
I recommend against using biometric identification - imartin2k
https://medium.freecodecamp.org/why-you-should-never-unlock-your-phone-with-your-face-79c07772a28
======
driverdan
> And to be clear, a court in the US cannot force you to give up your
> passcode. That passcode exists in your head, and yours alone. It is your
> property, and won’t be used to incriminate you or strong-arm access to your
> data unless you voluntarily give it up.

While technically true this is false in practice. While they can't force you
to provide your passcode they can force you to unlock your phone. Francis
Rawls has been in prison for two years now over refusing to decrypt a hard
drive.[1] The same principle applies to phones. If a judge finds you in
contempt-of-court they can imprison you indefinitely.

1: [https://arstechnica.com/tech-policy/2017/09/judge-wont-
relea...](https://arstechnica.com/tech-policy/2017/09/judge-wont-release-man-
jailed-2-years-for-refusing-to-decrypt-drives/)

~~~
problems
Fuck, that is absolutely nauseating.

What's worse is that trustworthy deniable encryption - which would solve this
- is practically non-existent now that TrueCrypt is gone.

~~~
tedunangst
Eh... The prosecution claims, and the judge believes, that they have a list of
files they expect to find on the drive. If he gives them a password and those
files don't appear, the judge will conclude he gave them the wrong password,
and he will stay put until the right password is produced.

~~~
problems
That's not how this works. With deniable encryption, it is entirely possible
that there doesn't even exist a hidden volume to find. They will be unable to
prove he has a hidden volume and surely a judge will not compel him for not
producing something he may not be able to at all.

~~~
arde
Check out, for example, the case of Martin Armstrong, held for 7 years in
contempt of court for not producing items he said he didn't have. Eventually
he had to enter a plea agreement and serve an additional 5-year term.

------
sxates
Never?

If Jason Bourne is after you that's probably true. If you're worried about
border security, that's maybe true.

But for most people, the lock on their phone isn't protecting them from the
government, it's protecting them from nosy relatives, a pick pocket, or the
guy that finds the phone you left at the bar, or their 4 year old. None of
these 'attackers' will ever be sophisticated enough to defeat the biometric
protections on an iPhone.

I think people need to adjust their security policies to reflect the actual
security threats they're likely to face, and for most people Touch ID or
FaceID are more than adequate.

~~~
cstrat
The big thing about TouchID and FaceID is that they are great ways of
enforcing a higher level of security than nothing... Prior to these
technologies many people I knew did not bother having PINs or were using 1234
because remembering a complex PIN or having to type in something long is too
laborious.

~~~
roenxi
They are even less convenient for lending a phone to a friend or relative
though.

These features are change; not a straight improvement. They have different
pros and cons compared to a passcode.

~~~
ghaff
You can still use a password though with Touch ID.

------
tristanj
The issues raised in the article may explain why Apple just added the ability
to passcode-lock your device by pressing the power button 5 times.

Though people have been raising similar issues about biometric identification
for years. See this article from back when TouchID was released 2013, titled
_Fingerprints are Usernames, not Passwords_.
[http://blog.dustinkirkland.com/2013/10/fingerprints-are-
user...](http://blog.dustinkirkland.com/2013/10/fingerprints-are-user-names-
not.html)

~~~
kenjackson
Ehh... it's not the same as a username.

It's more like fingerprints are door locks. Any determined thief can get
around it. But it protects you from people who aren't really all that
determined. And for most people door locks are sufficient. But if you are a
major crime lord, protecting something extremely valuable, or just really into
security then door locks are not enough.

~~~
bodz
The "door lock" analogy ignores the biggest flaw with fingerprints: they're
forever.

If your door lock is compromised, you can change the key. If someone steals
your password, you can change the password. If someone steals your
fingerprint, you can never change your fingerprint (same with your face).

The other stuff is dead-on: its a "good enough" security measure for phones.
But as a security practitioner, the biggest problem IMO is that Apple using
TouchID and FaceID is giving the general public the wrong idea about security.
Apple claims that these innovations are "cutting edge" security, and so
consumers buy into this and then also use fingerprints to secure things like
their bank accounts, work logins, password vaults ( _this is a big one_ \-
someone steals your phone and you use your fingerprint to access your LastPass
account, which has all of your passwords in it? And your phone is also your
2FA device? You're screwed.) etc, where they really aren't "good enough" at
all.

I've worked at companies where we disabled fingerprint logins on certain
devices because highly sensitive info is held on those devices, and
fingerprints just aren't secure enough to protect them. Then we get yelled at
by people from the company because "Apple says fingerprints are the best for
security, why aren't you letting us use them?" It's a pain.

~~~
namelost
[https://www.xkcd.com/538/](https://www.xkcd.com/538/) applies.

Neither Touch ID nor passwords keep determined intruders out. If someone
really wants to know what's on your phone, they will arrest/kidnap you and
threaten you with prison/violence.

~~~
bodz
_No_ security is going to keep "determined" intruders out. But the point is
that you should still strive to achieve "good enough" security.

The problem is that while the actual ranking from least secure to most secure
is "nothing < touchid/faceid < passcode", Apple's marketing and implementation
gives people the false impression that its "nothing < passcode <
touchid/faceid", which is bad for security.

~~~
panopticon
I think "nothing < passcode < touchid/faceid" might be true for a startling
number of people. I've seen many people with ridiculously easy passcodes and
even funnier Android patterns (e.g., one of my colleagues uses his first
initial as his Android unlock pattern, and my mom uses her dog's name as her
passcode).

So Touch/FaceID isn't better than a good passcode, but maybe it's better than
a crappy passcode.

~~~
BenjiWiebe
I could be wrong, but doesn't a passcode actually encrypt the data (for sure
on password manager/banking/etc apps) whereas FaceID/TouchID/<insert biometric
here> doesn't? And what about hashing? AFAIK you can't really hash biometrics.

~~~
colejohnson66
With Touch ID and Face ID, you are required to have a passcode. What's the
point of Touch ID if it fails and doesn't have any other way into the phone?
As for hashing biometrics, Apple has the Secure Enclave which is for storing
the biometrics.

------
gregrata
I would personally like to have groups of things that can be unlocked - that I
can define

\- Nothing - essential what's on lock (weather, maybe news headlines) \- Face
- basic stuff - games, calculator, News apps \- Fingerprint - mail, calendar,
text message, browser \- Pass code - banking, settings

A one all seems backward - there are something things I don't want to protect
at all (don't care if someone can access) on one extreme, and things that MUST
be protected as much as possible on the other extreme.

I get leaking between apps is an issue, and there are other problems around
this - but this approach seems more reasonable

And yeah, for some users (my parents) they just want something simple and
don't want to deal with this. So face or fingerprint is a lot better than no
code, so this is still an improvement

~~~
KGIII
I am not sure why phones haven't been made with different profiles. Yesterday
(?), someone here mentioned they wanted to be able to give the (presumed) cops
a phone that was blank. I pointed out that was a horrible idea, but didn't
really explain why.

If it is a totalitarian regime, they'll just kill you. If you're ever really
in such a situation, a blank phone is probably the worst thing you can give
them.

Instead, why not a dummy profile that's complete with user activity, social
media presence, and showing active harmless use? Why not multiple profiles?

For the rest of us, those who are not spies traveling in totalitarian regimes,
what this means is you can hand someone your phone to let them use it. It
means you can let your kid use it and not expect to get it back with problems.
You can even make the profiles based on the password, so that it only appears
to have a single account.

Realistically, the biggest threat is theft. This doesn't hinder theft
protection at all. It can still have the same protections, while just offering
additional profiles.

~~~
daenney
> Instead, why not a dummy profile that's complete with user activity, social
> media presence, and showing active harmless use? Why not multiple profiles?

And where do you suppose this data will come from? Maintaining something of a
plausible and active social media presence is not without it's efforts, nor is
creating a profile that would stand up to some scrutiny.

If people aren't really looking it won't matter much, but if they are and
getting something that seems fake it might end getting you in much more
trouble.

~~~
KGIII
Presumably, if the person thinks it is an issue then they will make an effort
to create and maintain it. It'd not be much use for most of us, but it might
be invaluable to someone else.

------
rhinoceraptor
Obviously facial recognition and fingerprints aren't as good as a passcode.
But they're better than the previous alternative, nothing. Before
fingerprint/facial recognition, for the most part the only people who used a
passcode were forced to because it was a company phone.

~~~
craftyguy
Ideally there would be a way to use both, as a two-factor auth mechanism.
CopperheadOS supported using fingerprint + passphrase/code briefly but it
broke when they moved to Android 7 and they never could find the resources to
fix it.

~~~
colejohnson66
I see people saying Apple should allow fingerprint plus passcode, but I've yet
to hear someone explain how it would work if it can't read your fingerprint? A
longer passcode? Why not just use the longer passcode in the first place.

~~~
craftyguy
How does it work today if you just enable fingerprint authentication (I'm
asking because I don't know) ? Do you also have to set a backup passcode to
use in case it can't read your fingerprint? Can you register multiple
fingerprints in case you decide to put your main index finger too close to a
sanding belt?

~~~
colejohnson66
On iPhone, you can register multiple fingerprints, but if it can't read your
finger within 5(?) tries, it requires a passcode. It also allows you to skip
the fingerprint and just enter the passcode if you want. That's useful for
when you ask someone you trust to find something on your phone for you.

~~~
craftyguy
I see. So maybe a combination of fingerprint + shorter passcode to unlock, or
a long passphrase to bypass?

------
otterpro
I'd like to add a feature to the FaceID, requiring the user to wink instead of
looking with both eyes open, or have a customized facial gesture, which only
the user knows.

It adds an extra layer of security. Not only that, you get to wink at your
phone often as a sign of affection (LOL).

Instead of winks, one might choose to do other facial gestures such as stick
their tongue out, do a duck-face, etc.

~~~
dewey
And it’s defeated by someone just watching you unlock your phone in public
once.

~~~
el_benhameen
As is a passcode?

~~~
dewey
A passcode that you type in fast seems a bit harder to record than looking at
someone who winks at their phone

------
ben174
Op completely misses how _insecure_ a four digit pin is for prying eyes. If I
work in the same office as you, or share any space with you at all, I can
pretty much guarantee I can easily sneak a glimpse at your pin when you enter
it.

~~~
pmontra
Exactly, thieves can decide which phone to steal after seeing the PIN (think
about a bus or subway in a rush hour.) It's possible to get many pictures of
someone if you know who s/he is. It's hard to collect fingerprints, at least
for the average thief.

If you want to protect against police, whatever the reason, then PIN is ok
butbut be careful when entering it in public.

~~~
lugg
I feel like if they're determined enough the type of lock you use is
irrelevant.

The only reason I have a lock on my phone is so if I lose my phone somewhere
randoms can't access it.

If they're going to mug me for my phone they can mug me just as easily for my
passcode or my fingerprint.

I guess there is an argument for pick pockets but that's a lesser concern for
me. Anywhere it's likely to happen my hand is usually on my phone.

------
Jill_the_Pill
Oh, ha! In the winter when wearing gloves or if my hands are wet, I often
swipe my phone open or click to answer a call using the tip of my nose. Guess
that's not what this advice is about, though I was briefly happy to think
sufficiently many other people had this habit to warrant an cautionary
article.

------
excalibur
The author doesn't seem to understand the difference between an iris and a
retina, but he expects us to heed his advice on the topic of biometric
identification.

~~~
oostevo
Indeed.

For further clarity: The retina is the thin layer of cells at the back of your
eye that pick up light. The iris is the colorful ring on the front of your
eye.

A retina scan is thing most people wouldn't experience outside of an eye
doctor's office. It requires really close proximity with the scanner, and it's
very clear that's it's happening.

Phones, including the Galaxy 8 that the author of the article mentions, use
iris scanning.

------
floatingatoll
It's easier to watch people entering their PINs on overhead security camera
footage than it is to cheat their biometrics. Dedicated attackers have
simpler, more effective options than having to hack your biometrics.

Yes, your fingerprint and faceprint are irreplaceable. They're kept device-
local for more reasons than just Apple Pay. But make no mistake: It's simpler
to record you entering your PIN surreptitiously than it is to hack your
biometrics.

Are the attacks against it "likely" or "unlikely"? They're clearly aware of
the "photograph" and "Mission Impossible" scenarios, and demonstrated visible
proof of their time spent ensuring they're refused. If you're under directed
and specific attack, that's the best you can hope for from technology! It's
not _human_. It can't magically evolve defenses against humans with time,
patience, and hacking powers.

Devices are only safe when a human takes care of them. Your phone, your
computer, phone companies, credit bureaus. When you don't take care of
technology, someone will eventually exploit it, usually for greed.

Which is more likely:

Someone makes a cool mask device that can hack faceprint, and simultaneously
gets sued by Honda Robotics for violating one of their many, many patents on
lifelike robotic faces. They use it to hack you, and somehow materially impact
your life through hacking your device.

Or, someone hard-resets your phone while you aren't looking, videotapes you
entering your PIN confusedly, and then steals it.

A dedicated malicious attacker will always take the second path, because this
biometrics crap is useless when you can just get people to blindly enter their
PIN as if somehow it's safe to do so anywhere.

TL;DR: Enter your PIN in a bathroom stall, or it's on the security tapes of
the mall. If you do this, don't enable Touch ID or Face ID. Problem solved.

~~~
throwaway613834
How long does security footage last though? It takes only like 3 seconds to
type in a PIN so they'd need to keep enough frames to cover that (aside from
being lucky enough to have your phone visible to a camera) and I don't imagine
they keep full 30fps videos around for long. Do they?

------
hprotagonist
>And if you want really go all out, most phones — including iPhone — support 5
or even 6 digit passcodes.

iphone supports arbitrary-length alphanumeric passwords.

~~~
memco
If memory serves, you can actually set a longer numeric PIN and it will still
give you the number pad for longer, but quick to enter passwords. Alphanumeric
are obviously more secure but noticeably slower to enter and IMO it's nice
there's a middle ground.

~~~
hprotagonist
yes, this is true. My PIN is ~9 characters, digits only.

------
raides
The Surface Book has had facial recognition for almost two years now and it is
actually impressive. Short of a full latex mask that has padding to shape the
wearer's face it is pretty impossible to break into it. We did tests with iPad
pictures and depth options, straight camera prints and a 3d printed model.
None of it worked. It is also not easy to access latex custom latex masks.

I feel my only issue with FaceID is that when you are in handcuffs all it
takes is for the phone to be held in front of you. It will be interesting what
safety regulations are used to prevent illegal entry by police or captors.

~~~
BenjiWiebe
Maybe it permanently disables the phone if it recognizes you and you have your
eyes crossed? Or tongue stuck out? :)

------
extrapickles
Unlocking your phone with face/finger prints is for many people much better
than their 1234 pin.

As far as I understand, the face unlock follows the same rules as touch, where
<48hrs of no use requires the PIN/password, and the newly announced 5 tap the
power button to trigger the PIN/password requirement.

------
thresh
I don't understand why what's essentially a login (fingerprint, face, dna) is
considered a password. It simply isnt.

And I don't understand why I cant (on Android 7) combine fingerprint and then
PIN/Pattern to unlock my device. It's mind boggling and completely stupid.

~~~
metafunctor
Biometric data is not a username. Biometric data is also not a password.

Biometrics is biometrics. I like to think of it sitting between a continuum
between "username" and "password".

I might like a setting to require both a Touch ID (or Face ID) and a
passphrase to unlock my iPhone. However, Touch ID has flaked out enough times
for me (not accepting my fingerprints) that I probably wouldn't like to risk
it in practice.

~~~
sperling75
Biometrics is closer to a username.

~~~
lolsal
Why? I am not terribly upset if someone has my username, but I would be very
concerned if they had _reproducible_ biometrics of mine (fingerprints, facial,
etc).

~~~
SAI_Peregrinus
Usernames are fixed values and are generally public. Biometrics are also fixed
values and are generally only slightly less public. They're both identifiers.

Passwords can be changed and are secrets. They're authenticators.

The difference between them is exactly the difference between identifiers and
authenticators. Misunderstanding this difference causes tons of issues, in a
wide variety of situations. The most notable one recently is probably Social
Security Numbers being used as both, which leads to identity theft.

------
mkhalil
Sure, maybe a 8 digit random alphanumeric is better to protect against
government agencies but if you're trying to protect against friends/family/co-
workers it sounds like a win for the user. Besides, you can always press that
power button 5 times and boom, you've entered password only mode.

------
daveFNbuck
The suggested alternative is to use passcodes, but then there's no way to
unlock your phone without making the unlock code plainly visible.

~~~
crimsonalucard
I mean, it's less plainly visible then your face, or even pictures of your
face.

I bet you there's an algorithm somewhere that can take a picture of your face
and turn it into a 3d model. Then you can take that model, 3d print it, then
use it to unlock your phone.

~~~
derefr
I believe this was the exact attack they were talking about preventing with
the "we worked with Hollywood mask-makers" line.

Also, as far as I understand, the demo videos are misleading: these systems
(this and Windows Hello) are taking _infrared_ pictures of your face, not
visible-light pictures. From their perspective, you look like a (3D depth-
tested) network of hot capillaries. This is 1. rather hard to recreate with
any amount of sculpture-work, and 2. still identifies you "through" things
like foundation/concealer creams.

~~~
joshvm
A few years ago, Apple bought Primsense. Primsense made the sensor in the
original Kinect. They've now integrated this into their Face ID system, or at
least that's what the keynote suggests. It projects a known random dot pattern
and an ASIC does some image processing to figure out the depth in the image
(nice patent, by the way).

So they have two bits of info: the 3D reconstruction and an infrared image
with/without dots, they also have a colour image using the FaceTime camera. I
would be surprised if they didn't use more information than just the point
cloud. Biometric security at airports uses a similar system, you can see the
laser light when yo go through the e-Passport gates.

[https://techcrunch.com/2017/09/12/iphone-x-basically-has-
a-k...](https://techcrunch.com/2017/09/12/iphone-x-basically-has-a-kinect-on-
the-front-to-enable-faceid/)

------
joering2
Why you should never unlock your phone with your face...

... basically because in less than 3 months, you will see HN article of
someone posting some sort of 3-d photo of your face stuck to a watermelon, and
showing you how to fool the IOS and unlock your phone anyway.

------
w8rbt
___" And if you really want a random number, paste this into your browser’s
JavaScript console..."_ __

I would suggest rolling dice instead. The PIN that produced would be truly
random.

~~~
LyndsySimon
Especially since the script given will produce a pseudorandom number in the
range [1000, 9999].

------
otterpro
That's why I use both types of authentication / identification, and having
more than 1 option is a good thing.

When in a situation where there are higher risk, such as going through certain
airports or borders, or in a situation where confiscation of phones are high,
just disable biometric authentication temporarily and use pin/password.

But in normal situation, where risks are low, re-enable the biometrics, for
convenience. I like the ease and convenience of using phone this way when I'm
at home or at work.

------
betadreamer
I agree but keep in mind that this same principal applies to TouchID, which is
what FaceID is replacing. FaceID is so much better than TouchID in so many
aspects. Less false positives, it works even if your fingers are wet, and it's
a natural behavior to look at the screen.

Both TouchID and FaceID is trying to protect from complete stranger. I know
that with FaceID (if it does exactly what the video suggests) it will be a
harder challenge to unlock.

------
shawnz
The author suggests tiers of security, where the biometrics would only unlock
the first tier. Isn't that how it already works? If I'm not mistaken, certain
operations like changing the Touch ID fingerprint or passcode require you to
enter the passcode first. And changing the iCloud information requires the
iCloud credentials. Isn't that exactly what the author is asking for?

------
BenjiWiebe
I use face unlocking (just the builtin(?) Android one) and I am well aware
that it isn't secure. I use it because I'd rather have an insecure way of
locking my phone, then no way of locking my phone. I try not to keep to
important of info on my phone, and also I need my phone a lot when it isn't
safe/easy to unlock it, and just pointing it at my face is pretty simple.

------
cbanek
With all this talk about the 5th amendment and pictures fooling devices, I'm
reminded of this classic scene from the 5th element:

[https://www.youtube.com/watch?v=nah_3vO0uhM](https://www.youtube.com/watch?v=nah_3vO0uhM)

"That's a very nice hat."

------
Jyaif
I don't know what's up with his sample JS, a simple "Math.floor(Math.random()
* 9999)" would be better.

~~~
blahedo
I wondered the same thing, but this guarantees not starting with a 0, which I
could imagine breaking some people's idea of what a passcode should look like.

------
blaincate
Just Realized : Face recognition unlock : Biggest Security Scare

\- Case 1 : Imagine crossing security check or border crossing. Guards just
take your phone and point it to you : UNLOCKED . No need to resis to give
passwd

\- Case 2 : drug the activist and point unconscious victim ! Voila !

\- Case 3 : Steal the phone, and change the cover and flash it in front of the
real owner !

could go on and on ...

~~~
djrogers
Case 1 and 2 are covered with FaceID - you have to be actively looking at the
phone, drugged/eyes closed/looking away/etc. won't cut it.

~~~
DaiPlusPlus
Case 1: "Look at the phone straight-ahead with your eyes or we'll beat you
with the rubber-hose again"

Case 2: Hold open the eyelids with tape. Even if the eyes have rolled-back in
their sockets they can be re-positioned with some manual adjustment enough to
get the system to work.

~~~
billhathaway
Isn't Case 1 an attack on every possible method?

------
Geee
Biometric identification works just fine. That's what we use every day between
people to identify each other. Machines aren't just very good at it, yet, but
Face ID is a step in the right direction.

