FaceID is 2.5 years ahead of the competition

[79wjd]

6 minutes ago, DrMacintosh said:

You can't guess a face or a fingerprint. I don't see how that suggests any hypocrisy on my part. FaceID and TouchID eliminate the ability for your main mode of security to be simply guessed. 

You can force the phone to use a passcode bypassing Face/TouchID. Try to unlock with an invalid face too many times, and bam! passcode time. There is also surely a way to just skip the FaceID part and jump straight to entering a passcode.

[vanished]

7 minutes ago, DrMacintosh said:

Only when you no longer have the access to the phone. Passcodes that are decent fallbacks to a more secure technology. 

 

And? People with weak passwords do make it more likely that you could guess a passcode. You can't guess a face or a fingerprint. I don't see how that suggests any hypocrisy on my part. 

 

FaceID on its own does replace the passcode but because of liability, using only FaceID is a terrible idea since any number of things could occur to cause FaceID to fail and you would be SoL which is exactly why Apple does not allow users to disable the passcode if FaceID is on.  

Let's take a step back and make sure we're on the same page...

 

I pointed out how even pitifully simple and short passwords could be more secure than FaceID.

 

You said that "These types of analysis ignore easily guessable passcodes and patterns. FaceID and TouchID eliminate those risks."

 

To me it sounds like you're saying that the existence of faceID eliminates the risk of people using shitty passwords (which we've established it does not).  Further, it would seem to imply that you disagree with my assertion that passwords are a better option since many people won't use them to their full potential, and thus they will make themselves more vulnerable than they would be if they just used FaceID.  This is where I need clarification though, if you wouldn't mind.  I don't want to misinterpret this.

[DrMacintosh]

5 minutes ago, Ryan_Vickers said:

Further, it would seem to imply you disagree with my assertion that passwords are a better option since many people won't use them to their full potential and thus make themselves more vulnerable than they would be if they just used FaceID.

Yes, I believe that passcodes are inherently flawed methods of security and many analysts would agree with me. 

 

Human nature leads people to make easy passcodes and that destroys the benefits of the mathematical probability that you could never guess the code. 

 

5 minutes ago, Ryan_Vickers said:

You said that "These types of analysis ignore easily guessable passcodes and patterns. FaceID and TouchID eliminate those risks."

I said that towards you statistics of how secure passcodes are. People do not use ideal passcodes so in reality the odds of guessing a passcode are much better than the pure math would suggest. 

 

I do not agree that a simple password could be more secure than FaceID in any quantifiable way. That statement makes 0 logical sense. 0000 vs your face is not a contest. You face is factually more secure than that. 

[vanished]

Just now, DrMacintosh said:

Yes, I believe that passcodes are inherently flawed methods of security and many analysts would agree with me. 

 

Human nature leads people to make easy passcodes and that destroys the benefits of the mathematical probability that you could never guess the code. 

 

I said that towards you statistics of how secure passcodes are. People do not use ideal passcodes so in reality the odds of guessing a passcode are much better. 

 

I do not agree that a simple password could be more secure than FaceID in any quantifiable way. That statement makes 0 logical sense. 0000 vs your face is not a contest. You face is factually more secure than that. 

OK, I agree with all of that actually.  But that brings me to my next point...

 

if passwords are so flawed, and a password must be used as a backup to faceID, and security is only as good as the weakest link (all things I think we agree are true), then faceID doesn't actually increase the security of the device at all.

[DrMacintosh]

2 minutes ago, Ryan_Vickers said:

if passwords are so flawed, and a password must be used as a backup to faceID, and security is only as good as the weakest link

I agree with this. However Apple cannot allow users to disable their passcodes otherwise Apple is going to be getting complaints and possible legal action when users cant get into their phone for reason A-Z. Be that a cracked screen, a broken sensor, bad software update or literally anything. 

