad. Why include it if it isn't safe?
I had the same question about their iris scanner.
Why include it if it isn't safe?
It's a bit like when you walk past a man standing on a soapbox and shouting that the world is flat. No one ever argues with him because they know that if he honestly believes that then waving evidence at him is a waste of time.
Please continue with the matte black finish too.
Absolutely spot on! Very apt.