backtop


Print 81 comment(s) - last by TakinYourPoint.. on Oct 9 at 3:06 PM


  (Source: Android Freeware)
But hackers have already shown fingerprint sensors to be weak form of security

It took hackers a short weekend to circumvent the fingerprint sensor unlock mechanism on Apple, Inc.'s (AAPL) new iPhone 5S smartphone.  The rapid breach of the new feature -- which Apple came by via its acquisition of touch-security firm Authentec, Inc. in 2012 -- was an embarrassing, to say the least.  Prior to the hack Apple had made the sensor out to be a hacker-proof security solution, with marketing SVP Phil Schiller boldly billing it as "a simple and secure way to unlock your phone with just a touch of your finger."

I. FIDO -- An Alternative to Touch ID?

But despite that lesson in the inherent insecurity of today's flawed biometric security solutions, it appears that some OEMs who use Google Inc.'s (GOOG) Android operating system are eager to get their fingers on fingerprint scanners of their own.

A group call the Fast IDentity Online Alliance (FIDO Alliance) has compiled 48 top tech companies who look to role out a comprehensive standard for mobile fingerprint security, which will allow users to not only unlock their devices and access marketplaces (as Apple's Touch ID allows), but also connect to secure Wi-Fi and authenticate into web portals via a fingerprint scan.

iPhone 5S sensor
Apple's fingerprint sensor has intrigued the public -- and Android rivals. [Image Source: Apple]

The FIDO Alliance include Google itself, as well as two top Android phonemakers -- the Lenovo Group, Ltd. (HKG:0992) and LG Electronics, Inc. (KSC:066570).  Embattled Canadian phonemaker BlackBerry, Ltd. (TSE:BB) is also a member.

II. Cloud Era Two-Factor Authentication Sounds Good, on Paper at Least

One promising thing is that the FIDO Alliance's technical outline suggests that members aren't looking to use fingerprint scans for single-factor authentication, as Apple's Touch ID is.  That's perhaps one of the reasons why Apple's Touch ID has not yet been deemed secure enough to receive FIDO certification (although it's unclear whether Apple wants it).

In an interview with USA Today, FIDO Alliance president Michael Barrett states:

The intention of FIDO is absolutely that it will allow consumers to have access to mobile services that they can use with very low friction, while keeping good security.  That's explicitly what we want to build.

Our view is that it's possible Apple might choose to start using FIDO, but that's probably a couple of years out.

FIDO registration

It's possible that future Android smartphones could still prompt users for a PIN -- a short numeric password -- while using a fingerprint scan as a second factor to enhance security.  Such an approach could mitigate much of the criticisms against Touch ID, but it also falls short of the one-touch solution Apple is promising.  It's possible that some Android phonemakers may be tempted to implement similar one-touch solutions, even if it appears infeasible to implement such a solution a truly secure manner.

FIDO login

On the other hand, some security is better than none.  Incredibly, Apple claimed that its internal usage data showed that nearly half of users didn't password protect their phones.  Fingerprint scanners may be an imperfect solution that can be circumvented by a motivated, technically skilled hacker -- and can expose your device to easy access by law enforcement -- but they do provide a degree of security against unskilled members of the public.

FIDO Authentication

Further, the FIDO standard is aiming to allow for a broad set of biometrics-based authentication mechanisms, including retina identification, facial recognition and more.

III. But is the NSA Spying On Your Prints?

Android's fingerprint sensors are expected to roll out in early-to-mid 2014.  The FIDO Alliance is tapping a Silicon Valley startup named Nok Nok Labs to handle the server traffic for authentication of fingerprints.  Phil Dunkelberger, CEO of Nok Nok Lab, "We didn't create the current authentication mess overnight, so it's going to take us a while to fix it.  We need to educate the marketplace that it is possible to make things more secure for business and easier for consumers, while still ensuring that legitimate privacy concerns are respected."

Apple Touch ID
Apple stores data locally, which perhaps limits its utility, but makes it safer from prying government eyes. [Image Source: Apple]

But while the potential for two-factor authentication and a broader set of compatible services sounds like a good thing, this cloud-based approach brings new, serious downsides.  Most notably, given recent revelations that the U.S. National Security Agency (NSA) regularly seizes much of the world's internet traffic -- frequently even illegally inspecting the communications of Americans -- such efforts will likely be perceived by a degree of cynicism.  After all, Touch ID may be imperfect, but at least it's local and doesn't pass a copy of your fingerprint to an NSA databases (at least not that we know of).  

NSA spying taxpayers
Some fear fingerprint authentication will become yet another treasure in the NSA's data trove.
[Image Source: The People's Cube]
 
Such thoughts aren't paranoia -- the NSA has reportedly demanded master encryption keys from most top tech firms.  Additionally, the agency allegedly spent $250M USD to weaken global encryption -- making it easier to seize sensitive data -- such as fingerprint passwords.  In other words, there's no free lunch when it comes to biometrics as the mobile industry's top minds try to balance security, utility, and privacy concerns.

Sources: USA Today, FIDO About



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Me Too?
By Reclaimer77 on 10/3/2013 5:20:58 PM , Rating: 5
Two years before the iPhone, Android handsets had a thumbprint scanner

http://en.wikipedia.org/wiki/Motorola_Atrix_4G

Can we stop perpetuating the stigma that Apple is some amazing innovator that everyone just copies? Apple is a technology repackager. They just repackage and release gadgets based on technologies that other tech firms have developed, and usually had already brought to market beforehand.




RE: Me Too?
By amanojaku on 10/3/2013 5:26:40 PM , Rating: 3
Indeed. Apple didn't even create lies and deceit. It simply repacked them, and made them look prettier. To certain people, anyway.


RE: Me Too?
By WhatKaniSay on 10/3/13, Rating: -1
RE: Me Too?
By Reclaimer77 on 10/3/2013 6:02:16 PM , Rating: 5
So if Apple wanted to, they could have made a successful iPad 10 or 20 years ago?

No, the technology wasn't there. Apple had to wait for OTHERS to research and develop the technology to make the iPad and iPhone possible.

I'm fully confident that without Apple, we would still be right where we are today.


RE: Me Too?
By web2dot0 on 10/4/13, Rating: -1
RE: Me Too?
By troysavary on 10/4/2013 7:41:29 AM , Rating: 2
quote:
If Apple didn't exist, nobody would think that they can make a $800 phone and people would buy it.


So you are admitting that Apple's major accomplishment was raising the prices we all pay? We are supposed to thanks them for that?


RE: Me Too?
By Reclaimer77 on 10/4/2013 7:59:49 AM , Rating: 3
Yup they brought that same 'innovation' to Ebooks too. Higher prices for all woo hoo!


RE: Me Too?
By troysavary on 10/4/2013 8:31:09 AM , Rating: 2
I'm glad the majority of the e-books I've read lately have been from the indies that Amazon allows to self-publish using their platform. Low prices because no publishing house is involved, and often way more imaginative in storyline because they are not being told what will or will not sell. Only downside is they usually need a pass with a competent editor, but I am willing to overlook that.


RE: Me Too?
By BRB29 on 10/5/2013 1:56:48 PM , Rating: 2
Apple is not really an innovator. They are just very successful at making people want certain features. That's not easy to do.

The fingerprint thing has been done for years on mobile devices and laptops. It's definitely not innovative.


RE: Me Too?
By web2dot0 on 10/4/13, Rating: -1
RE: Me Too?
By Jeffk464 on 10/4/2013 11:41:49 AM , Rating: 2
Didn't linux have the app store first?


RE: Me Too?
By web2dot0 on 10/4/2013 2:49:08 PM , Rating: 2
And how did that get them? Do they have financial numbers to back up their "success"?

It's not about first movers advantage. You have ever ran a business?

Is Facebook the first social network? Are you saying that Facebook have no value? Do you think social networks would have grown to Facebook's popularity without Facebook?

Do you know what you are talking about?


RE: Me Too?
By web2dot0 on 10/4/13, Rating: 0
RE: Me Too?
By majorpain on 10/4/2013 4:27:24 PM , Rating: 3
I don't hate Apple, i just don't like it. And i do have years of sales/marketing knowledge, and that its what makes me pay for others premium phones, not a misleading marketing for iCrap overcharged with nice looks telling they are the first and the best of them all. Let me be the judge of what is best for me please.


RE: Me Too?
By retrospooty on 10/4/2013 4:45:52 PM , Rating: 3
Myopic much ?


RE: Me Too?
By Reclaimer77 on 10/4/2013 4:59:48 PM , Rating: 4
Is there some genetic defect that makes Appleites assholes?

"I have experience in sales and marketing!!! I'M A UNIQUE SNOWFLAKE!! RESPECT MY AUTHORITAY YOU 9-5 BLUE COLLAR SHMUCKS!!!!"


RE: Me Too?
By retrospooty on 10/4/2013 5:46:11 PM , Rating: 1
"Is there some genetic defect that makes Appleites assholes?"

No, close, but you have it backwards... Assholes, shmucks and people with low self esteem in general are drawn to Apple products.


RE: Me Too?
By TakinYourPoints on 10/7/13, Rating: 0
RE: Me Too?
By retrospooty on 10/7/2013 8:55:01 AM , Rating: 3
After all this time, reading comprehension is still a problem for you isnt it... Nowhere in my statement did I say anything about all Apple product users. Some of them are quite normal. People with self esteem issues tend to identify themselves with things like companies, products, sports teams, stars etc... It's not that all users of a product have that issue, but those that do are obvious...

BTW, you are not in the same group as Anand. The fact that you need to come on and repetitively trump up how great your phone is, pick and choose benchmarks and points that bolster that stance, says alot about your self esteem being tied to it. It's a phone, get over it... It's not a particularly high end one that that.


RE: Me Too?
By TakinYourPoints on 10/9/2013 6:12:03 AM , Rating: 2
Give me a break, the only people who beat you in blanket statements are reclaimer and moto.

quote:
The fact that you need to come on and repetitively trump up how great your phone is


I have one post in this thread, you have almost a dozen. You outpost me 3:1 in general. Projecting much?

It is hilarious that you talk about repetition when you frequently write down comically massive wall-of-text bulletpoint lists of Android features (air gestures, fancy) in order to validate purchasing choices.

Do you copy/paste from a txt file or do you start from scratch each time? The latter sure seems time consuming, but then again you sure spend massive amounts of time here.

quote:
pick and choose benchmarks


Yes, all those objective benchmarks from biased sources like Anandtech that definitively and repeatedly show objective hardware advantages.

I haven't even posted Anand's expose on how all Android OEMs except Motorola game their software to artificially boost benchmarks, but I guess that would be "picking and choosing": http://www.anandtech.com/show/7384/state-of-cheati...

I've said it before and I'll say it again, you are a massive hypocrite. If you aren't then you are unbelievably tone deaf.


RE: Me Too?
By retrospooty on 10/9/2013 8:05:07 AM , Rating: 2
LOL... To be honest, I was just jabbing at you on this thread because you jabbed at me. The "meat" of the comment was directed at the "arseholes" that defend Apple products aggressively. Referring to the angry ranting maniacs (BSMonitor, JackBarton, MacDevDude, Testerguy, etc). For the record, you are not in the same category as those losers at all. You can at least be civil, and at times fair. There is something about that personality that draws people like that to Apple products. You have to admit there is a thing there, and you have to see that those guys and the others like them have serious issues. That is all the comment was about until you jacked it and insulted.


RE: Me Too?
By TakinYourPoints on 10/9/2013 3:06:31 PM , Rating: 2
quote:
I'm sorry, the angry blanket comments here are always so funny.


This is a jab? I'll be more sensitive around you next time.

In any case, the angry ranting Apple and Android maniacs here have more to do with it being an internet forum with poor moderation and inflammatory headlines/editorial bent.

Cheesewiz, moto, and others are raving idiots and I wouldn't dare lump them in with other Android users. The product is secondary. I use products by Google, Microsoft, Apple, Sony, Amazon, whoever. I don't care, I just use what works well.

You using wording re: Apple users like "some of them are quite normal" speaks volumes about your prejudices though. Again, its funny.


RE: Me Too?
By tayb on 10/4/2013 12:09:23 PM , Rating: 3
quote:
I'm fully confident that without Apple, we would still be right where we are today.


No way. Look at the smartphones available in 2006. Look at what Android was in 2007. Look at what Windows Mobile was in 2006.

I remember my first touch screen phone in 2006. It was a Samsung phone running an OS that Samsung right. Passive digitizer. It was truly awful.

Whether you want to admit it or not the iPhone changed the cell phone market. It was the best phone OS available by a light year. Google changed Android. Microsoft changed Windows Mobile. RIM changed Blackberry OS. The entire market changed. Apple didn't contribute to any technology that allowed the iPhone to happen but they contributed to a hardware and software revolution. We would absolutely not be where we are today if Apple wasn't there to create competition.


RE: Me Too?
By menting on 10/4/2013 3:47:25 PM , Rating: 2
Look what TVs were like in 2006. Look at what it is like now. Sometimes technology just hits a critical point and takes off from there.


RE: Me Too?
By embedded_bill on 10/4/2013 4:15:20 PM , Rating: 3
quote:
I'm fully confident that without Apple, we would still be right where we are today.


I disagree, smartphones existed before the iPhone, but they got a whole lot better after the iPhone.

Tablets, so what if Apple didn't create the underlying technology, the iPad instigated a market. Debate whether or not the Apple products suck, I think that's valid. But because of Apple the market definately looks a lot different, and better.


RE: Me Too?
By Reclaimer77 on 10/4/2013 4:19:53 PM , Rating: 1
The iPhone is just an amalgamation of existing and emerging technologies that everyone else BESIDES Apple had developed or were working on.

Big deal.


RE: Me Too?
By amanojaku on 10/3/2013 6:09:48 PM , Rating: 5
People hate Apple because it lies and bullies, not because it releases products.

http://www.youtube.com/watch?v=xWK8jndp4ls

Invented? Lie.

http://www.reuters.com/article/2013/07/10/us-apple...
http://www.independent.co.uk/life-style/gadgets-an...

Deceit.

If I were to list all of Apple's malignant practices that people ignore, I would probably end up with something longer than War and Peace. Instead, you can just start with this:

http://en.wikipedia.org/wiki/Apple_Inc._litigation


RE: Me Too?
By Monkey's Uncle on 10/3/2013 10:06:37 PM , Rating: 2
I always use a drawn pattern on mine.

A lot quicker to enter one-handed than a passcode, a lot more secure than face recognition and beats the crap out of fingerprint scanners for reliability and security.


RE: Me Too?
By aliasfox on 10/4/2013 12:11:50 PM , Rating: 2
Except the drawn pattern can be seen on your screen after you do it (grease/oil marks from your finger). Less secure than a passcode because even if the 4-digits are oily, you still have to figure out what order they were in. With the pattern, there's only two endpoints so it's two tries at most to open.

I've done this on multiple friends' phones just to show them that while cool, it's not safe by any means.


RE: Me Too?
By Rukkian on 10/4/2013 1:43:37 PM , Rating: 2
I am not sure it is any more secure (probably less secure) than face unlock, especially when you require blinking. Without requiring blinking, a picture has been shown to get around, it should be much tougher to get it to work with that option turned on.


RE: Me Too?
By arazok on 10/3/2013 5:31:51 PM , Rating: 4
Can we also stop perpetuating the stigma that fingerprint scanners are some enormous security hole?

I get that you might not want to guard nuclear launch codes with this technology, but seriously, the risk of somebody lifting your print and manufacturing a fake finger is the same as somebody setting up a camera and filming you type your password. It’s reasonably secure for most situations. The CIA might not want to employ it, but most everyone else can and feel safe using it.


RE: Me Too?
By jimbojimbo on 10/3/2013 5:42:58 PM , Rating: 2
It's still a hole. Right now if someone stole my phone they have 10 guesses at the PIN and at the 10th attempt it wipes itself. People have as long as they want with a fingerprint scanner unless it has a 10 scan attempt setting as well. I'm not sure.
Ideally if a phone holds sensitive corporate data it should require a fingerprint and a PIN and once logged onto the device the user can use their fingerprint to make iTunes purchases. That's still a huge convenience and negates any security concerns.


RE: Me Too?
By web2dot0 on 10/4/2013 3:13:04 PM , Rating: 1
Non-sense. You can just wipe the flash. No need to enter pin.

With the fingerprint sensor, the information is stored in secured area that cannot be wiped.

-----

If your phone holds sensitive information, ENCRYPT it. If you aren't ... it's not really that sensitive ;-D

If a person want's to find out your PIN, it's so freaking easy. No manual labor necessarily. Simple social engineering. Done.

To get your print, it takes alot of manual labor.

At the end, it's faster than entering your PIN. It works.

Failed argument. Move along.


RE: Me Too?
By Reclaimer77 on 10/3/13, Rating: 0
RE: Me Too?
By FITCamaro on 10/4/2013 10:39:35 AM , Rating: 2
Well as a former-employee of the company that made the fingerprint scanners they use, the part about how it reads your fingerprint is accurate.


RE: Me Too?
By aliasfox on 10/4/2013 12:13:16 PM , Rating: 2
... but there aren't any subdermal layers in a latex cast. What gives?


RE: Me Too?
By Reclaimer77 on 10/4/2013 2:09:43 PM , Rating: 2
Exactly my point. It's either a bogus claim or the device is not working as intended in a MAJOR way.


RE: Me Too?
By Tony Swash on 10/3/13, Rating: -1
RE: Me Too?
By retrospooty on 10/3/2013 6:23:30 PM , Rating: 3
Funny how your tone changed once cracked. Weeks before release, the iPhone would have "superior" security because of its revolutionary uncrackable fingerprint reader. Now, its just a "fast and unobtrusive" unlock. LOL.

So basically, it is as easy to crack as the Android phones that had it years ago and the laptops that had it a decade ago. Boy what a shiny package and ac adaptor though. SLICQ!


RE: Me Too?
By Tony Swash on 10/3/13, Rating: -1
RE: Me Too?
By amanojaku on 10/3/2013 8:29:01 PM , Rating: 2
Oooooooooo, snap! Retro got served! Maybe you weren't paying attention - more like dodging the issue - but TouchID was hacked using methods that are 10 years old. Whatever "original" technology is in there clearly ain't doin' much.


RE: Me Too?
By retrospooty on 10/3/2013 11:42:31 PM , Rating: 4
Lol... I know. Years ago Tony used to put up a decent argument, now its just like he's lost in his own thoughts, and can't see past the Applesphere. How many people have to tell him that it's been done before, a decade ago on laptops and years ago on smartphones too. No, Apple invented it. /facepalm

All Apple did was buy a company that said they were doing it better, but it turns out its not better, just more of the same old crap.

I guess that's the real power of Apple. They say it's better, and millions of dumbfounded dipshits believe it, no questions asked. Then the nerd douche armies take to the Internet to defend it and cement the false belief... So sick of apple and the lies and the cult of idiocy that surrounds them.


RE: Me Too?
By Reclaimer77 on 10/4/2013 12:23:45 AM , Rating: 5
Tony is so transparent it's amazing.

Weeks ago he was posting volumes about how much great "technology" went into Apple's scanner. How foolproof it was. I mean you should have seen it, he thought Fort Knox had NOTHING on Apple.

I sat here and told him it would be defeated by using a lifted print. He just wouldn't accept that. Truth be told though, not even I thought it would be defeated THAT fast.

Turns out all that "technology" was techno-babble bullcrap. The only difference between scanners of years ago and this one is higher resolution. So you use the EXACT same techniques, except you use a higher DPI scanner and printer. As far as it's ability to detect a living finger and scan sub-dermal tissue? More nonsense. Hell one guy used wood glue, which isn't conductive at all!

Now, after it's been cracked, it's just "casual" security, no big deal, nothing to see here move along folks??

I think if he ate a little crow on this, it would go a long way to his credibility...


RE: Me Too?
By Monkey's Uncle on 10/3/2013 10:02:43 PM , Rating: 3
quote:
Let's wait and see how quickly Apple's competitors can rush out a 'me-too' Touch ID clone that works as well as the original.


What original? The touch sensor? The original was on a Motorola Atrix 4G, running Android 2.3, in stores the 1st quarter of 2011. Frankly after getting cracked in a single weekend, I would say that Apple's implementation isn't working any more secure than The Original (Motorola's), though I haven't found any hits on Google stating anyone cracked Motorola's scanner.

Then again Motorola didn't stand on a mountaintop beating their chest shouting that their fingerprint scanner was the most uncrackable smartphone security system evar either.

So Mr. Apple, exactly who is copying who here?


RE: Me Too?
By themaster08 on 10/4/2013 2:01:08 AM , Rating: 3
Don't expect a response from Tony. He will simply discard the relevance that a thumbprint scanner was on an Android device first as irrelevant, simply on the basis that it wasn't Apple. Because Motorola didn't sell as many Atrix devices as Apple has sold 5S's

To Tony, only the Apple implementation will work, and everyone else just copies and follows. It worked so well it took less than 48 hours to be cracked, and now he's shaking the embarrassment off, calling it "casual" security.

To think that Tony is also a more senior citizen is quite embarrassing. You would expect this sort of blind loyalty from teenagers fighting over which games console is better, but not a middle-aged man who should have the life experience to realise that not everything is sunshine and rainbows, even in Apple land.


RE: Me Too?
By Tony Swash on 10/4/13, Rating: -1
RE: Me Too?
By themaster08 on 10/4/2013 6:27:29 AM , Rating: 2
I've not voiced my opinion on the fingerprint sensor, and quite frankly I care little about it. My post was focused on your blind following of Apple, and your change in stance from this being an infallible security mechanism, to being one of just convenience.

There is no evidence of iPhobia in my post. You see my post as targeted at Apple and their fingerprint sensor as you see anything that challenges your values as a dig at your beloved Apple, because you're so deeply entrenched within the Apple experience you feel as though it's a part of you. It's not. It is a company. If it disappeared your life would continue. It doesn't care about you. It cares about your money.

Did you not post the following in a previous artice?

quote:
In the Authentec/Apple patent a fingertip is imaged via a different technique: Radiofrequency scanning. Skin and flesh, thanks to the cocktail of chemicals they contain, have their own electrical signature--meaning a human body can in fact block a radio signal of the right frequency, while other frequencies sail right through us more or less unaffected. The sensor in the new patent makes use of this fact by sending out very precise radio signals over a very short range and detecting the signals that have been affected by the bumps and gaps in a human fingertip. Basically the tiny ridges of flesh in a fingerprint affect the electrical signals coming from the sensor array in a measurable way, allowing the device to calculate the position and alignment of all the whorls and loops.

The advantage of this system is that you couldn't fool it with an image of a fingerprint or a latex cast of a fingerprint because the RF signals from the sensor have to interact with a material that has a flesh-like radio response in order to register the print. It's suggested that the sensor can also detect live tissue beyond the simple skin of a fingerprint, which removes the one scary scenario whereby a determined thief would "steal" the finger in question.

Offering total security via reliable fingerprint technology built right in is a big deal for corporate and government IT. I expect this will make the iPhone 5S the default phone for corporate customers.


You move the goalposts when it suits you. What forces you to have such a blind following, that you have to justify everything that Apple does?


RE: Me Too?
By retrospooty on 10/4/2013 8:17:03 AM , Rating: 2
"I've not voiced my opinion on the fingerprint sensor, and quite frankly I care little about it. My post was focused on your blind following of Apple, and your change in stance from this being an infallible security mechanism, to being one of just convenience."

Tony 101... Next step, he stops posting and ignores the facts so he can come back in a few weeks and claim the same thing again as if he wasn't already proven wrong. Watch for it...


RE: Me Too?
By Monkey's Uncle on 10/4/2013 11:02:00 AM , Rating: 2
Classic T.S. right there.

And of course when he does he will do so by yet again by dazzling us all with uber copy/pasting skills showing is that without a doubt it was a given fact that Apple invented it in the first place.


RE: Me Too?
By Piiman on 10/5/2013 10:48:08 AM , Rating: 2
"If it disappeared your life would continue"

No, I'm pretty sure he would jump off the first iBridge he finds.


RE: Me Too?
By siberus on 10/5/2013 11:23:47 AM , Rating: 4
quote:
No, I'm pretty sure he would jump off the first iBridge he finds.


He'd find it too if he weren't using Apple maps


RE: Me Too?
By retrospooty on 10/3/2013 11:21:36 PM , Rating: 2
I know all the advanced technology Apple touted... But hey look it's got cracked in two days flat using same exact method they were cracking fingerprint readers with years ago.

