
The Pixel 4’s face unlock works on sleeping people - mataug
https://arstechnica.com/gadgets/2019/10/the-pixel-4s-face-unlock-works-on-sleeping-unconscious-people/
======
altmind
Your bio-metrics - your face, your voice, your fingerprints are your login,
not your password.

You cannot change them, you leave this data everywhere and this data can be
snooped and replayed easily.

Moreover, this data is singular for a person - its hard to assign yourself
multiple roles or have multiple sets of credentials with different permissions
or for different services.

We collectively should stop revolutionizing the access control sphere and use
boring scheme with passwords, pins and tokens.

~~~
Spivak
This stance is a little silly from tech circles.

Something you are is the perfect form of authentication.

If you had a guard sitting at a door with only biometric information about the
people they’re supposed to let in: faces, fingerprints, DNA samples, voice
samples, etc. you could not fool them. Why? Because they can authenticate that
the reading is coming from the actual person.

This is the revolution. If your phone can with good enough accuracy determine
that it’s looking at a real alive attentive human face or a real finger then
it’s game over. It’s an auth cred that can literally only be used by you, it
can’t be copied, stolen, hacked, phished, and can be totally public while
being useless to an attacker because they can’t mint a live human with real
matching fingerprint.

If you think of biometric auth as “present a picture of your fingerprint” and
not “present your actual finger” then of course you arrive at the conclusion
that they’re useless as a credential.

~~~
disappearance
> Something you are is the perfect form of authentication

Disagree. A bank manger with a gun held to their head is not a bank manager
for the intended purposes.

~~~
CDSlice
How is this any different of a scenario than having the bank manager memorize
a password? They can still force the bank manager to give up the password by
threatening to blow their brains out.

~~~
godelski
> How is this any different of a scenario than having the bank manager
> memorize a password?

Because in the other scenario the bank manager can be killed and the murderer
can still use the "key" (the bank manager's lifeless face). Dead or alive the
bank manager is still that same person.

With a password there's more security for the bank manager. If the robber
kills the manager then the robber can't get in.

------
goldcd
I know this issue is going to be 'solved' with the next software update...
..but can't help but feel if you're trying to hide access to your phone from
somebody who:

1) Can pick up your phone 2) Wants to access your phone 3) Has access to you
and your phone as you sleep 4) You don't want to have access to your phone

Bluntly - awaiting an Android update is the least of your problems if you hit
the criteria above.

~~~
goldcd
Or stepping back a bit to all those phones with fingerprint-readers (i.e.
previous pixels and most phones out there)

DID YOU KNOW YOUR FINGERPRINTS EXIST WHILST YOU SLEEP?!?!?!!

I'm now considering quitting my job to create lockable-kevlar-mittens the
people can don, to ensure your biometrics are safe as you sleep.

~~~
goldcd
Why would you downvote this?

Seems reasonable to raise the fact your suspicious sleeping-partner could
press your digit to your phone, if they wanted access.

I know we all like a good story, but just taking pixels, I'm unsure how this
issue makes your phone less secure than the last one.

~~~
close04
It's presumably a bit more accessible to use face unlock on a sleeping person
since it involves no physical contact. Pressing someone's finger on the reader
has a higher (probably still small) chance of waking that person up.

------
agildehaus
I don't know why anyone would want a face unlock instead of a simple
fingerprint sensor. My phone is unlocked and ready for me before it even
leaves my pocket.

The lack of it is one of the major reasons I'm not upgrading my Pixel 2.

~~~
on_and_off
I ordered a pixel 4 , almost only because my pixel 2 is busted, Google will
still trade it in while Apple won't trade Android phones unless maybe if I go
ask in a store (well, among other reasons but I am already verging off topic)
.

None of the locking mechanisms I know protect you against all "threat
vectors".

In particular, in case a shitty partner wants to access your phone while you
are asleep, both fingerprint and google face unlock fail.

I do like the fingerprint sensor on pixel 2.

It could be even better if there was one on the screen for when the phone is
on a flat surface, but it does the job well otherwise.

Nevertheless, an easy to use secure enough solution should work well enough
against the threat most people worry about : somebody stealing their phone /
forgetting it somewhere.

~~~
chipperyman573
>In particular, in case a shitty partner wants to access your phone while you
are asleep, both fingerprint and google face unlock fail.

I get face unlock (because closed eyes and your muscles will be more relaxed),
but why does the fingerprint sensor fail while you're asleep? Does it measure
heart rate?