[vanished]

Just now, DrMacintosh said:

I agree with this. However Apple cannot allow users to disable their passcodes otherwise Apple is going to be getting complaints and possible legal action since they cant get into their phone for reason A-Z. Be that a cracked screen or a broken sensor. 

Yes, I get that, but I'm just trying to establish what I said: " faceID doesn't actually increase the security of the device at all."

To quote myself from earlier:

9 hours ago, Ryan_Vickers said:

Let's be real, the only reason for any of this tech is for speed and convenience.  Holding a button or looking at your phone are a lot easier than typing in a passcode, but let's not fool ourselves - they're both a lot less secure. [...]

[Bensemus]

27 minutes ago, Ryan_Vickers said:

snip

Kinda funny seeing the back and forth. You are right.

 

1. Passcode is the last line of defence of iOS (beside Apple ID but that only protects certain things) as you can always bypass biometrics and try passcodes (tested on my friends iPhone). Biometrics will never lock you out completely, just ask for a passcode if they fail too much.

2. Biometrics are a convenience. FaceID is a more secure convenience then TouchID using Apple's data.

[vanished]

Just now, Bensemus said:

Kinda funny seeing the back and forth. You are right.

 

1. Passcode is the last line of defence of iOS (beside Apple ID but that only protects certain things) as you can always bypass biometrics and try passcodes (tested on my friends iPhone). Biometrics will never lock you out completely, just ask for a passcode if they fail too much.

2. Biometrics are a convenience. FaceID is a more secure convenience then TouchID using Apple's data.

Yes, ultimately that's my point.  These things are great in that they're handy, but I want there to be no confusion or doubt about the fact they're not making you any safer.  A false sense of security is a dangerous thing.

[Bensemus]

About Window's hello. According to MS it's a 1 in 100,000 chance of someone else being able to unlock your device. So between Apple's data and MS's data Apple's implementation is more secure.

[vanished]

2 minutes ago, Bensemus said:

About Window's hello. According to MS it's a 1 in 100,000 chance of someone else being able to unlock your device. So between Apple's data and MS's data Apple's implementation is more secure.

It would certainly seem that way, and frankly it's impressive they've gotten it as good as it is.  I wonder if they will ever be able to switch to relying on it entirely without a password fallback?  If they could, then it probably would be more secure... at least for those who would otherwise choose terrible passwords  

Until it can scan your DNA and your brain I doubt they'll ever get it good enough to reliably beat even a mediocre password.  The only reason this can be better is (as was pointed out) not all people choose a password intelligently, and thus don't reap the full benefits of the statistics.

 

Although, if you think about it, the best biometrics can get is 1 in <population of earth> which is way less secure than even the 8 char example

[Bensemus]

Just now, Ryan_Vickers said:

It would certainly seem that way, and frankly it's impressive they've gotten it as good as it is.  I wonder if they will ever be able to switch to relying on it entirely without a password fallback?  If they could, then it probably would be more secure... at least for those who choose terrible passwords  

I feel that is a long ways off. Too many people will lock themselves out accidently which requires a factory reset to clear. Plus other people keep pointing out that you can't change your biometrics. Ideally people just get better with passwords.

[79wjd]

5 minutes ago, Bensemus said:

About Window's hello. According to MS it's a 1 in 100,000 chance of someone else being able to unlock your device. So between Apple's data and MS's data Apple's implementation is more secure.

I wonder what the relationship is between false positives and security. It's not necessarily true that a better accuracy rate equates to harder to fool. 

 

3 minutes ago, Ryan_Vickers said:

Although, if you think about it, the best biometrics can get is 1 in <population of earth> which is way less secure than even the 8 char example

That implies that there are guaranteed to be two people on Earth with the same ____. Which certainly isn't guaranteed. The probability that two people have exactly the same DNA could be 1 in 30,000,000,000 even if there are only 6,000,000,000 people on Earth. 

[vanished]

3 minutes ago, djdwosk97 said:

I wonder what the relationship is between false positives and security. It's not necessarily true that a better accuracy rate equates to harder to fool. 

