Amid fears about the security of Apple's new Touch ID fingerprint sensor, an Apple spokesman has told The Wall Street Journal that the phone will only store the data used to recognize fingerprints, rather than actual images
Apple's new iPhone 5S, which comes with a fingerprint scanner, won't store actual images of users' fingerprints on the device, a company spokesman confirmed Wednesday, a decision that could ease concerns from privacy hawks.
Rather, Apple's new Touch ID system only stores "fingerprint data," which remains encrypted within the iPhone's processor, a company representative said Wednesday.
In practice, this means that even if someone cracked an iPhone's encrypted chip, they likely wouldn't be able to reverse engineer someone’s fingerprint.
Announced yesterday, Touch ID is a new security feature built into the home button of the iPhone 5s, designed to allow users to unlock their phones and authorize iTunes purchases with a finger scan. The sensor captures a high-resolution image of a fingerprint, analyzing it to provide accurate readings.
During its Touch ID presentation, Apple was quick to specify that all fingerprint information is encrypted and stored "in the Secure Enclave inside the A7 chip on the iPhone 5s" rather than being stored on Apple servers or backed up to iCloud. Developers are also not being provided with access to user fingerprints as a means of authentication.
Apple also gave the The Wall Street Journal a few other tips on the fingerprint sensor, noting that it occasionally malfunctions with moist fingers or fingers scarred by accidents and surgery. The company also explained that Touch ID must be supplemented with a passcode.
Apple customers who wish the use Touch ID also have to create a passcode as a backup. Only that passcode (not a finger) can unlock the phone if the phone is rebooted or hasn’t been unlocked for 48 hours. This feature is meant to block hackers from stalling for time as they try to find a way to circumvent the fingerprint scanner.
The iPhone 5s, with the new Touch ID functionality, is set to be released to consumers on September 20. Apple is not accepting pre-orders for the device.
All I know is that it takes 4-5 seconds to home button + slide to unlock + passcode and even longer if you are using alpha numeric password.
Personally I unlock my phone ~50 times per day.
Saving ~4 seconds between slide to unlock and passcode is roughly ~200 seconds per day saved unlocking my phone or ~3 minutes. 3 minutes per day equates to roughly ~18 hours per year or more than $5,000 worth of lost productivity unlocking my phone.
That alone makes this touch sensor worth while.
I would have to troll on your post and get banned. Your post is crazy.
If you are so concerned about time lost whilst unlocking the phone then why are you on macrumors chatting about it. I'm sure that lost you way more time.
All I know is that it takes 4-5 seconds to home button + slide to unlock + passcode and even longer if you are using alpha numeric password.
Personally I unlock my phone ~50 times per day.
Saving ~4 seconds between slide to unlock and passcode is roughly ~200 seconds per day saved unlocking my phone or ~3 minutes. 3 minutes per day equates to roughly ~18 hours per year or more than $5,000 worth of lost productivity unlocking my phone.
For those who don't understand cryptographic one-way hashes, they cannot be reversed to produce the original data without a dictionary attack. A dictionary attack in this case would require a collection of actual human fingers or replicas of them to run through Apple's Touch ID to see which cryptographic hashes match the one stored on the device.
Also note, that their is a really really really small chance that two fingerprints will generate the same cryptographic hash. Cryptographic hashes by their very nature have LESS data than the source data for which they are hash. This means that the if the source data has potentially quadrillions of combinations that there may be only billions of values that they hash to (a one to many mapping of hashes to source data). More likely scenario is that your fingerprint hashes to the same value as a fingerprint that does not currently exist on the planet today and may never exist.
Think of a large 500-page book as a just a collection of letters, numbers, spaces, and punctation. You could pound on the keyboard and produce a book of random text or you could carefully craft an actual readable book. The hash reduces the book to a hash of say 500 characters which is generated in such a way that even changing a single letter in the book or the capitalization of a single letter produces an entirely different hash (cryptographic hash algorithms magnify any change to cyclically change other parts). Obviously, there is no way you could take 500 characters of data and regenerate the 500-page book (that would be the most amazing lossless-compression algorithm in the world, but also mathematically impossible). Because of this you cannot reverse it. You could however, run a hash on all books known to man to find the one that matches the same value (a dictionary attack). Finally, there is a possibility that two carefully crafted books hash to the same value, but it is far more likely that a book's hash would match some of the billions of permutations of random letters , numbers, spaces, and symbols that have never been bound into a book.
It is the same for fingerprint data. Your actual fingerprint could only be determined if somebody already had a replica of your finger in a database and could make Apple's Touch ID sensor generate the same hash from it. The worst somebody could do is break into your phone or prove that a phone did indeed belong to you. What's more, the odds of somebody else's fingerprint matching yours is like two monkeys pounding out the exact same content on a keyboard after an hour of bashing away at it. Either way, there is no chance of your fingerprint being cloned and used in other places to impersonate your presence.
All I know is that it takes 4-5 seconds to home button + slide to unlock + passcode and even longer if you are using alpha numeric password.
Personally I unlock my phone ~50 times per day.
Saving ~4 seconds between slide to unlock and passcode is roughly ~200 seconds per day saved unlocking my phone or ~3 minutes. 3 minutes per day equates to roughly ~18 hours per year or more than $5,000 worth of lost productivity unlocking my phone.
That alone makes this touch sensor worth while.
Good to know that you make more than $277 an hour :)
Dear Apple, I'm sorry because I realise it's not really your fault, but I don't trust that the NSA haven't nobbled you, and nothing you have said so far leads me to um think different, as it were.
Apple changed the strategy for iOS 17 later in its development process to add several new features, suggesting that the update may be more significant than previously thought, Bloomberg's Mark Gurman reports.
In January, Gurman said that iOS 17 could be a less significant update than iPhone updates in previous years due to the company's intense focus on its long-awaited mixed-reality...
Friday March 24, 2023 12:27 am PDT by Tim Hardwick
This year, all iPhone 15 models will include Apple's Dynamic Island that unifies the pill and hole cutouts at the top of the display, but there will also be a material change to the feature that wasn't included in the iPhone 14 Pro models.
According to a new tweet by Apple industry analyst Ming-Chi Kuo, the proximity sensor on the iPhone 15 series will be integrated inside the Dynamic Island ...
We're still almost six months away from the official unveiling of the iPhone 15 lineup, but it seems like every day we're learning more about what to expect from the next-generation models. Notably, this week gave us our clearest look yet at what appear to be some changes for the volume and mute control hardware.
iOS 16.4 and associated releases are also right around the corner with some new ...
We saw a lot of great deals on Apple products and related accessories this week, including Samsung's iMac-like Smart Monitor M8 for $250 off, a 30 percent off spring sale at Anker, and the year's best prices on numerous AirPods models. All of these deals are still available to purchase right now, so we're recapping them and more below.
Note: MacRumors is an affiliate partner with some of these ...
Apple showcased its mixed-reality headset to the company's top 100 executives in the Steve Jobs Theater last week, according to Bloomberg's Mark Gurman.
In the latest edition of his "Power On" newsletter, Gurman explained that the "momentous gathering" is a "key milestone" ahead of the headset's public announcement planned for June. The event was intended to rally Apple's top members of...
Some Apple employees are concerned about the usefulness and price point of the company's upcoming mixed-reality headset, The New York Times reports.
Apple headset concept by David Lewis and Marcus Kane Initial enthusiasm around the device at the company has apparently become skepticism, according to eight current and former Apple employees speaking to The New York Times. The change of tone...
Thursday March 23, 2023 6:42 am PDT by Joe Rossignol
While the iPhone 15 series is still around six months away from launching, there have already been plenty of rumors about the devices. Many new features and changes have been rumored for the iPhone 15 Pro and iPhone 15 Pro Max in particular.
Below, we have recapped 10 changes rumored for iPhone 15 Pro models that are not expected to be available on the standard iPhone 15 and iPhone 15 Plus:A1...
Following nearly six weeks of beta testing, iOS 16.4 is expected to be released to the public as soon as this week. The software update includes a handful of new features and changes for the iPhone 8 and newer. To install an iOS update, open the Settings app on the iPhone, tap General → Software Update, and follow the on-screen instructions.
Below, we have recapped eight new features and...
Apple on January 23 released iOS 16.3, delivering support for Security Keys for Apple IDs, changes to Emergency SOS functionality, support for the second-generation HomePod, and more.
Top Rated Comments
If you are so concerned about time lost whilst unlocking the phone then why are you on macrumors chatting about it. I'm sure that lost you way more time.
Facepalm is NOT enough in this case!
Personally I unlock my phone ~50 times per day.
Saving ~4 seconds between slide to unlock and passcode is roughly ~200 seconds per day saved unlocking my phone or ~3 minutes. 3 minutes per day equates to roughly ~18 hours per year or more than $5,000 worth of lost productivity unlocking my phone.
That alone makes this touch sensor worth while.
Also note, that their is a really really really small chance that two fingerprints will generate the same cryptographic hash. Cryptographic hashes by their very nature have LESS data than the source data for which they are hash. This means that the if the source data has potentially quadrillions of combinations that there may be only billions of values that they hash to (a one to many mapping of hashes to source data). More likely scenario is that your fingerprint hashes to the same value as a fingerprint that does not currently exist on the planet today and may never exist.
Think of a large 500-page book as a just a collection of letters, numbers, spaces, and punctation. You could pound on the keyboard and produce a book of random text or you could carefully craft an actual readable book. The hash reduces the book to a hash of say 500 characters which is generated in such a way that even changing a single letter in the book or the capitalization of a single letter produces an entirely different hash (cryptographic hash algorithms magnify any change to cyclically change other parts). Obviously, there is no way you could take 500 characters of data and regenerate the 500-page book (that would be the most amazing lossless-compression algorithm in the world, but also mathematically impossible). Because of this you cannot reverse it. You could however, run a hash on all books known to man to find the one that matches the same value (a dictionary attack). Finally, there is a possibility that two carefully crafted books hash to the same value, but it is far more likely that a book's hash would match some of the billions of permutations of random letters , numbers, spaces, and symbols that have never been bound into a book.
It is the same for fingerprint data. Your actual fingerprint could only be determined if somebody already had a replica of your finger in a database and could make Apple's Touch ID sensor generate the same hash from it. The worst somebody could do is break into your phone or prove that a phone did indeed belong to you. What's more, the odds of somebody else's fingerprint matching yours is like two monkeys pounding out the exact same content on a keyboard after an hour of bashing away at it. Either way, there is no chance of your fingerprint being cloned and used in other places to impersonate your presence.
Good to know that you make more than $277 an hour :)