# Lifestyles & Discussion > Science & Technology >  New iPhones Fingerprint Scanner

## Natural Citizen

The iPhone fingerprint scanner apparently will provide an extremely high-precision biometric that is the primary one used by law enforcement.




> After the initial flurry of jokes, Jacob Appelbaum, a developer and spokesman for the Tor project, which allows users to browse the Web anonymously, suggested that the fingerprint scanner could soon make it impossible for political activists to keep information private.


http://thelede.blogs.nytimes.com/201...ughter-online/

----------


## GunnyFreedom

> The iPhone fingerprint scanner apparently will provide an extremely high-precision biometric that is the primary one used by law enforcement.
> 
> 
> 
> http://thelede.blogs.nytimes.com/201...ughter-online/


Meh, if you don't like the fingerprint lock-out, then just don't enable the thing.

----------


## Natural Citizen

> Meh, if you don't like the fingerprint lock-out, then just don't enable the thing.


I don't use iphone myself.

It's just bad timing for Apple though which, I suppose, was my reason for sharing it.

----------


## GunnyFreedom

> I don't use iphone myself.
> 
> It's just bad timing for Apple though which, I suppose, was my reason for sharing it.


Yeah, Apple does some stupid stuff sometimes.  If something like this were mandatory it would bother the hell out of me, but stuff like this is never mandatory on any tech product, Apple or otherwise.  Was it HP laptops that came out with a fingerprint scanner about 8 years ago?  99.8% of those scanners sit unused because nobody cared enough to enable them.  This is much ado about nothing, really.  The timing?  pretty dumb.  The NSA doesn't need fingerprints to get into a smartphone.  Smartphones are notoriously insecure, all of them.

----------


## Matt Collins

When I was in college 10 years ago I remember Blockbuster had all of their sale terminals programmed to accept fingerprints, they just didn't have the scanners physically installed. The idea being that you let them store your credit card info, and then when you walk in, you dont have to show ID or membership card or even credit card, you just swipe your fingerprint. Very convenient concept actually (except for the 3rd party doctrine).

----------


## helmuth_hubener

It may actually protect people from the government, since now when someone gets arrested it will be less likely that their phone is totally "open" -- not locked by any password -- allowing law enforcement to browse through it at will with no warrant, fishing for things to charge you with, and perhaps deleting any incriminating videos of themselves.

The data will only be stored on the internal chip of the phone, according to Apple, not on their servers.  So that's good.

----------


## Natural Citizen

> When I was in college 10 years ago I remember Blockbuster had all of their sale terminals programmed to accept fingerprints, they just didn't have the scanners physically installed. The idea being that you let them store your credit card info, and then when you walk in, you dont have to show ID or membership card or even credit card, you just swipe your fingerprint. Very convenient concept actually (except for the 3rd party doctrine).


Yep. But with IP the way that it is most of these apps are going to require this be turned on in order to "function".

What if one cannot upload a picture or video without signing in biometrically? Seems like good c_rowd control_ if nothing else. Get it?

----------


## helmuth_hubener

> Yep. But with IP the way that it is most of these apps are going to require this be turned on in order to "function".


 That will assuredly _not_ be the case. That's not coherent with the way iOS works.  Up to now, the way to secure your iPhone has been with a passphrase.  That's what Apple suggested you do.  But yet, if you don't choose to use a passphrase, all apps work exactly the same as if you do.  It will be the same with the fingerprint reader on the Home button.  Because of how permissions are structured in Unix, apps won't even be able to be aware of whether the feature is enabled or not.  They are blocked from figuring this out, because it's system-level.  They'd need root access to be able to determine what's going on with the fingerprint scanner, and they don't have it.

----------


## Natural Citizen

> That will assuredly _not_ be the case. That's not coherent with the way iOS works.  Up to now, the way to secure your iPhone has been with a passphrase.  That's what Apple suggested you do.  But yet, if you don't choose to use a passphrase, all apps work exactly the same as if you do.  It will be the same with the fingerprint reader on the Home button.  Because of how permissions are structured in Unix, apps won't even be able to be aware of whether the feature is enabled or not.  They are blocked from figuring this out, because it's system-level.  They'd need root access to be able to determine what's going on with the fingerprint scanner, and they don't have it.


Hm. I'm just asking myself questions, helmuth. This stuff with phones is not my thing. I don't know anything about schematics of the infrastructure of these devices themselves. I do know how infrastructure/environment that these devices are seemingly being designed to function in typically functions. So just trying to learn what the correct questions are based on what I actually do know about the flipside. and than placing it into logical perspective with other cases (rfid in articular) that I'm familiar with.

I know that I pay for 3 of these i...things. But I don't personally use one myself.

----------


## eduardo89

> Yeah, Apple does some stupid stuff sometimes.  If something like this were mandatory it would bother the hell out of me, but stuff like this is never mandatory on any tech product, Apple or otherwise.  Was it HP laptops that came out with a fingerprint scanner about 8 years ago?  99.8% of those scanners sit unused because nobody cared enough to enable them.  This is much ado about nothing, really.  The timing?  pretty dumb.  The NSA doesn't need fingerprints to get into a smartphone.  Smartphones are notoriously insecure, all of them.


Yeah, HP laptops had (have?) fingerprints since the early 2000s. I never bothered setting it up, not because of privacy concerns, but because it was pretty useless.