Maybe I'm missing how that is actually better for the consumer.

you're right though it probably won't work as well as the iPhones, maybe it'll get cracked in 1.5 days... then again since its been available on Android for years, and windows for a decade how is the clone? Looks alot to me like Apple cloned it.


RE: Me Too?
By Cheesew1z69 on 10/4/2013 11:37:47 AM , Rating: 2
quote:
then you sure don't know much about the fingerprint technology involved.
Because you totally know all about it, right? Lol


RE: Me Too?
By troysavary on 10/4/2013 7:39:24 AM , Rating: 2
Did you even read what Tony quoted. If by "easy", you mean "practically impossible for average people", then yes, it is easy. This is not the fingerprint cracking of years ago.

You want to see easy to crack? Samsung's facial recognition unlocking method. Simply putting another phone with a picture of the face of the 1st phone's user in front of the camera is enough to crack it. Tim Bray from Google stated that it was impossible to unlock an Addroid phone using a photograph, yet it was done easily. So which company is lying now?


RE: Me Too?
By retrospooty on 10/4/2013 10:40:03 AM , Rating: 2
LOL... Have you not met Tony? Tony doesn't post facts, he posts links that try to support his skew... Look up the original crack video. It shows them actually doing it live, the whole process. Easy as 123.


RE: Me Too?
By Monkey's Uncle on 10/4/2013 11:18:37 AM , Rating: 2
Where did Samsung or Google stand on top of the highest mountain and shout that facial recognition was the be-all, end-all of mobile phone security?

Here is Android's security in order from lowest to highest:

None
Slide
Face Unlock
Pattern
PIN
Password

You see face unlocking is only shown as just a little more secure than sliding your finger across the screen to unlock the phone. The difference between a pin and a password is the pin is 4-digit numeric and a password is any length of all type-able characters (I challenge you to crack THAT in a single weekend).

However keep in mind now that Samsung's face unlock security requires you to blink to unlock the phone so a simple photograph won't work. That still doesn't make it more secure than even a 4-digit pin. Samsung (as well as Google) knows it and do not claim that it is.


RE: Me Too?
By StormyKnight on 10/4/2013 4:25:19 AM , Rating: 2
quote:
because entering PIN number dozens of times a day is utterly tedious

Really??? Bwahahahahahahahaha!!! Tedious he says. Ooooh, me bloody finger is about to fall off from entering a simple pin to open my phone!

Pathetic. No, more than that. Lazy and pathetic...


RE: Me Too?
By rsmech on 10/3/2013 5:33:34 PM , Rating: 2
Agree. This is not new for mobile devices. I still have a Windows PDA from at least 2006 that used fingerprint scanning.


RE: Me Too?
By WhatKaniSay on 10/3/2013 5:39:43 PM , Rating: 3
quote:
Two years before the iPhone, Android handsets had a thumbprint scanner

It begs the question: If Android already had fingerprint scanner why then are they (Google & co) scrambling to setup one following Apple unveil?

Does it make sense for them to reinvent the same wheel they had already created?


RE: Me Too?
By Solandri on 10/4/2013 2:57:54 AM , Rating: 2
Because Apple is a massive marketing machine who could convince someone living in the desert that he needs a raincoat. Now that the fingerprint scanner has been hyped up beyond belief, it's easier for the competitors to simply add it to their product than it is to try to convince users that it isn't really that useful.

FWIW, I had the idea back around 2005, when I was tired of typing in the passcode on my smartphone, and bought a laptop which happened to have a fingerprint scanner. It took me about 15 minutes to convince myself that, while convenient, it wasn't a good idea because of the inherently poor security.

What I've settled on instead is an app which prevents the phone from locking if it's connected to certain wifi networks (at home and work). That way I can enable the passcode lock, but don't have to actually unlock it most of the time. A different app I used to use would also disable the lock based on geographic area, and let me set the timeout before the phone would lock. (e.g. At home the phone wouldn't lock until 5 min after I turned the screen on, elsewhere it would lock immediately upon turning off the screen). But the author dropped the app saying the security changes Google made with Android 4.x made it impossible for the app to work. They're still good ideas I'd like to see incorporated into the OS at some point.


RE: Me Too?
By Monkey's Uncle on 10/4/2013 11:38:54 AM , Rating: 2
Android didn't provide the scanner, Motorola did. Android is an operating system owned by Google and released into the Open Source - nothing more. Google does not deal with hardware - their platform clients do.

To be frank, few Android implementers saw a real need to include this unreliable, niche hardware with questionable security value. Motorola did it only to differentiate their phones in an Android market with a lot of other vendors. I doubt they even expected it to make a really huge difference.

But now, Android's hardware vendors' major competitor is including this biometric device shouting that it is something new and wonderful (NOT!). They would be fools not to follow suit - after all they are competing. I suspect they will not be sticking their necks in the noose the way Apple is. Just saying "So Apple has a fingerprint scanner huh? Big whoop! So do we."

For implementing a fingerprint scanner, it is a lot easier for Android hardware vendors. The software infrastructure is already there. All they need to do is include some biometric hardware in their products. A no-brainer.


