
LAPD Warrant Lets Cops Open Apple iPhone with Owner's Fingerprints - jackgavigan
http://www.forbes.com/sites/thomasbrewster/2016/03/31/warrant-apple-iphone-fingerprints-hack-los-angeles/
======
spacemanmatt
From a security-analyst perspective, using the owner's fingerprints adversely
was fairly anticipated.

~~~
gruez
This. The supreme court ruled that access to one's fingerprints do not require
a warrant

------
tehwebguy
If you feel for some reason that you may need to disable Touch ID it is only a
few taps:

Home -> Settings -> Touch ID -> Set iPhone Unlock to Off

Also, turning the phone off will do the same trick as Touch ID cannot unlock
your phone directly after restarting (I mean, assuming there are no lock
screen zero-days like the ones that have surfaced in the past)

~~~
christianmann
Phone is encrypted with the Secure Enclave -> that password is absolutely
required to decrypt, if the phone has been turned off.

Edit: Failing any cold-boot attacks etc.

------
edwhitesell
Fingerprints are a form of identification, not a password.

~~~
cyphax
Isn't a password also a form of identification? The idea is that only _you_
know what to type, much the same as only you have those fingerprints
(otherwise it'd be pointless).

I think maybe we shouldn't look at it as much in terms of what it is -- a
fingerprint, or a string of characters -- but the role it fulfills: unlocking
something. We just can't extract your password from your brain or it'd
probably be treated the same as a fingerprint... right?

~~~
spacemanmatt
You're hitting at the difference between identification and authentication. We
use tokens/passwords/etc for authentication of a public ID. I feel like one's
fingerprint is pretty commonly used as an identifier, so using it for a
password (heck, engineering it into your system in the first place) is
terrible.

