Hacker News new | comments | show | ask | jobs | submit login

Acquiring a high-DPI scan of a fingerprint from someone's phone, printing it to a sheet of plastic with a high-DPI laser printer, then making a copy of the print out of liquid latex doesn't sound easy unless you're in the business of pentesting. Taking a picture of someone (or lifting it from a social network) to access their device does sound relatively easy.

If I was the kind of person who was worried about someone accessing the contents of my phone, I'd simply turn off touch ID and use a long password (or spend less money on a phone that didn't have a feature I wouldn't use).

I've gone down the route of using both a long password and touch ID simply because touch ID works so reliably - I've never had to enter my password. That way someone either needs my long password or a physical copy of my fingerprint to access my device. I'd say that's much better than the 4 digit numerical code I relied on previously - which had been seen by friends and family.

See the problem here is that a compromised fingerprint betrays more resources than the system it was meant to protect.

Your iPhone has a picture of your fingerprint inside of it now. It's just a picture, and it's likely a very good picture at that.

What happens when I swipe your phone for a second or two, plug it into my machine, and download the high-resolution picture of your fingerprint?

Do you use a fingerprint lock at home? If so, I've just broken into your home.

Do you use a fingerprint lock for the datacenter you administer? I've just gained access.

Do you own a registered gun? How'd you like me to commit a murder with your fingerprint on it?

This kind of attack is the missing piece of my argument. When someone figures out how to do this, these issues are going to become very important very quickly.

Let's suppose that Apple introduces a feature that syncs your fingerprint across many devices. How convenient, right? Let's say that means keeping all of your fingerprints on Apple servers. Let's now suppose that, like a credit card database, an attacker is able to obtain a leaked copy of the fingerprint database of every iPhone user. The recent touchid hack shows that fingerprints can be spoofed for high-end scanners. What then?

Sure, this scenario is very unlikely. I'm totally in slippery-slope land here.

But when we choose to turn up the dial on convenience to sacrifice more security, we must be prudent, carefully considering the consequences of our intentional ignorance.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact