Apple questioned about Face ID security by a US Senator

[captain_to_fire]

Sources: Engadget via Senator Al Franken (D-MN)

 

Quote

A lot of people quickly raised concerns about privacy and security the moment Apple revealed iPhone X and its Face ID feature. Edward Snowden, for instance, thinks it normalizes face scanning, "a tech certain to be abused." Now, US Senator Al Franken is pressing the tech titan for answers, penning a letter addressed to Apple chief Tim Cook with a list of questions concerning the technology's "eventual uses that may not be contemplated by" its customers.

 

Did Apple opened a whole new can of worms with their Face ID? One US Senator says so. In the letter he even asked on how Apple will plan to respond to law enforcement agencies like the Department of Justice when they refused to unlock an iPhone 5c few years ago. But the last time I checked, this also raised a concern with Touch ID by the same senator on privacy and security back in 2013 by the same senator. Personally, I think it's a problem with a lot of politicians lately is their naivety when it comes to technology. Also, Apple already explained how Face ID works and that all biometric information is tucked away in the Secure Enclave co-processor. Also, why is Franken continuing to insinuate that Apple might need to store Face ID data remotely when Apple explicitly said that all of it is stored locally but separate from the phone storage. 

 

Personally, until Face ID has proven itself just like Touch ID, I don't think Face ID is much more convenient than Touch ID. But those concerns raised by Franken are just redundant. 

Edited September 15, 2017 by hey_yo_
changed the article in the title from "the" to "a"

[Guest]

To be fair, they've already got facial rec for passports stored in government databases.

[Misanthrope]

They're probably upset they haven't agreed to share the full database with their agencies though

[captain_to_fire]

Just now, Windspeed36 said:

To be fair, they've already got facial rec for passports stored in government databases.

But they can't use those pictures to unlock an iPhone X. I think this senator is just looking for a loophole to force Apple to give the US gov't access to the Face ID data stored in the secure enclave.

1 minute ago, Misanthrope said:

They're probably upset they haven't agreed to share the full database with their agencies though

True. Also, Franken's letter sounds like one of those people who are still asking where is the bathroom when they're already standing next to it. 

[DocSwag]

I find it funny that everyone seems to be freaking out about faceID security whereas no one ever talked about it THAT much when it came to the S8 and Note 8's Iris Scanner and Facial Recognition that have both shown that they can be fooled with just a picture.

 

Apple actually went out and built something relatively foolproof in terms of getting fooled by a picture. I don't know about actually getting the data itself but they did at least do better than Samsung in that regard. And I would probably say that they most likely did better than others like Samsung in keeping the data secure.

[Guest]

Just now, hey_yo_ said:

But they can't use those pictures to unlock an iPhone X. I think this senator is just looking for a loophole to force Apple to give the US gov't access to the Face ID data stored in the secure enclave.

If it behaves like Touch ID, that doesn't matter - the it still needs your passcode after a while 

[captain_to_fire]

Just now, DocSwag said:

I find it funny that everyone seems to be freaking out about faceID security whereas no one ever talked about it THAT much when it came to the S8 and Note 8's Iris Scanner and Facial Recognition that have both shown that they can be fooled with just a picture.

 

Apple actually went out and built something relatively foolproof in terms of getting fooled by a picture. I don't know about actually getting the data itself but they did at least do better than Samsung in that regard. And I would probably say that they most likely did better than others like Samsung in keeping the data secure.

I think because the iPhone is the widely used smartphone by politicians in America. Another reason is probably the San Bernardino case few years ago when Apple refused to unlock the iPhone 5c. But yeah, it's easier to hate Apple when you're a politician imo.

[captain_to_fire]

1 minute ago, Windspeed36 said:

If it behaves like Touch ID, that doesn't matter - the it still needs your passcode after a while 

and after ten wrong passcode attempts, it will securely delete all data inside 

[PlayStation 2]

I already know damn well Al Franken couldn't give a shit. He's deep within the pockets of the government, hell, I'm sure all he wants is access to that shit.

[ivan134]

51 minutes ago, Dan Castellaneta said:

I already know damn well Al Franken couldn't give a shit. He's deep within the pockets of the government, hell, I'm sure all he wants is access to that shit.

A government official deep within the pockets of government? 

[3rrant]

1 minute ago, ivan134 said:

A government official deep within the pockets of government? 

What an unexpected plot twist, isn't it?

[ivan134]

6 minutes ago, ErrantNyles said:

What an unexpected plot twist, isn't it?

Al Franken is deep within the pockets of Al Franken

[3rrant]

2 minutes ago, ivan134 said:

Al Franken is deep within the pockets of Al Franken

Sometimes I too feel deep inside myself..

 

.. oh wait, that's she said. Akward.