RE: Me Too?
By beefalo16 on 10/3/2013 7:09:47 PM , Rating: 1
Apple doesn't invent new technology or gadgets true. However, they generally are the ones to get mass market adoption of them through intelligent integration of them into their products. Just because the Atrix had a fingerprint scanner doesn't change the fact that Apple truly brought fingerprint unlocking(and app purchasing) in a manner that will be used by many people. Also, most likely competitors will follow in Apple's footsteps and offer similar implementations in their future devices.
Apple has a walled garden, they are not fans of customization, they cater to the higher end, they compete and protect their patents(perhaps even unfairly abuse patents); but at the end of the day they do make amazing products and I do not think smartphones would be anywhere near they are today without Apple. It's true that Android was technically available before the iPhone(and windows mobile before that), but the iPhone is what defined a smartphone and set the standard for which everyone still follows.
People always complain about iSheep falling for the reality distortion field. I disagree, and see two main reasons for this belief:
1) Haters gonna hate - There are people who hate something simply because it is popular and especially when it is popular with the average person. There is nothing I can say here, hopefully you don't fall into this group.
2) Technical/Feature comparison vs competitor - This I hope is the bigger set of people. Those who see the techinical specs vs competitors or the feature gap. What you don't see is that the people who have iPhones don't care about these features/specs. The iPhone handles everything I choose to do with my smartphone and it does it smoothly and simply compared to the competition. I don't care about customizing X or some feature Y. Now there have been times where Apple didn't have a feature that some competitor had. Apple fans obviously felt it wasn't necessary. However, later the feature would arrive on iPhone and Apple fans would be happy about it. I see three possible explanations to this: A) I may actually want it, but it isn't important enough that it overrides all the positives the iPhone provides. B) Just because I may not need it doesn't mean I can't be happy about it becoming available. C) Apple's implementation of it makes something I would not have cared about actually useful to me now.


RE: Me Too?
By web2dot0 on 10/4/2013 1:49:40 AM , Rating: 1
But the thing sucked shit that nobody wanted.

Facebook wasn't the first to market, but it's definitely the best social network out there.

What's you point?

Nobody even apple claim that they are the first to market such a technology. They are just saying that they have a thumb scanner that actually works.

You will have merit if you can claim with factually information that their thumb scanner doesn't work and nobody finds it useful.

So far, from the reviews, it's just not the case. Don't take my word for it. Go around and read up .... ask Anand ... or well ... just read his review.

Don't be a hater and just talk shit like Apple didn't do anything of any significant value. It's just not true.


RE: Me Too?
By MScrip on 10/4/2013 4:20:25 AM , Rating: 2
quote:
Two years before the iPhone, Android handsets had a thumbprint scanner

http://en.wikipedia.org/wiki/Motorola_Atrix_4G

Correct. And many other devices had fingerprint scanners before the Atrix too.

But you'll notice that the Atrix 2 did not have a fingerprint scanner... and I don't think any other Motorola phone had a fingerprint scanner either. So what does that tell you?

quote:
Can we stop perpetuating the stigma that Apple is some amazing innovator that everyone just copies? Apple is a technology repackager. They just repackage and release gadgets based on technologies that other tech firms have developed, and usually had already brought to market beforehand.

Apple may be a "repackager" but they put a lot of effort into the results.

Motorola tried a fingerprint scanner once... it sucked... and they never tried it again.

But I have a feeling Apple will have fingerprint scanners for quite some time. It's all about execution.


RE: Me Too?
By EnzoFX on 10/4/2013 4:36:35 AM , Rating: 2
Could you look past your own bias and get over it? Flaming anti-apple haters, it's like that's all they see. No one thinks Apple is god, they simply get the credit they deserve. Get the f over it. Or should this again be reduced to the overly simplistic argument that no one creates anything original, missing entirely the point about what success is, and how things can be well done for the better, and the masses. Tech demo's mean nothings to consumers. The consumer doesn't care who was the first to create X, geez. They care about who does it better for them. You are no authority to tell them what they should regard higher.


RE: Me Too?
By robinthakur on 10/4/2013 7:46:40 AM , Rating: 2
Yes, the key difference is that on the iPhone 5s, it is properly integrated, reliable and works everytime. If that is what Apple brings to the table, then that's not such a bad thing. I don't recall all the hackers and everybody else wailing quite so hysterically when Motorola did it, probably because very few people bought it.


RE: Me Too?
By Jeffk464 on 10/4/2013 11:39:18 AM , Rating: 2
My two year old laptop has one.


Here's an idea
By amanojaku on 10/3/2013 5:24:26 PM , Rating: 3
User-selectable security, a choice of the following methods, and more:

0) Unlocked
1) Passcode
2) Fingerprint reader
3) Security token
4) Facial recognition
5) User-selectable combination of 1-4
6) Other current and future alternatives




RE: Here's an idea
By aliasfox on 10/3/2013 6:07:14 PM , Rating: 2
I thought facial recognition (at least as deployed by Android so far) could be defeated by a photograph?

