Apple’s facial recognition: Well, it is more secure for the, er, sleeping user Security watchers have given Apple’s introduction of facial recognition technology a cautious welcome. The newly unveiled iPhone X smartphone débuts an advanced facial recognition technology, called Face ID, which relies on Apple’s TrueDepth camera system. The technology features seven sensors and machine learning algorithms …
The data never leaves the iPhone's secure enclave. Besides, unless you have managed to fly under the radar by avoiding government buildings and various public places in major cities like NYC and London that already have facial recognition technology tied into their security cameras your facial biometrics are already on file.
If you've ever been arrested, joined the military, bought a gun (in the US) or applied to get past TSA lines more quickly they have your fingerprints on file as well. It is much easier to use your fingerprints on file to break into your phone than to use facial recognition data to do so because of the depth sensing. Though of course if the government is willing to devote enough resources to you, they'll find a way.
Cut them some slack - PIN number is common enough. And in spoken language it might conceivably eradicate some ambiguity (PIN the number versus pin the pointy thing). Admittedly the context usually gives it away.
And we're using natural language, not a programming language, so it doesn't have to be complete:
- my car's passed its MOT --> MOT test
and it can be redundant:
- 5am in the morning --> 5 in the morning / 5am
- it's got an LCD display --> it's got an LCD
Given the fun I always have trying to get through the ePassport gates at the airport when I forget to take my glasses off, I would also wonder if we're going to see iPhone X users having similar issues, or heaven help them actually having to take their shades off to unlock their phones...
Seems like it would be EASIER to unlock a sleeping person's iPhone with Face ID without permission. With the thumbprint, you have to press the person's finger to the sensor. With Face ID, you merely have to hold it near their face, no direct contact. Of course this would be no use if you sleep face-down. It remains to be determined how much of your face must be visible, so burying part of your face in a pillow is still possibly secure.
I had a schoolmate who indeed could be asleep while sitting bolt upright in the classroom, with eyes open.
No doubt it's a recolonised condition affecting x%.
Still, the scenario is not hard to imagine: Drug dropped into drink Victim falls into drugged sleep. Eyelids held open. Jobs a good'n.
Google has every price of obscene functionality in Maps: The "bonging" "would you like to go the quicker route" and 25 button pressed to begin navigation.
Apple now needs you to hold the phone in front of the road ahead of you.
Yes people will use it whilst driving..
Well, Apple themselves mentioned at the keynote that biometric locks will never be perfect,- the only comment during the entire presentation that was plain honest rather than 100% upbeat super positive marketing droid drivel.
The purpose of this type of lock is the same as the door lock to your house, to create a reasonable barrier suitable for the common purpose. The average phone thief will not have access to multiple lidar scans of your face and 3D printers capable of making better face masks that those Hollywood masks Apple already tested against. Those average thieves just want to re-purpose the hardware, not steal your information from the phone because of the difficulty level involved.
If you require better security, feeling CIA is after you, you will instead disable biometric access and configure your phone to require a long password.
"If you require better security, feeling CIA is after you, you will instead disable biometric access and configure your phone to require a long password."
But what if you have a bad head for passwords, too? I've yet to hear a practical solution that doesn't involve permanent parts of the body or a decent memory.
That's why Apple added the disable where you hit the sleep/wake button five times and it will only unlock with the password. There should be enough time to do that when you hear the knock and "open up this is the FBI!"
If it is a no-knock raid and they catch you sleeping too bad, but if you think that's a possibility for you you might want to consider not using biometrics and instead using a nice long password and always being super paranoid about where you enter it in case of bystanders or hidden cameras!
Courts in some parts of the US were already holding that it is OK for the police to force you to unlock your phone using your fingerprint - and no phone has a fingerprint reader that isn't able to be fooled with your finger so they don't even need your help to do it. So Face ID isn't changing the game any. It is probably more of a problem for a jealous spouse who can grab your phone, hold it in front of your face to unlock it, then run and lock herself in the bathroom and check your texts to see if you've been naughty :)
"That's why Apple added the disable where you hit the sleep/wake button five times and it will only unlock with the password."
I've seen a few people mention this, and it sounds like a good idea. I'm assuming it's an iOs11 thing? as it doesn't work on (otherwise) up to date 6s. Can't find anything in the settings either.
Apple said the chance of defeating TouchID was 1 in 50,000 and the chance of defeating FaceID was 1 in 1,000,000.
Apple also said the evil twin/lookalike would be required to enter the password of the genuine owner. Also, the FaceID was intelligent enough to adapt to changes in owner’s face over time, including the growing a beard. Photos won't work because they don't have physical depth and are not heat/infrared pictures.
The million in one chance basically means that some random person won't unlock your phone by accident - though it would be an interesting thing to try if you ever ran into someone who was your doppelganger!
The million in one chance doesn't necessarily tell us anything about how difficult it is to deliberately deceive if you had access to photographs of someone from multiple angles, a quality 3D printer able to print in multiple materials, and so forth. If it is expensive/difficult enough to fool that way, then those who really want access may resort to XKCD's $5 hammer.
I have no idea how to do this.... but.
How about getting multiple images of a face from different angles, then using that to work out the measurements of the face. Once you have multiple angles that ought to become easier. Scoping social media ought to give you enough images to get a pretty good impression of the face from different angles.
One your have that, you can then make a 3D printed mask of the face and print/paint facial features on to it, also garnered from social media. A few years ago this would have been too pixelated, but now days most phones have pretty decent cameras in them, so high def images are easy.
I doubt it's easy, as I say I have no idea how to do it, but equally I know that with enough maths it ought to be possible.
How about configuring the lock when you are wearing a mask?
Not much help for everyday use in the bus queue but would mess with the head of anyone trying the various dubious tactics suggested up thread.
Alternaively, has anyone checked if it works with a cat?
Gives you two fat purr (sorry) authentication.
What we are trying to do is to make computers as easy as possible to use for legitimate users, but as difficult to use as possible for illegitimate users.
Those two extremes are difficult to achieve.
Security is based on what you are, what you know, and what you have. Facial-feature recognition is the what you are factor. Two-factor authentication is also important since other mechanisms make things more secure.
Kerchoff's principles are still important.
>>In 1883 Auguste Kerckhoffs [2] wrote two journal articles on La Cryptographie Militaire,[3] in which he stated six design principles for military ciphers. Translated from French, they are:[4]
The system must be practically, if not mathematically, indecipherable;
It should not require secrecy, and it should not be a problem if it falls into enemy hands;
It must be possible to communicate and remember the key without using written notes, and correspondents must be able to change or modify it at will;
It must be applicable to telegraph communications;
It must be portable, and should not require several persons to handle or operate;
Lastly, given the circumstances in which it is to be used, the system must be easy to use and should not be stressful to use or require its users to know and comply with a long list of rules.
Some are no longer relevant given the ability of computers to perform complex encryption, but his second axiom, now known as Kerckhoffs's principle, is still critically important.<<
https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle
Tiny bit of an ask.
"The system must be practically, if not mathematically, indecipherable;"
Quantum computers and rubber hoses mean this is increasingly unlikely.
"It should not require secrecy, and it should not be a problem if it falls into enemy hands;"
It WILL require secrecy given how much the enemy can figure out already without the ciphertext. If the enemy is paranoid (and one must assume that), not even steganography can be considered reliable.
"It must be possible to communicate and remember the key without using written notes, and correspondents must be able to change or modify it at will;"
Impossible given electronic memory versus human memory, the latter of which cannot be considered reliable nor safe against rubber hoses. What if one party has bad memory?
"Lastly, given the circumstances in which it is to be used, the system must be easy to use and should not be stressful to use or require its users to know and comply with a long list of rules."
Easy to use usually means easy to break. Even the one-time pad is vulnerable (by intercepting the pad).
The system doesn't inspire confidence when it fails to work at a prestigious launch ceremony. More a case of marketing the next must have `feature` than increased security.
2025: Coming to an iPhone near you, an RFID chip inserted under the skin of the owner linked to the phone so making it only accessible by the owner. Imagine it, vast queues of fanbois lining up to get injected with the chip on their way into an Apple store to buy the iPhone 20. Perhaps I should patent this idea to prevent Apple from stealing it, er beg your pardon, adapting the technology as they have done many times in the past.
Convenience and Security are in constant contention. Holding up your phone to your face and instantly having access is great for grannies and girls on the go. But it's obviously not great security, especially when someone can grab your device, hold it to your face and have access to the Crown Jewels.
What I'd like Apple to do is provide access to full multifactor authentication when we want it. That means our devices would ALSO require a passcode before access is provided. Or how about supporting secure ID dongles, such as the YubiKey? It has to be plugged into the Lightning port before access. Or how about requiring ALL THREE? That's what I want. Three factor authentication.
Reading assignment:
https://en.wikipedia.org/wiki/Multi-factor_authentication
OK, then. Suppose you LOSE your YubiKey? OR it gets STOLEN? Now you're locked out of your phone. Security is now in the way of your productivity; what good is security if it's turned against you? And security people wonder why so many people are so against hoop-jumping...
The FAR/FMR (false acceptance/false match) of Face ID, reportedly one millionths, would make sense only when it comes with the corresponding FRR/FNMR (false rejection/false non-match) and when the values are empirical, not theoretical. I expect The Register to obtain the whole picture with all the empirical figures.
so only idle curiosity here - which isnt enough to make me sit through any video...
so tell me, how well does it cope with non-hipster, ungroomed, live and evolving, real beards ?
or people who work in extremely dirty/dusty environments - doesnt happen often, but there are days when I look like I've been working in a coal mine, and more frequently my skin tone is affected by high heat and intense sunlight.
Obvious answer is that people who work hard arent the target demographic, its baristas, not lumberjacks, that traditionally buy apple..
anon for mask icon
So what's to stop people using a small photo of the queen or donald trump to set up and then unlock their phone?
Remember this is a face as an ID but doesn't have to be your face, at least I assume it doesn't have to be your face within the t&cs.
This is ultimately as pervasive as the harmless idea that a sole and real name email address is a good idea for all your digital activities.
Before you know it your face as a digital tracking tool will be everywhere. At least in the commercial space, now is an opportunity to spoof the system (Transport Tycoon style random faces?) from the start, at least if you care about enjoying some anonymity while walking around shops with curb in a few years time!
What FAR means when it does not come with the corresponding FRR?
Answer: It means nothing.
According to some tech media¸the FAR (false acceptance rate) of iPhone X Face ID is said to be one millionth, which might be viewed as considerably better than the reported one 50,000th of Touch ID.
It is not the case, however. The fact is that which is better or worse can by no means be decided when the corresponding FRR (false rejection rates) of Face ID and Touch ID, which are in the trade-off relation with FAR, are not known. This crucial observation is seldom reported by major tech media. It is really sad to see the misguided tech media spreading the misguiding information in a huge scale.
The only meaningful fact that we can logically get confirmed by the trade-off between FAR and FRR is that the biometrics deployed with a password as a fallback means against false rejection would only provide the level of security lower than that of a password-only authentication.
Face ID, which brings down security as such, could be recommended only for those who want better convenience, as in the case of Touch ID. If recommended for better security, it would only get criminals and tyrants delighted.
Security professionals are expected to speak up.
30-second video - https://youtu.be/7UAgtPtmUbk
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