------
hartator
> Let’s take a step back and consider the ultimate biometric identifier of you
> as a person: your DNA.

It's not. DNA is exactly the same for identical twins, whereas their iris,
faces and fingerprints are different.

------
sullyj3
> Today Apple announced its new FaceID technology. It’s a new way to unlock
> your phone through facial recognition.

This line makes it sound like android hasn't had this feature for years.

~~~
coldcode
I have yet to see a single Android phone where this actually functions
correctly. We will see if Apple did a better job. It's not who is first, it's
who makes something that works reliably.

~~~
Jonnax
Samsung's S8 has an iris scanner that works surprisingly well.

But I've noticed that it works well on some people and total trash on others.

~~~
sumedh
Did you check the video in that article, the S8 scanner can be easily fooled.

------
synicalx
Moral of the story, people are bad so don't store anything sensitive on a tiny
little device that can be easily taken from you and broken into 100 different
ways.

If you insist on storing your leaked NSA documents or whatever on your phone,
then you just have to accept that you're exposing yourself to a lot more risk
(real or imagined) than you would have if you didn't store that stuff on your
phone.

------
sperling75
What percent of ios users never create a passcode / pin ? I'm just thinking
that if face id is defaulted on it would be better than the crowd that never
create a pin. I agree it is better to have a pin enabled than faceid and even
better both.

~~~
_sgianelli
I think I remember them saying 50% back when TouchID was announced

------
Overtonwindow
And people wonder why I don't put pictures of myself on the Internet.

------
ridgeguy
Perhaps Apple could add gestures to the facial unlock. Example: If I raise my
left eyebrow twice in rapid succession, my iPhone would enter passcode-only
unlock mode, or do a factory reset, etc.

------
code_duck
The Apple copy about this says it all... 'Your face is now your password'.

Since I definitely wouldn't wear my password around all the time in public,
that sounds like a bad idea.

------
ars
I don't require any password on my phone. The only reason I put a fingerprint
on it is to prevent pocket dials. And even with that, it sometimes almost
seems to dial 911 by mistake.

All I need is a way for the screen to ignore input (when it turns itself on)
unless I activate it with the power button.

Are there really that many people who truly need very high security on their
phones?

Seems to me most people just want to deter casual snooping.

Personally I would rather that any app that has high security requirements
would secure itself and not require that the entire phone be secured.

~~~
dewey
If you have email set up on your phone and someone steals your phone without a
passcode it’s pretty much game over for all your online accounts. Also defeats
two factor auth in case you have that on your phone.

Also a lot of services let you reset your password via SMS etc.

~~~
ars
For SMS all you have to do is put the SIM card in a different phone, locking
your phone does not help.

The only accounts you can change the password with a simple email are low
security accounts without much of worth to steal.

I'm sure there are people with more stringent security needs, but most people
just need to deter casual snooping and don't need to stop hackers.

I personally do not like having the same security on everything. I find that
detrimental. I think phone makers should do a better job of having multiple
tiers of security.

~~~
0x0
You can set a separate pin code on the SIM and if everything works as
designed, the SIM should be useless without the PIN after losing power.

------
mcms
IMO, the real benefit of biometric identification against passwords is that
nobody can spy you while you are unlocking your phone.

------
thought_alarm
This is actually an excellent article on why you should never trust any
software produced by Samsung.

Beyond that, it's pathetic click-bait.

------
asafira
I feel bad for those that run this person's random digits code and gets one of
the numbers in his table.

------
mcms
Never trust an article that tells you to paste something somewhere (specially
a console)

------
nsxwolf
How about a "lock my phone" facial expression?

------
wentoodeep
Can't wait for a guide, first things to do on your first boot. 1) Turn Off
Face Unlock, this feature consume memories and stores large training data for
your face and also will drain your battery.

~~~
linopolus
Not exactly correct, as this data is stored in the separate secure enclave,
just like with TouchID today.

------
hoodoof
It's such an obviously bad idea, strange to see Apple put it in.

------
nsthorat
"Historically it was unsafe to fly in an airplane so you shouldn't now"

~~~
lugg
What's changed?

------
thinbeige
A good thought. Just think you get robbed. The robbers can get the phone
easily unlocked withoout even asking you.

~~~
kenjackson
If the robbers can make me look a the phone, if they ask me, I'm going to give
them my pin anyways. Its not like I'm planning on resisting giving my pin out
to a robber.

