10:08
Unknown
The newly announced iPhone 5s will feature the Touch ID fingerprint scanner, but will it lead to better security or just more headaches?  Within minutes of the iPhone 5s's reveal last week at Apple's headquarters, the Internet was abuzz with talk about the handset's integrated fingerprint scanner. Digital fingerprint technology isn't new (and has even been incorporated onto smartphones before) though for the majority of people it will seem terribly futuristic and exciting. But will it keep you safer? First, a quick recap: the iPhone 5s is the more expensive of the two phones introduced this year. The Touch ID fingerprint scanner is integrated into the device's home button, meaning that most iPhone users won't have to change their habits to use it. Apple has made it emphatically clear that Touch ID information will be encrypted and stored only on the iPhone. Fingerprint data will not be stored on iCloud, and will not be shared with any other applications. What's more, Touch ID is only being used to unlock the iPhone or to authenticate iTunes and App Store purchases.
iPhones also only require a four-digit passcode by default, which can be easily observed or guessed with a little persistence. Touch ID means that nobody, not even someone looking over your shoulder, could login to your iPhone as you. Outside of the iPhone, fingerprints are valuable for identification because they're unique to every individual and provide a "live test." When you scan your fingerprint, the authentication system can confirm who you are, and that you are physically present. Passwords, on the other hand, can be sent from anywhere, by anybody. Are Fingerprints Really Secure? Despite this, digital fingerprint scanners have never achieved widespread acceptance by the consumer electronics using populace, but they've been of great interest to hackers and security researchers for years. So much so that just about every way to beat a fingerprint reader has been thought up. In a blog post, Lumension security analyst Paul Henry pointed out that fingerprints are pretty easy to snatch. "We leave them quite literally everywhere and at a minimum, they're all over the phone," he wrote. He also writes that a good fingerprint reader looks at other factors besides the appearance of a fingerprint, like pulse and temperature. We don't yet know exactly what Touch ID analyzes, but it appears to have some anti-spoofing feaures. During the iPhone 5s/c event, Phil Schiller said that Touch ID sensor looks "through" the outer layers of skin to the "inner, live layer." Also, Touch ID uses a capacitive sensor in the steel ring around the home button, so only materials of a certain conductivity will even register.
"A few years ago a company developed a mouse with an optical fingerprint scanner," wrote Henry, giving an example of a poorly designed scanner. "If I breathed on the scanner to fog it up, it would recognize the fingerprint the previous user left behind and authenticate me." The security company Lookout had similar warnings about Touch ID. "While we can expect the fingerprint scanner in Apple's latest device to use the most advanced defenses to protect against [a spoofing] attack, it's good to keep in mind that this technology has been circumvented before and is likely to be challenged again." Will It Actually Work? A big problem with fingerprint readers is that many will be confused by the orientation of your digit. Turn your finger just slightly and they can't verify it's you. In their announcement, Apple claimed that Touch ID could image any finger in any orientation. We'll have to see how well it actually works with millions of users. Apple has already fessed up to some issues with Touch ID. They told the Wall Street Journal that sweaty, greasy, or wet fingers were probably not going to work. "It also has trouble reading some fingers, the spokesman said, possibly including ones scarred by accidents or surgery," wrote the WSJ. Fingerprints Are Not An Island Just about every expert commentator has made it clear that fingerprints alone aren't much better than passwords. They are more convenient, but they're still vulnerable. It's better to combine biometrics with a second form of authentication—like a password—for maximum security. In reality, Apple isn't actually replacing passwords with Touch ID. When making an iTunes purchase, for instance, you can either enter your password or use Touch ID. Even unlocking your phone won't be entirely finger-print based. Apple told the WSJ that "Only [a backup] passcode (not a finger) can unlock the phone if the phone is rebooted or hasn't been unlocked for 48 hours." There's also the issue of how the iPhone 5s will store fingerprint information. Apple told the WSJ that Touch ID wouldn't store images of your fingerprint, but rather "fingerprint data." Hopefully, this will make it much harder to reverse engineer your actual fingerprints from the data onboard the iPhone.  via Technology - Google News http://news.google.com/news/url?sa=t&fd=R&usg=AFQjCNEnehdp1CAqferugew3wtiiSG8MHQ&url=http://www.pcmag.com/article2/0,2817,2424538,00.asp | |||
|
Posted in: Tablets 4 Kids
0 comments:
Post a Comment