[Doobeedoo]

I mean I get it it's cool no hand use and fast but still. Pattern pass is what is best. 

[PlayStation 2]

24 minutes ago, ivan134 said:

A government official deep within the pockets of government? 

I just realized how paradoxical or redundant my statement is.

You get the idea, lol

[SpaceGhostC2C]

4 hours ago, hey_yo_ said:

Personally, I think it's a problem with a lot of politicians lately is their naivety when it comes to technology.

On the contrary, naivety lies on the side of people embracing biometric locks as safe just because they look cool like the sci fi movies from their childhood, when it is in practice weaker and more problematic (for reasons such as the ones outlined by this senator: "your account may have been compromised, we advice you change your face / fingerprint"... and others not mentioned here, like laws allowing government agencies to physically force you to unlock devices), and only has value at best as a complement to passwords (you know, that superior technology we already had). As soon as it is breached once, though, you are back to password-only security forever.

[LLEBTNCJD_its_something]

This is interesting 

[Jito463]

Does anyone really care what Al Franken-stein has to say?  I know I sure don't.

 

13 hours ago, DocSwag said:

I find it funny that everyone seems to be freaking out about faceID security whereas no one ever talked about it THAT much when it came to the S8 and Note 8's Iris Scanner and Facial Recognition that have both shown that they can be fooled with just a picture.

 

Apple actually went out and built something relatively foolproof in terms of getting fooled by a picture. I don't know about actually getting the data itself but they did at least do better than Samsung in that regard. And I would probably say that they most likely did better than others like Samsung in keeping the data secure.

To be fair, while Samsung added facial recognition login, they still gave you other options like the fingerprint sensor.  On the new iPhone X (and 8?), there is no fingerprint sensor.  Just FaceID.

 

In any event, I wouldn't use any of them.  For one thing, I have my front facing camera completely covered up.

[Drak3]

4 minutes ago, Jito463 said:

and 8?

The 8 has touchID, pyo. Not sure if it has faceID though, pyo.

 

[themctipers]

14 hours ago, DocSwag said:

I find it funny that everyone seems to be freaking out about faceID security whereas no one ever talked about it THAT much when it came to the S8 and Note 8's Iris Scanner and Facial Recognition that have both shown that they can be fooled with just a picture.

 

Apple actually went out and built something relatively foolproof in terms of getting fooled by a picture. I don't know about actually getting the data itself but they did at least do better than Samsung in that regard. And I would probably say that they most likely did better than others like Samsung in keeping the data secure.

To me , the problem with FaceID is that it's the only way to unlock your phone, apart from a passcode. 

If it had TouchID behind the Apple logo (go on, hold an iPhone, where does your finger rest? near the Apple logo, even on a plus), then it would be talked about MUCH less, like the S8/N8.

[OmJo93]

On 15/09/2017 at 6:53 AM, hey_yo_ said:

In the letter he even asked on how Apple will plan to respond to law enforcement agencies like the Department of Justice when they refused to unlock an iPhone 5c few years ago.

Couldn't the police officer or whoever in theory just hold the phone up to the suspects face and unlock the phone that way? 

[OmJo93]

10 hours ago, huilun02 said:

Govt sees ridiculous phone price tag and wants some of that Apple money. Like I give a damn if Apple does something shady with their face id database. Idiots who buy those overpriced phones place an abnormal amount of trust in Apple and deserve any shit they get anyway. 

The exact same thing can be said about Android/Google. To be honest Google is much, much, much more intrusive than Apple when it comes to data mining and privacy... They probably know more about us than we know ourselves at this point.

[Brennan Price]

In all honesty, I cannot see facial recognition being the thing of the future for Apple. I would rather have Touch ID than Facial recognition since Touch ID is so much simpler since you do not have to look at your phone in any weird way to access it and no-one else can access your phone. Not even your twin can!

[Kobathor]

1 hour ago, OmJo93 said:

Couldn't the police officer or whoever in theory just hold the phone up to the suspects face and unlock the phone that way? 

Not really. It won't unlock if your eyes are shut, and it won't unlock unless you're looking directly at it. They could lock you up for not opening your eyes and looking at it, though.

[OmJo93]

27 minutes ago, huilun02 said:

Yes but Google offers a heck of a lot of free services that many people deem indispensable. Good Android phones can be had without selling an organ, and people concerned with privacy have the opportunity to install ad blockers or even AOSP roms that do not require Google services. Apple offer nothing for free, and you can't have your way with their products despite the high price.

That is true, you can even control what Google apps are on your phone with custom ROMs via GApps or something. A lot more flexible.

 

Still I think I'd rather pay monthly for certain services like I do with Play Music than have them collect data on everything I do, since I only use a handful of Google services.