Linked by Thom Holwerda on Wed 13th Sep 2017 21:56 UTC
Privacy, Security, Encryption

If you value the security of your data - your email, social media accounts, family photos, the history of every place you've ever been with your phone - then I recommend against using biometric identification.

Instead, use a passcode to unlock your phone.

Can't argue with that - especially in place where law enforcement often takes a... Liberal approach to detainees.

Thread beginning with comment 648868
To read all comments associated with this story, please click here.
Member since:

So I'm now carrying a 3D scanner in my hand. How many other peoples faces could I capture in 3D detail with that?

If I had access to Apple's database of Face2People - how quickly and accurately ( beyond typical face recognition ) could I ID people. If I didn't have Apples database could I use a combination of a 3D model built from photos from different angles taken from the web and the captured 3D model to improve matches between the physical virtual - hold up your phone and have an AR app where is everything you can find out online about that person is in a bubble over their head.

Security services gonna love this.

In terms of device security - well at least they need the device as well as the face, I hope nobody is stupid enough to extend this to a web app.

Reply Score: 2

darknexus Member since:

If I understand Apple's presentation correctly, they do not store a database of faces. They were quite clear that all recognition takes place on the device and is never sent to the internet for processing. Facial data is stored in a hardware-backed encryption enclave on the A11 chip itself. They could be lying about that of course but, given how much people are going to be digging for security flaws in it, I doubt they'd risk a lie.

Reply Parent Score: 2