Anyway, the NSA/CIA most likely have your fingerprints anyway. If you've been in the armed forces, a doctor, lawyer, LEO, pilot, postal worker, nurse, pharmacist, worked at a bank, etc..your fingerprints are most likely on file.

----------


## helmuth_hubener

> Hm. I'm just asking myself questions, helmuth. This stuff with phones is not my thing. I don't know anything about schematics of the infrastructure of these devices themselves. I do know how infrastructure/environment that these devices are seemingly being designed to function in typically functions. So just trying to learn what the correct questions are based on what I actually do know about the flipside.
> 
> I know that I pay for 3 of these i...things. But I don't personally use one myself.


 Oh, nothing personal.  I just can pretty much guarantee that the option of simply not using the fingerprint scanner will be available and perfectly easy.  So that is one option.

What if you do want to use it?  Could the gov't somehow hack into the phone and get the fingerprint information?  I think the answer to that question is yes.  How could a man prevent that from happening?  That is probably the most interesting question, and the most difficult to answer.

----------


## CPUd

One time, I tried to turn a mouse into a fingerprint scanner, but at the time, they didn't have a high enough resolution to be useful:

http://hackteria.org/wiki/index.php/..._Optical_Mouse

----------


## Natural Citizen

> Oh, nothing personal.  I just can pretty much guarantee that the option of simply not using the fingerprint scanner will be available and perfectly easy.  So that is one option.
> 
> What if you do want to use it?  Could the gov't somehow hack into the phone and get the fingerprint information?  I think the answer to that question is yes.  How could a man prevent that from happening?  That is probably the most interesting question, and the most difficult to answer.


Well... if one _does_ want to use it then it's great technology as Matt was saying. I'm not knocking on the technology. Not particularly concerned with tbtb hacking, per se. They don't really have to hack anything if one confirms that they accept terms of service. Which is the true ball of wax. At least as far as I myself care about it. Is a matter of citizenship down the road. And repatriation during times of technological change is a big old glass of water. That may not make sense to many people but something to stay watchful of.

----------


## dannno

> Yeah, Apple does some stupid stuff sometimes.  If something like this were mandatory it would bother the hell out of me, but stuff like this is never mandatory on any tech product, Apple or otherwise.  Was it HP laptops that came out with a fingerprint scanner about 8 years ago?  99.8% of those scanners sit unused because nobody cared enough to enable them.  This is much ado about nothing, really.  The timing?  pretty dumb.  The NSA doesn't need fingerprints to get into a smartphone.  Smartphones are notoriously insecure, all of them.


I have no inherent problem with it, just if some backdoor is installed that allows them to verify your finger is the one using your phone so you cannot have any sort of plausible deniability about something you may have done on your phone.

----------


## Dr.3D

I imagine a hacker could get the fingerprint information and then start printing 3D latex gloves so he can be anybody on his list.

----------


## brushfire

The government can remotely enable the fingerprint scanner from the backend.  They've been doing the same with cellphone mic's since the mid-late 90's

http://www.techdirt.com/articles/201...rophones.shtml

----------


## I<3Liberty

> What if you do want to use it?  Could the gov't somehow hack into the phone and get the fingerprint information?  I think the answer to that question is yes.  How could a man prevent that from happening?  That is probably the most interesting question, and the most difficult to answer.


SECUIRITY SHIELD BAGS and cases, of course! *puts on tin foil hat*  

There are these security shield bags that help protect your electronics from hackers, and wallets that protect your cards. While it obviously doesn't work when you take your phone, laptop, tablet, etc. out of the bag or protect your electronics from all threats, it's still kind of neat. I bought this one because I liked the style.

----------


## GunnyFreedom

> SECUIRITY SHIELD BAGS and cases, of course! *puts on tin foil hat*  
> 
> There are these security shield bags that help protect your electronics from hackers, and wallets that protect your cards. While it obviously doesn't work when you take your phone, laptop, tablet, etc. out of the bag or protect your electronics from all threats, it's still kind of neat. I bought this one because I liked the style.


Faraday cages!  There are a bazillion options for making electronics EM secure nowadays.

----------


## I<3Liberty

> Faraday cages! There are a bazillion options for making electronics EM secure nowadays.


Eww! Who wants to carry one of those around? The bags have a Faraday shield built-in, so you can help keep your electronics safe without looking like a paranoid geek.

----------


## GunnyFreedom

> Eww! Who wants to carry one of those around? The bags have a Faraday shield built-in, so you can help keep your electronics safe without looking like a paranoid geek.


Your (linked) purse is a Faraday Cage, weather they want to call it a 'shield' because the word 'cage' is too geeky or not.  I didn't think you carrying around the bag you linked would look all that geeky, but maybe you are right and I am wrong.

----------


## CPUd

If you do decide to use the fingerprint scanner, use your middle finger.  That way, if your system does get compromised, you can have the last laugh!

----------


## Natural Citizen

Chaos Computer Club breaks Apple TouchID




> The biometrics hacking team of the Chaos Computer Club (CCC) has successfully bypassed the biometric security of Apple's TouchID using easy everyday means. A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID. This demonstrates  again  that fingerprint biometrics is unsuitable as access control method and should be avoided.

----------

