
That Fingerprint Sensor on Your Phone Is Not as Safe as You Think - dsr12
https://www.nytimes.com/2017/04/10/technology/fingerprint-security-smartphones-apple-google-samsung.html
======
zichy
Yes, we know. [1][2]

\--

[1]: [https://media.ccc.de/v/31c3_-_6450_-_de_-
_saal_1_-_201412272...](https://media.ccc.de/v/31c3_-_6450_-_de_-
_saal_1_-_201412272030_-_ich_sehe_also_bin_ich_du_-_starbug) (German)

[2]:
[https://media.ccc.de/v/dg49-biometrie](https://media.ccc.de/v/dg49-biometrie)
(German)

------
PhantomGremlin
Sigh. I clicked, hoping to learn something. But in the fourth paragraph I
read:

 _The researchers did not test their approach with real phones_

That's when I stopped.

What, nobody at NYU or Michigan State could afford to buy some "real phones"
to check out their theories???

What fucking bullshit!!!

~~~
apetresc
Yeah, exactly. "Did not test with real phones" is journalist code for "does
not actually work in reality, but why throw away a perfectly good headline?"

------
slededit
Honestly, if it weren't for the finger print sensor I'd still be passwordless.
I can't imagine I'm alone on that.

------
pseingatl
Keep in mind also that the giving of fingerprints is considered non-
testimonial. You can be forced to give up your fingerprints, but in a criminal
prosecution you cannot be forced to answer questions such as, "what is your
password?" The heightened security thought to be obtained by cloaking a phone
with a fingerprint is thus easily removed.

~~~
askvictor
I hope that soon a 'duress fingerprint' option is implemented; the simplest
way is that you enroll one finger to be your duress finger. When you scan that
one, the phone will require a password to unlock it (even if rebooted)

~~~
idlewords
"Please extend your right index finger"

Cop presses your finger to phone.

~~~
askvictor
So keep your right index finger as the duress finger if you are high risk, or
just use the duress finger as soon as you see police. Not 100% effective, but
nothing is.

~~~
idlewords
This is from the "I'll just stun them with a triple spin kick" school of
activist fantasy.

------
Neliquat
1\. Fingerprint scanners have always had security issues.

2\. They replicated nothing.

3\. Why nyt?

~~~
jefhwite
I think the Master Print technique is an novel approach to biometric cracking
— closer to the statistical techniques used to defeat passwords, right?

