
Apple's FaceID – Schneier on Security - rbanffy
https://www.schneier.com/blog/archives/2017/09/apples_faceid.html
======
newscracker
> I am confident that Apple is not collecting a photo database, but not
> optimistic that it can't be hacked with fake faces. I dislike the fact that
> the police can point the phone at someone and have it automatically unlock.

That's what I thought too when the Face ID feature was confirmed (post
rumors). It's easier for other people to take one's phone (talking about known
people here), point it at the face and unlock it without the owner's consent
or interaction. This is not that trivial to do with Touch ID, where one would
have to grab the owner's hand and place the finger (or fingers) on the Home
button. The odds of being deceived into unlocking one's phone without
knowledge or consent seems to be higher here.

From a privacy perspective, I also worry about how governments would use these
advances in technology for surveillance (if we believe Apple's claim of
fingerprints having an error rate of 1 in 50000 and face recognition having an
error rate of 1 in a million).

~~~
valuearb
Unlocking requires attention. They'd have to take your phone, point it at your
face, and stop you from closing your eyes or looking elsewhere.

If they can do all that, how can TouchID or a passcode stop them?

~~~
newscracker
I mentioned in my comment, within parentheses, that I was referring to known
people - like friends, acquaintances, classmates, co-workers, etc. It's easier
to unlock the phone and get sensitive information with Face ID than with Touch
ID. I can only think of pranks going severely wrong and causing havoc. We'll
get to know in a few months.

------
niceperson
It bothers me how people scan faces voluntarily now.