~~~
throwaway744678
Parent meant that the _protection_ fails (the device unlocks)

------
cwkoss
When face unlock first came out, my boss bought a phone with it and was
showing it off at the office. I took a picture of him and held it up to the
camera, and was able to unlock his phone.

He was a little less excited about the feature after that...

~~~
bluedino
The more complicated systems either take a 3D scan of your face or use an IR
camera (the later can be fooled by an IR photo...)

~~~
nokcha
>an IR photo

Is such a thing possible? My understanding is that IR emission from ordinary
objects is primarily determined by their temperature. To imitate the IR
signature of a human face, one would need a special-purpose, actively-powered
device.

------
matchbok
Another instance of Android copying and iOS feature poorly. What exactly is
Google even working on these days?

~~~
mav3rick
Yeah right. Forgot "Night Sight" by Google which is only now copied by Apple
as "Night Mode". What is apple working on these days ? This phone also has
Soli in the phone. Apple is set to copy it for it's next phone.

------
outworlder
I bet this half-assed implementation is only there so that potential shoppers
with a checklist in hand will be able to mark the feature as present. I wonder
how many reviewers fell for it.

~~~
tomerico
I imagine that it's more nuanced - people expect biometric security from their
phone today.

The Pixel 4 removed the fingerprint sensor, relying on the face recognition. I
imagine that what happened is that the full functionality wasn't ready for
launch, and they had to decide between shipping a partial implementation or
postponing the phone's launch date.

~~~
OnlineGladiator
If they had reason to believe it wouldn't be ready, why did they choose to
remove the fingerprint scanner? If both options were available there'd be an
order of magnitude fewer complaints.

~~~
Skunkleton
Because the hardware for the fingerprint scanner was removed long before it
was obvious that they weren't "done" with the face scanning software. Its
likely that they decided to trim back the functionality of the face scan well
after the drop dead date for getting the hardware on time.

~~~
OnlineGladiator
That's kind of my point. It was probably poor planning, although it's possible
something very unlikely went wrong. But it's not really that cutting edge of
technology anymore so either the engineering team was underwhelming (a little
hard to believe at Google) or the project was poorly managed (very easy to
believe at Google).

~~~
Skunkleton
I see your point, but I don't agree. It wasn't poor planning, it was a
calculated risk. Their options as I see it:

1) Delay - yet another year where the pixel doesn't have good facial
recognition. During this period all of the OEMs will probably implement some
crappy FaceID knock off which will damage Androids image.

2) Bank on in-development facial recognition - Google has lots of talent, they
can probably get it done. Risk, they don't get it done.

3) Include both - hardware costs go up, internal size goes up, and people will
expect both the next year.

4) Skip facial recognition entirely - Get "left behind". AFAICT people expect
facial recognition for unknown reasons. Further, there are several
applications of facial scanning that enable non-biometric-security features
(anti-features?).

Its easy to see how they chose option two. Sucks it didn't work out.

~~~
OnlineGladiator
I'm looking at option 3 as the logical choice. I admit I don't know, but you
really think the added cost of the fingerprint sensor is significant on an
$800 phone that's really meant as a flagship device to help keep Android
relevant against iOS? Also while HN is certainly not the market at large,
there's been more pushback for thicker phones with larger batteries, so the
added thickness could be seen as a benefit.

I don't know how Google weighed it or how they chose their priorities so I
can't say whether or not they made the right call at the time (hindsight is
20/20). But based on your list, option 3 is the obvious choice to me.

There's also the question of how long they had from the hardware cutoff date
to the software cutoff date - I'd guess many months. Why not allocate more
resources to help with the facial recognition software? That project by itself
for a company at Google's scale should not take that long. Like I said, this
is no longer cutting-edge tech.

I guess we have to agree to disagree, but I think Google really fucked up the
Pixel 4 and I bet it was a Product Manager who is responsible.

------
ryanmcbride
At first reading this I thought "My iphone recognizes me right when I wake up
so I'm sure someone could use unlock it while I was asleep or unconscious" but
I tried it a few times while making a 'passed out' face and it turns out,
nope. At least I couldn't get it to. Even tried using my hands to hold open my
eyelids and it didn't unlock. That's pretty impressive.

