Hacker Newsnew | comments | show | ask | jobs | submit login

An ideology of "Its good enough to thwart 99.9% of the population, therefore its good enough for me." is a very harmful ideology to have when it comes to security because you do nothing to deter mass adoption of the insecure technology.

While an individual person might not be at that great of risk because the amount of crackers willing to exploit touchID is limited to a minute demographic of people, the real harm comes when many iphone owners who share your ideology start using touchID instead of the more secure locking features their phones provide just because its more convenient.

Consider what happens when there are 100,000,000 million insecure phones out in the world. To a motivated cracker/spy/terrorist this is a huge ocean of potential suckers/victims vulnerable to exploitation. While most of these people aren't worth targeting, 1000-10,000 people might be.

This is why rejecting broken security technology is a cause everybody should rally behind. Even if you are never a victim of a black hat, you may very well suffer indirect consequences from the exploitation of somebody else.




Does this go for the locks on your front door as well? As in "nobody should have front door locks that aren't 100% secure even against eg. terrorists"?

-----


If such a lock existed (it doesn't, AFAIK), I would certainly want it on my door. I would still seriously consider it even if it was dramatically more expensive than a regular lock. Just because there are trade offs in security doesn't mean that anyone should be content with the state of the art and not push for improvements, or push against regressions. I'm not sure myself, but people see TouchID as a regression.

-----




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: