Linked by Thom Holwerda on Wed 11th Sep 2013 22:16 UTC
Apple

Apple's new iPhone 5S, which comes with a fingerprint scanner, won't store actual images of users' fingerprints on the device, a company spokesman confirmed Wednesday, a decision that could ease concerns from privacy hawks.

Rather, Apple's new Touch ID system only stores "fingerprint data", which remains encrypted within the iPhone's processor, a company representative said Wednesday. The phone then uses the digital signature to unlock itself or make purchases in Apple's iTunes, iBooks or App stores.

In practice, this means that even if someone cracked an iPhone's encrypted chip, they likely wouldn't be able to reverse engineer someone's fingerprint.

This seems relatively safe - but then again, only if you trust that government agencies don't have some sort of backdoor access anyway. This used to be tinfoil hat stuff, but those days are long gone.

I dislike the characterisation of privacy "hawks", though. It reminds me of how warmongering politicians in Washington are referred to as 'hawks", and at least in my view, it has a very negative connotation.

Permalink for comment 571977
To read all comments associated with this story, please click here.
RE[7]: wait
by leos on Fri 13th Sep 2013 02:40 UTC in reply to "RE[6]: wait"
leos
Member since:
2005-09-21

That's a good point. As I said trust is earned, so it's Apple's job to earn that trust if its very difficult for Apple to do that, then that's their problem. The burden is on them, not the consumer.


They have earned it. Clearly not from you, but from millions of their customers. Trying to earn it from you is pointless, since you would never be satisfied until you saw the code, and then you'd invent a different reason not to trust them.

In reality, you have to think about motivations. Let's put aside the NSA for a moment and think about what is in Apple's best interest. Do you think it is in their interest to upload fingerprints to their server, or not adequately protect the information? You think it is in their interest to create something that will end in a massive security scandal? No of course not. They are just as interested in making this system secure as you are. That doesn't mean there aren't vulnerabilities present, but the idea that they are somehow misleading people and not doing their best to make this thing secure just doesn't pass the common sense test.

Reply Parent Score: 3