~~~
deergomoo
There’s a setting “Require Attention for Face ID” that controls this. It’s
enabled by default, but if you’re unable or find it difficult to look directly
at the sensor (or wearing sunglasses that block IR) you can turn it off and
make it behave like the Pixel.

You can even point it at your face while looking away, and it won’t unlock
until you make eye contact.

~~~
stordoff
It's surprisingly sensitive as well. I've just try tried focusing on a spot
5cm to the side/above my iPhone 11, and it reliably wouldn't unlock until I
glanced at the camera.

------
cooljacob204
Face unlock will always be for convenience, not real security.

To me it's like a front door lock. It's there to dissuade people. If someone
is adamant enough they will get in.

~~~
ryanmcbride
Totally agree but moving the dot a little further down the line towards
security is never a bad thing. Perfect shouldn't be the enemy of the good, etc
etc.

------
eth0up
I find myself perplexed by many conventions, maybe I'm a lout. A tidy slice of
tape unconventionally covers my phone's frontal camera, which to me is a
functional and valued liberty, while the option lasts. I uneagerly anticipated
the paradigm of soft switches, unserviceable batteries and blackbox gadgetry
and have partially succumbed, slightly ashamed. Similarly I've feared the
eventual ever vigilant indelible Eye squirming onto my required work surface.
Will this be yet another lockstep along the one-way whizbang march of the
techno enamored... or will future devices continue to serve and forgive their
users of modifications and personal choices? Abridged keyboards, zombie MACs,
unremovable apps, fastidious needy cameras, walled shrubberies, presidential
alert suppositories, registered devices, opaque source, mutant laptops,
ubiquitous Ring, very clever speakers (microphones)... and I hope I'm just a
cantankerous luddite who doesn't appreciate the finer attributes of an
autonomous device designed by insatiable gormandizers of data and sweathearts
of authoritah. I use fingerprint auth, as a convenience, not for security. It
seems among the options best left alone (you know, useful), but I suspect this
will become a precedent for future models in general. Not against it as an
option though.

------
greenyoda
Another biometric security flaw, reported yesterday:

> Samsung: Anyone's thumbprint can unlock Galaxy S10 phone

>
> [https://news.ycombinator.com/item?id=21280205](https://news.ycombinator.com/item?id=21280205)

------
hawkesnest
I just attempted to unlock my work-issued laptop with Windows Hello with my
eyes shut. Worked perfectly, recognized me without issue. Guess I'll have to
disable that now. :(

------
rolph
thats a zero day worth looking into. A latex mask would be harder to do
without consent, but we do have 3d printers and image analysis of high
quality.

beyond someone cloning your face in latex and gluing it on thiers, there is
facial excision, and it would be nasty to need caution about someone using
your actual face. working hack or not just the attempt is disasterous to the
victim

~~~
EpicEng
If someone is going to rise to the level of creating a mask in your image to
unlock your phone then you have already failed by using this feature to secure
it. MI6 is coming after you and you're relying on something like this? C'mon.

------
legohead
never used or cared about face unlock

could you just point the phone at a picture of the person? or if depth is
needed, just use a projection on a dummy head?

------
api
I bet it would work on a printed color picture wrapped around a melon,
football, etc.

------
wnevets
Everything I've read about the new Pixels makes think Google doesn't actually
want people to buy these things.

------
maerF0x0
They should just have an interactive login like "Make a sad face" or "Make a
scary face" etc...

they facial movement pattern could become a sort of biometric and they'd get
millions of samples for sentiment analysis / AI

~~~
cheriot
Watching commuters unlock their phones would make my morning so much more
entertaining...

------
mikenew
It feels like this whole wave of "face unlock" is just a dumb side effect of
Apple not being able to get the in-display TouchID to work well enough for the
iPhone X.

Maybe it's slightly better than a fingerprint unlock. Maybe it's slightly
worse. Who cares. It feels like smartphones have moved firmly into the realm
of silly marketing features (at the cost of security, apparently) and we've
left behind any kind of substantial, interesting advancements. I mean, we now
have a radar that let's us skip a song by waving (sometimes, if it works)? The
future of smartphones is increasingly dumb.