Yeah it's a two-faceted problem.  You need to be strict enough to keep out as many false positives as possible, but also reliable enough to never fail to unlock for the rightful owner.

 

3 minutes ago, djdwosk97 said:

That implies that there are guaranteed to be two people on Earth with the same ____. Which certainly isn't guaranteed. The probability that two people have exactly the same DNA could be 1 in 30,000,000,000 even if there are only 6,000,000,000 people on Earth. 

I debated putting in a line about that comment being mainly just for fun but clearly I made the wrong choice  

What I do mean though is that no matter what, even in the most perfect ideal scenario, it will always unlock for 1 person, no more, no less, and so the "chance" of unlocking it with a random human is 1 in <population>  

Edited October 4, 2017 by Ryan_Vickers

[Bensemus]

2 minutes ago, djdwosk97 said:

I wonder what the relationship is between false positives and security. It's not necessarily true that a better accuracy rate equates to harder to fool. 

That's true. Although someone did link that short video of twins trying to fool MS and they all failed. I also haven't heard any crazy stories like when Samsung's iris scanner was fooled by a picture printed from a Samsung printer.

 

Once the phone releases there will be tons of people looking to fool it. I'm interested in seeing how successful they are.

[DrMacintosh]

5 minutes ago, Bensemus said:

Plus other people keep pointing out that you can't change your biometrics.

? On iOS you can do that infinitely.  

[vanished]

Just now, DrMacintosh said:

? On iOS you can do that infinitely.  

No, he means you can't literally change your fingerprints or face  

[DrMacintosh]

Just now, Ryan_Vickers said:

No, he means you can't literally change your fingerprints or face  

Well not unless you know some connections in the MIB 

[Bensemus]

Just now, DrMacintosh said:

? On iOS you can do that infinitely.  

Your fingerprint. You have 10 and that's it. No way to really change those if they are stolen. Same with your face short of plastic surgery.

[79wjd]

3 minutes ago, Ryan_Vickers said:

Yeah it's a two-faceted problem.  You need to be strict enough to keep out as many false positives as possible, but also reliable enough to never fail to unlock for the rightful owner.

Well, yes, that too. But what I was saying was that a system that is accurate enough so that there's a only 1:1,000,000 chance of a false positive might not actually be more secure than one with a 1:100,000 chance.

[DrMacintosh]

Just now, Bensemus said:

Same with your face short of plastic surgery

Nah I got some MIB connections

[vanished]

Just now, DrMacintosh said:

Well not unless you know some connections in the MIB 

It does raise an important issue though.  What do you use for identification?  Ideally, it should be something you make up and can change easily, not something that is factual about you personally, since in the event of a leak (think equifax), you need to be able to invalidate the leaked info by changing it.

[Bensemus]

Just now, DrMacintosh said:

Nah I got some MIB connections

Then you are safe. The rest of us have to watch out though.

[Bensemus]

Just now, Ryan_Vickers said:

It does raise an important issue though.  What do you use for identification?  Ideally, it should be something you make up and can change easily, not something that is factual about you personally, since in the event of a leak (think equifax), you need to be able to invalidate the leaked info by changing it.

I don't think we will ever come up with something that sophisticated.

[vanished]

Just now, Bensemus said:

I don't think we will ever come up with something that sophisticated.

Ikr, how would you even do such a thing?  Maybe if you made up a secret code-word that only you knew, and you could just change it to something else in the event it got out... nah, that's crazy  

[Drak3]

26 minutes ago, Bensemus said:

About Window's hello. According to MS it's a 1 in 100,000 chance of someone else being able to unlock your device. So between Apple's data and MS's data Apple's implementation is more secure.

Alternative answers:

A) Apple's testing doesn't hold up in the real world

B) Microsoft is low balling to cover their asses

C) Microsoft is taking botched third party OEM implementations into account