Linked by Thom Holwerda on Wed 11th Sep 2013 22:16 UTC
Apple

Apple's new iPhone 5S, which comes with a fingerprint scanner, won't store actual images of users' fingerprints on the device, a company spokesman confirmed Wednesday, a decision that could ease concerns from privacy hawks.

Rather, Apple's new Touch ID system only stores "fingerprint data", which remains encrypted within the iPhone's processor, a company representative said Wednesday. The phone then uses the digital signature to unlock itself or make purchases in Apple's iTunes, iBooks or App stores.

In practice, this means that even if someone cracked an iPhone's encrypted chip, they likely wouldn't be able to reverse engineer someone's fingerprint.

This seems relatively safe - but then again, only if you trust that government agencies don't have some sort of backdoor access anyway. This used to be tinfoil hat stuff, but those days are long gone.

I dislike the characterisation of privacy "hawks", though. It reminds me of how warmongering politicians in Washington are referred to as 'hawks", and at least in my view, it has a very negative connotation.

Thread beginning with comment 572035
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[15]: wait
by jared_wilkes on Fri 13th Sep 2013 16:23 UTC in reply to "RE[14]: wait"
jared_wilkes
Member since:
2011-04-25

I don't know why you think I'm "terribly offended"; I just think you are stupid.

I responded to an idiotic comment that he should RTFM because his questions were already answered. You and others somehow presume this means I am saying this is perfect and flawless and there is no need to ask questions and Apple is perfect.

I haven't said that at all. I have said those questions do exist but that the stupid questions asked by the first poster were answered by the article if he ACTUALLY READ IT. This is the meaning of RTFM (whether or not there is literally a manual or man page or no). That I have to explain this over and over and over and over again to you and others is further example of RTFM!!!!

Reply Parent Score: 1

RE[16]: wait
by Alfman on Fri 13th Sep 2013 17:47 in reply to "RE[15]: wait"
Alfman Member since:
2011-01-28

jared_wilkes,

"I don't know why you think I'm 'terribly offended'; I just think you are stupid."

... said as a six year old would. Grow up and perhaps we can have an earnest discussion about security topics without resorting to childish name calling, which I hope you can agree is counterproductive. So what do you say, move on?

Alas I don't know that there's much more to discuss since apparently nobody here has access to the technical information about how this finger reader works. We just have theories until someone reverse engineer's the thing and publishes the details (or in an unusual twist apple actually elects to disclose them itself).

Among other things, I am extremely interested in the device's false positive and false negative rates during actual use and what kind of hashes are stored.

Reply Parent Score: 3

RE[17]: wait
by jared_wilkes on Fri 13th Sep 2013 18:40 in reply to "RE[16]: wait"
jared_wilkes Member since:
2011-04-25

You were responding to me. My point was in response to the first poster. The first poster didn't comprehend the difference between images of fingerprints and dat that authenticates a scanned fingerprint with an ID and didn't understand that this was happening locally.

It was you who chose to argue this reality with me. Yes, I still think is completely stupid. As I have said, this has been the full extent of my point in this subthread. You having specific technical questions about the implementation doesn't have any bearing on the truth of my statement. So, yes, your comments are stupid. As stupid as the original posters. That may be indelicate but it's not childish. It's just the truth.

Reply Parent Score: 2