Whatever the option though, it will be better than no security or the connect-the-dots design (grease marks on the screen make this one too easy). For me (and I imagine for most people), all that's needed is enough security to prevent a neighbor at the bar, a coworker, or a friend from snooping.


RE: Here's an idea
By amanojaku on 10/3/2013 6:29:57 PM , Rating: 2
Fingerprint readers are hackable, as seen with TouchID and everything that came before it. Passcodes can be found by reading the oil trails on the screen. Tokens can be stolen, cracked or phished. There is no one security scheme that is perfect. That's why I mentioned a user-selectable combination, including methods I haven't listed.


RE: Here's an idea
By Monkey's Uncle on 10/4/2013 11:44:08 AM , Rating: 2
quote:
I thought facial recognition (at least as deployed by Android so far) could be defeated by a photograph?


Samsung's version takes it a step further and makes you blink to unlock the phone. A photo won't work.


RE: Here's an idea
By aliasfox on 10/4/2013 12:23:01 PM , Rating: 2
Nice step forward. A video of me staring at the camera for a few seconds and blinking is probably a lot harder to come across than simply looking up my Facebook picture (or whatever).

Still (relatively) easily worked around, but at least it's no longer a game you play with your friends while drunk at a bar...


RE: Here's an idea
By Jeffk464 on 10/4/2013 12:04:17 PM , Rating: 2
7) how about the key fob thing - kind of like how Samsung's smart watch unlocks its phone.



LOL @ Apple circle jerk
By half_duplex on 10/4/2013 12:33:43 PM , Rating: 2
An article about Android copying Apple starts another anit-Apple circle jerk with the 1-2 regular suspects.

If I had a dime for every anti-Apple wahh-post created by the r% users, I'd be able to buy the new iMac.




RE: LOL @ Apple circle jerk
By Monkey's Uncle on 10/4/2013 1:33:36 PM , Rating: 2
I imagine so. I'd be happy to give you the the twenty cents an iMac is worth just to quiet your whining.

Just curious tho. Who's this mysterious r% user. Don't think I've seen that one before.


RE: LOL @ Apple circle jerk
By Cheesew1z69 on 10/4/2013 4:06:20 PM , Rating: 2
quote:
anti-Apple wahh-post
And yet here you are jerking off to Apple in every post..oh the irony.


Are you KIDDING me?
By Wolfpup on 10/4/2013 9:39:46 AM , Rating: 2
It sounds like Apple's doing this right. You can NOT store the finger print, and NOT allow it even in to normal local storage. It's utterly insane to throw your fingerprint across a network. That's a horrific idea.

Regarding the "nearly 50% thing" I don't believe it for a second. I have never seen ANYONE use a password on ANY ultra mobile device. It's not remotely practical. Even a terrible password completely changes the usage model for these devices, and a strong one?

Apple's fingerprint reader may have been "defeated" but it's very difficult to do that, and the reality is for most of why you want it, it's going to do it's job, and the alternative is no authentication at all.

Geez...sending biometric data over the internet. Astonishingly stupid.




RE: Are you KIDDING me?
By Monkey's Uncle on 10/4/2013 1:55:43 PM , Rating: 3
quote:
It sounds like Apple's doing this right. You can NOT store the finger print, and NOT allow it even in to normal local storage. It's utterly insane to throw your fingerprint across a network. That's a horrific idea.
...
Geez...sending biometric data over the internet. Astonishingly stupid.


Why is it a horrific idea? Have you never heard of encryption? Have you ever used a bank machine or online banking? Try cracking them. Why would moving fingerprint data across a network be so horrible? Not sure what your reasoning here is.

Nobody says fingerprint scanning is totally useless. It is better than nothing, but worse than other options.

quote:
Regarding the "nearly 50% thing" I don't believe it for a second. I have never seen ANYONE use a password on ANY ultra mobile device. It's not remotely practical. Even a terrible password completely changes the usage model for these devices, and a strong one?


You must hang out with different folks than I do. Most of the folks I know have at the very least a pin on their phones. I don't see your assertion about pins being impractical. If you have valuable information on your phone, you want to protect it from thieves.

I personally lock mine with a pattern. I can enter my pattern in less than a second with one hand - about the same amount of time it would take you to use your fingerprint. Not a lot of effort involved at all. and it is FAR more reliable than fingerprints. I have a 50/50 hit rate using fingerprint scanners. Half the time I am trying 2-3 times to get it to recognize my fingerprint. The other 50% I am keying in a backup password to unlock my device.


Retinal Scanners
By Ammohunt on 10/3/2013 5:47:40 PM , Rating: 2
I am holding out for retina scans from the built it cameras.




RE: Retinal Scanners
By DaveLessnau on 10/3/2013 9:38:06 PM , Rating: 2
There's a bit of that here:

http://cnettv.cnet.com/why-your-eyeball-future-pas...

The retinal scanner stuff starts at about 1:45 into it.


eliminate anonymity
By Mike Acker on 10/4/2013 7:42:43 AM , Rating: 2
remember the object of biometrics is to eliminate anonymity. whether it is more or less secure: macht nichts




"DailyTech is the best kept secret on the Internet." -- Larry Barber














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki