Sponsor Message:
Non Aviation Forum
My Starred Topics | Profile | New Topic | Forum Index | Help | Search 
New IPhone To Be Announced 10th Sept.Cheaper Model  
User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Posted (11 months 4 weeks 13 hours ago) and read 5799 times:

So its new iPhone time again. Reports are of a upgraded iPhone 5 called 5S and a lower budget model called the 5C. Apple need to compete with the many good and cheaper companies and appeal more to people in China and India.

New additions are said to be ''Finger print'' security and a better camera.

Apple iPhone 5S and iPhone 5C landing in UK on 20 September

http://www.itproportal.com/2013/09/0...-5c-landing-in-uk-on-20-september/

177 replies: All unread, showing first 25:
 
User currently offlinea321luke From United States of America, joined Aug 2013, 125 posts, RR: 0
Reply 1, posted (11 months 4 weeks 13 hours ago) and read 5791 times:

I'm patiently awaiting the 5S myself. I felt that the original 5 just wasn't enough to get me to upgrade.

Of course, I'm still using my BlackBerry Bold 9650, so Apple needs to hurry it up.  

Who here plans to get the 5S or 5C?



Planes, Trains, and Cars... Heaven :)
User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Reply 2, posted (11 months 4 weeks 13 hours ago) and read 5780 times:

Quoting a321luke (Reply 1):
I'm patiently awaiting the 5S myself. I felt that the original 5 just wasn't enough to get me to upgrade.

Thats actually my dilemma this time around. Im very happy with my iPhone 5 and I had the 4/4S. Until I see all the specs I am not making a decision. The cheaper 5C model is out of the question for me as its aimed for the intro market it seems. I would have to be getting a whole lot of new features that I actually needed to bite this time around. Mind you I said that with the 5  

I am already running IOS7 for the last few months and love it so that wont be a new feature for me. The big thing for me is battery life.


User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 3, posted (11 months 4 weeks 11 hours ago) and read 5736 times:

My 4S will most likely stay in use – it will get iOS 7 anyway (and possibly iOS 8 after that) and neither higher performance nor larger capacity (now likely up to 128GB in the 5S) are of major interest to me right now. And I very much like the steel-and-glass hardware of the 4S.

The rumoured fingerprint sensor may be an aid and motivation to upgrade security for people who did not bother with a passcode at all thus far, but an actual passcode is still quite a bit more secure than a key you keep disseminating copies of on every door handle and on every drinking glass.

Biometric keys are low-grade, but relatively high-convenience security. A passcode is lower-convenience but higher-grade security which is closer to my preference. And it doesn't need any additional sensor support.


User currently offlinescbriml From United Kingdom, joined Jul 2003, 12496 posts, RR: 46
Reply 4, posted (11 months 4 weeks 11 hours ago) and read 5717 times:
Support Airliners.net - become a First Class Member!

Quoting Klaus (Reply 3):
The rumoured fingerprint sensor may be an aid and motivation to upgrade security for people who did not bother with a passcode at all thus far, but an actual passcode is still quite a bit more secure than a key you keep disseminating copies of on every door handle and on every drinking glass.

Seriously, for someone who really wants to get into your phone, dealing with a PIN is easier than trying to lift fingerprints.



Time flies like an arrow, but fruit flies like a banana!
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 5, posted (11 months 4 weeks 11 hours ago) and read 5717 times:

Quoting scbriml (Reply 4):
Seriously, for someone who really wants to get into your phone, dealing with a PIN is easier than trying to lift fingerprints.

iOS supports arbitrary passcodes, not just 4-digit PINs. And even then an attacker needs to find the right PIN out of the 10000 possible ones within 10 tries before the device auto-erases its hardware-encrypted data. With a decent arbitrary passcode the chances shrink to a completely negligible quantity.

Even desoldering the flash chip won't help because the data is encrypted even there (with an individual, random key irrecoverably buried within the main processor).

This is not quite as easy as it may look at first glance.

By comparison, fingerprints can even be recovered from the device itself – and it's mainly a question of the sensitivity setting (again security vs. convenience) whether those recovered fingerprints can be used to gain access to the data for a determined thief.

[Edited 2013-09-05 05:14:05]

User currently offlinevirginblue4 From United Kingdom, joined Jun 2008, 902 posts, RR: 0
Reply 6, posted (11 months 4 weeks 10 hours ago) and read 5706 times:

I will be upgrading to the iPhone 5S, I may possibly go for the champagne option, not too sure yet. I'll be upgrading from an iPhone 5.


The amazing tale of flight.
User currently offlineBestWestern From Hong Kong, joined Sep 2000, 7122 posts, RR: 57
Reply 7, posted (11 months 4 weeks 7 hours ago) and read 5630 times:

I moved from Apple to the Samsung Galaxy IV, and have not regretted the move.


The world is really getting smaller these days
User currently offlineDocLightning From United States of America, joined Nov 2005, 19568 posts, RR: 58
Reply 8, posted (11 months 4 weeks 6 hours ago) and read 5605 times:

I'll be upgrading mostly because my iPhone 5 is out of memory and if I'm going to buy a new phone, then I might as well get the latest model.

User currently offlineKaphias From United States of America, joined Nov 2010, 301 posts, RR: 0
Reply 9, posted (11 months 4 weeks 6 hours ago) and read 5597 times:

Still running an iPhone 4 here. Works fine, no issues, just a little slow. I'm planning to hold out for the iPhone 6, as I don't really have the need for any of the new features on the 5S. Hoping that the 6 will be a bigger breakthrough... if not, I'll be getting one regardless.


Flown on: C150, C172, C206, Beaver, Otter, Jetstream 32, Q400, CRJ7/9, E135/40/45, A320, B732/4/7/8/9, B744, B752, B763
User currently offlinevirginblue4 From United Kingdom, joined Jun 2008, 902 posts, RR: 0
Reply 10, posted (11 months 4 weeks 5 hours ago) and read 5569 times:

Quoting BestWestern (Reply 7):

I never understand why people do this? That contributed absolutely nothing to this thread.

Anyway, looking forward to the keynote on Tuesday  



The amazing tale of flight.
User currently offlineLuftfahrer From Germany, joined Mar 2009, 1013 posts, RR: 2
Reply 11, posted (11 months 3 weeks 6 days 21 hours ago) and read 5492 times:

Quoting Klaus (Reply 3):
Biometric keys are low-grade, but relatively high-convenience security. A passcode is lower-convenience but higher-grade security which is closer to my preference. And it doesn't need any additional sensor support.

How about both passcode and finger print?  



Et là tu montes encore plus haut et ça persiste, alors on vole
User currently offlinerwy04lga From United States of America, joined Jul 2005, 3176 posts, RR: 8
Reply 12, posted (11 months 3 weeks 6 days 21 hours ago) and read 5491 times:

Quoting Kaphias (Reply 9):
Still running an iPhone 4 here. Works fine, no issues, just a little slow. I'm planning to hold out for the iPhone 6, as I don't really have the need for any of the new features on the 5S. Hoping that the 6 will be a bigger breakthrough... if not, I'll be getting one regardless.

Ditto....It's as if he spoke for me.

Quoting virginblue4 (Reply 10):
I never understand why people do this? That contributed absolutely nothing to this thread.

And yours contributed even LESS!!!



Just accept that some days, you're the pigeon, and other days the statue
User currently offlineJetsgo From United States of America, joined Jul 2003, 3083 posts, RR: 5
Reply 13, posted (11 months 3 weeks 6 days 20 hours ago) and read 5458 times:

I plan to contribute the least by pointing out how comical it is to watch people claiming they will wait in line for a product they know nothing about and are already considering colors they again know nothing about.

Carry on.   



Marine Corps Aviation, The Last To Let You Down!
User currently offlineAirstud From United States of America, joined Nov 2000, 2656 posts, RR: 3
Reply 14, posted (11 months 3 weeks 6 days 19 hours ago) and read 5449 times:

Me, I'm sticking with my Palm VIIx

  



Pancakes are delicious.
User currently offlineHomSar From United States of America, joined Jan 2010, 1176 posts, RR: 0
Reply 15, posted (11 months 3 weeks 6 days 18 hours ago) and read 5433 times:

I'm not going to be camping out in front of the Apple store, but I decided a while ago that I was going to switch to iPhone for my next phone, so I've just been holding off for a while. My biggest hope is that they have a 128 GB model. I have a several year old iPod touch (first one that was available at 64GB), and it's basically full. If they offer a 128 GB iPhone, I'll get that to replace both my old Android and my iPod.


I was raised by a cup of coffee.
User currently offlineMIAspotter From Spain, joined Nov 2001, 2758 posts, RR: 25
Reply 16, posted (11 months 3 weeks 6 days 14 hours ago) and read 5393 times:

I will wait and see what the new iPhone offers, then I´ll make a decision, I have a 32GB 4S and I am quite happy with it, and once iOS7 is released it will give it a refresh.

If it´s worth it, then I will buy it come december so I can give it a few months to settle and see what people think of it.

Will there be new iPads announced as well? iPad Mini is due for a refresh and so is the current iPad 4.

MIAspotter.



I think, therefore I don´t fly Ryanair.
User currently offlinevirginblue4 From United Kingdom, joined Jun 2008, 902 posts, RR: 0
Reply 17, posted (11 months 3 weeks 6 days 10 hours ago) and read 5363 times:

Quoting rwy04lga (Reply 12):

The difference being, I had already contributed to the thread in my previous post. He came in and posted something unrelated to the thread.



The amazing tale of flight.
User currently offlinevirginblue4 From United Kingdom, joined Jun 2008, 902 posts, RR: 0
Reply 18, posted (11 months 3 weeks 6 days 10 hours ago) and read 5361 times:

Quoting Jetsgo (Reply 13):

There have been plenty of leaks so a lot is know actually. Leaks of the champagne / gold model have already been shown, so I know exactly what it will look like.



The amazing tale of flight.
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 19, posted (11 months 3 weeks 6 days 5 hours ago) and read 5306 times:

Quoting Luftfahrer (Reply 11):
How about both passcode and finger print?

That would work, but it would not have really better security than a slightly longer passcode anyway but you'd have at least occasional rejection even with the proper passcode. I personally would not see a significant gain in that either.

It's primarily for people who wouldn't bother with a passcode at all. For them it may provide some low- to medium-grade data security vs. none at all.

Quoting HomSar (Reply 15):
My biggest hope is that they have a 128 GB model.

That seems to be a plausible option.


User currently offlineBraniff747SP From United States of America, joined Oct 2008, 2972 posts, RR: 1
Reply 20, posted (11 months 3 weeks 5 days 23 hours ago) and read 5235 times:

Quoting HomSar (Reply 15):
128 GB model

Leaks indicate that this would be very possible on the next iteration of the iPhone.



The 747 will always be the TRUE queen of the skies!
User currently offlineDocLightning From United States of America, joined Nov 2005, 19568 posts, RR: 58
Reply 21, posted (11 months 3 weeks 5 days 21 hours ago) and read 5217 times:

Quoting Klaus (Reply 3):
The rumoured fingerprint sensor may be an aid and motivation to upgrade security for people who did not bother with a passcode at all thus far, but an actual passcode is still quite a bit more secure than a key you keep disseminating copies of on every door handle and on every drinking glass.

We use fingerprint readers at work and it's not as insecure as you think. They're much better than passwords. They make us change our passwords every three months and we can't use any of the last five passwords. I keep forgetting them!

Presumably, Apple would use a capacitance scanner similar to the ones we have at work. Those combine a capacitance scanner (which works on touch) with a thermal and pulse sensor, so a mold or my dismembered finger can't be used. This is required security for HIPAA, so the requirements are very stringent indeed.

Unlike passwords, you can't forget or lose your fingerprints (well, if you do, you have bigger problems). The big vulnerability is that if someone really wanted to, they could collect your fingerprints somehow, create a thin wearable glove with your fingerprints molded on, and then fake out the scanners we have at work. So a fingerprint scanner would not be good sole choice of security for, say, Fort Knox. But for most routine secure operations, it is usually sufficient.

But leaving such extreme measures aside, it is not your fingerprint that unlocks such a device, it is your finger. And fingers are hard to steal, and frankly, if someone does that, you have bigger problems than your phone.  


User currently onlineRyanairGuru From Australia, joined Oct 2006, 5449 posts, RR: 5
Reply 22, posted (11 months 3 weeks 5 days 20 hours ago) and read 5203 times:

Quoting Kaphias (Reply 9):
Still running an iPhone 4 here. Works fine, no issues, just a little slow. I'm planning to hold out for the iPhone 6

  

Me too. Presuming that my 4S lasts that long, I have decided to skip a generation and go straight to the 6. It's working fine right now, so fingers crossed.



Worked Hard, Flew Right
User currently offlineFlyboyOz From Australia, joined Nov 2000, 1985 posts, RR: 25
Reply 23, posted (11 months 3 weeks 5 days 20 hours ago) and read 5192 times:

Quoting DocLightning (Reply 8):

I'll be upgrading mostly because my iPhone 5 is out of memory and if I'm going to buy a new phone, then I might as well get the latest model.

lol... then take some of your apps in ipad... no need to buy another phones!! Maybe you have got too many photos of the planes!!



The Spirit of AustraliAN - Longreach
User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 24, posted (11 months 3 weeks 5 days 19 hours ago) and read 5189 times:

The ideas some people have about security never stops to amaze me. Apparently it is easier to find someones fingerprint and create a usable replica than it is to read the pin code someone is entering. I know an eight year old kid who has access to every phone around him and he has not lifted a single fingerprint...

User currently offlineBestWestern From Hong Kong, joined Sep 2000, 7122 posts, RR: 57
Reply 25, posted (11 months 3 weeks 5 days 16 hours ago) and read 5221 times:

My IBM thinkpad laptop 10 years ago had fingerprint access.

I presume the technology has improved since then.



The world is really getting smaller these days
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 26, posted (11 months 3 weeks 5 days 12 hours ago) and read 5192 times:

Quoting DocLightning (Reply 21):
We use fingerprint readers at work and it's not as insecure as you think.

How much actual penetration testing has been done with those? I remain sceptical, particularly on a low-power, ultra-compact mobile device.

Quoting cmf (Reply 24):
The ideas some people have about security never stops to amaze me. Apparently it is easier to find someones fingerprint and create a usable replica than it is to read the pin code someone is entering. I know an eight year old kid who has access to every phone around him and he has not lifted a single fingerprint...

How do you "read" my passcode? I take care to not have the display side exposed to anyone when I enter it. Changing the passcode also makes that a bit impractical. My fingerprints would be a lot easier to come by. Whether I want to or not, I leave them on smooth surfaces everywhere. And as noted above, I can't change them (practically).


User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 27, posted (11 months 3 weeks 5 days 7 hours ago) and read 5181 times:

Quoting Klaus (Reply 26):
How do you "read" my passcode? I take care to not have the display side exposed to anyone when I enter it. Changing the passcode also makes that a bit impractical. My fingerprints would be a lot easier to come by. Whether I want to or not, I leave them on smooth surfaces everywhere. And as noted above, I can't change them (practically).

I'm glad you're perfect. Certainly not representative of how most people enter pin codes.

Suggest that you continue using your perfect pin code but let the rest of the world take a step up by using fingerprints instead of no pin code or easily read pin codes.


User currently offlineRevelation From United States of America, joined Feb 2005, 12450 posts, RR: 25
Reply 28, posted (11 months 3 weeks 5 days 6 hours ago) and read 5156 times:

Quoting HomSar (Reply 15):
I'm not going to be camping out in front of the Apple store, but I decided a while ago that I was going to switch to iPhone for my next phone, so I've just been holding off for a while. My biggest hope is that they have a 128 GB model. I have a several year old iPod touch (first one that was available at 64GB), and it's basically full. If they offer a 128 GB iPhone, I'll get that to replace both my old Android and my iPod.

Interesting. My music collection alone is around 32gb, and so on my last phone I went with an 8GB Galaxy S3 plus a 64 GB microSD card. I'm thinking having a 64GB choice as a standard next time would work fine for me, and if there is a 128GB choice it'll only help to push down the price of a 64GB choice.

Quoting DocLightning (Reply 21):
Unlike passwords, you can't forget or lose your fingerprints (well, if you do, you have bigger problems). The big vulnerability is that if someone really wanted to, they could collect your fingerprints somehow, create a thin wearable glove with your fingerprints molded on, and then fake out the scanners we have at work.

Doesn't seem that hard to do, given that 3d printer technology is out there. The benefit is it can be done without your knowledge and a lot quicker than iterating through 10,000 numbers. If the target is valuable enough it could be funded pretty easily. For instance, how much money would a tabloid have given to have medical info about the recent 'royal' baby?



Inspiration, move me brightly!
User currently offlinewillzzz88 From United States of America, joined May 2011, 150 posts, RR: 0
Reply 29, posted (11 months 3 weeks 5 days 6 hours ago) and read 5151 times:

HUGEly looking forward to it. Right now I use a VZW Samsung Android that's CDMA only (not a world phone) and has battery life problems. As I plan to travel internationally I need GSM and the iPhone fits the bill nicely. I'm also deciding between that and the new Android Motorola RAZR Maxx (48 hours battery life, highest mAH). My current phone literally dies with 3/4 to 1 day usage and that's WITH LTE disabled. I also need a better camera. Oh and on the VZW global phones, the GSM portion is unlocked out of the box (so I can swap SIM'es, even a US SIM if I wanted!).

User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 30, posted (11 months 3 weeks 5 days 3 hours ago) and read 5130 times:

Quoting cmf (Reply 27):
I'm glad you're perfect. Certainly not representative of how most people enter pin codes.

I'm nowhere near "perfect". Just cautious.

Quoting cmf (Reply 27):
Suggest that you continue using your perfect pin code but let the rest of the world take a step up by using fingerprints instead of no pin code or easily read pin codes.

It can be better than no security at all, but that's not saying much. Particularly since pretty good security is so easy to get.

Quoting Revelation (Reply 28):
Doesn't seem that hard to do, given that 3d printer technology is out there. The benefit is it can be done without your knowledge and a lot quicker than iterating through 10,000 numbers.

When the device erases itself after 10 unsuccessful attempts, that's not even a real option.


User currently offlinesia747megatop From Singapore, joined Apr 2012, 295 posts, RR: 0
Reply 31, posted (11 months 3 weeks 5 days 3 hours ago) and read 5120 times:

Apple isn't just selling a standalone product with the iPhone, it's part of an Apple ecosystem. People that need to upgrade their phone and want to stay part of the Apple ecosystem won't have much choice which is why they are already lining up to purchase the new product.

I LOVE the new Blackberry Z10 and Q10 a heck of a lot more than I like my iPhone 5 but I will never buy either of the BBs because they aren't part of the ecosystem, I currently own a 2013 Macbook Air, iPad 2 and iPhone and everything runs so smoothly, I don't want to leave/alter the current ecosystem between media/document sharing and device syncing.

I'm not an Apple fanboy, if another company offered such an idiot-proof and convenient way of providing an ecosystem along with consistently top notch products I would have jumped on that wagon. I love Dell's laptops, I've owned a few in the past and others in my family own them as well and love them.



That's Mr. Bovine Joni to you.
User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 32, posted (11 months 3 weeks 5 days 1 hour ago) and read 5083 times:

Quoting Klaus (Reply 30):
It can be better than no security at all, but that's not saying much. Particularly since pretty good security is so easy to get.

No, it is much better than the poor security you propose because it is practical. Reality is that pin codes are poor because a) people find them too tedious and thus don't use them or b) enter them so other people easily can see them. (Of course I'm talking about how most people do it. Not people who always cover the screen with one hand while entering the pin with the other)

Reality is that lifting a fingerprint and making a good enough copy to fool a reader is a much more complicated task than lifting a pin code. Again, considering real life and not theoretical life.

This is in the same category as requiring password changes every month, quarter, or whatever and then have people write down their passwords next to the computer. Better to let them have a password they remember and only force a change if the system has been compromised.

Sadly too many security experts are so concerned about that once in a billion situation instead of the everyday situation that they create very unsecure systems.

The real problem with biometric security is when the system fails and no-one remembers the password backup because it hasn't been used in the last 2 - 3 years.

[Edited 2013-09-07 16:03:01]

User currently offlinecasinterest From United States of America, joined Feb 2005, 4588 posts, RR: 2
Reply 33, posted (11 months 3 weeks 4 days 22 hours ago) and read 5032 times:

I think the big things we will see on Tuesday are in order of probability
1. Iphone 5s and 5c
2. Ipad mini with Retina display
3. Ipad refresh
4. Radio Agrreement for iTunes
5. Apple TV refresh
6. Emphasis on Gaming center. Controlling Apple TV and perhaps an App with the Iphone/Ipad with a gaming cover with sticks and buttons ( I base this off the colors in the invite and the fact that they use the same colors on the game center in their ios 7 Gamecenter app)
7 More content for the Apple TV.



Older than I just was ,and younger than I will soo be.
User currently offlinerwy04lga From United States of America, joined Jul 2005, 3176 posts, RR: 8
Reply 34, posted (11 months 3 weeks 4 days 21 hours ago) and read 5021 times:

Quoting Klaus (Reply 30):
When the device erases itself after 10 unsuccessful attempts, that's not even a real option.

The problem with that is someone could possibly erase all of your info on purpose. A rival, an angry girlfriend, a mean older brother....any of those people could easily ruin your day.



Just accept that some days, you're the pigeon, and other days the statue
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 35, posted (11 months 3 weeks 4 days 20 hours ago) and read 5019 times:

Quoting cmf (Reply 32):
No, it is much better than the poor security you propose because it is practical.

So is a passcode. If you don't have any data worth protecting with a passcode, a fingerprint sensor can still provide a little protection even so, but it's really just the lowest-level protection there is, not least because to be really convenient it must be calibrated towards false positives rather than false negatives.

I expect the first "fingerprint crack" within the week.

Quoting rwy04lga (Reply 34):
The problem with that is someone could possibly erase all of your info on purpose. A rival, an angry girlfriend, a mean older brother....any of those people could easily ruin your day.

Not really. I'd put it in the dock and when it would be charged again, it would also have its last backup (from when it was charged the last time) restored and be exactly identical to the state before, without any manual work to be done and with all apps, settings and data present and up to date as expected.

Apart from a saboteur having to get my iPhone in his/her grubby paws in the first place. Which would be quite difficult to begin with.


User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 36, posted (11 months 3 weeks 4 days 18 hours ago) and read 4999 times:

Quoting Klaus (Reply 35):
So is a passcode.

You think so and I think it is easy enough. But, a good portion of the world doesn't think so. Claiming it is simple doesn't change the fact they don't agree. That is reality.

Quoting Klaus (Reply 35):
If you don't have any data worth protecting with a passcode

What phone out there are not worth protecting? The only I can think of are the phone that are receive only calls or those only able to dial preset numbers. Looking forward to see what you come up with.

Quoting Klaus (Reply 35):
a fingerprint sensor can still provide a little protection

Where do you get this idea from? Fingerprints provide plenty of protection for the situations we are looking at. We are not talking about national security. But if we were then biometric would provide much better security than a pin code. Of cource the scanner would be on a different level than the cheap fingerprint scanners we see on computers today.

Quoting Klaus (Reply 35):
not least because to be really convenient it must be calibrated towards false positives rather than false negatives.

Again, this shows you don't understand what we are trying to protect. This is for opportunistic situation. It isn't for the situation where someone is prepared to find your fingerprint. Go home and create a usable replica and then make sure they get your phone. Those people will get your pin code too. However, they are much more likely to take a completely different approach, e.g. MSAB XRY.

Quoting Klaus (Reply 35):
I expect the first "fingerprint crack" within the week.

The pin code crack is already here.


User currently offlineManuCH From Switzerland, joined Jun 2005, 3011 posts, RR: 47
Reply 37, posted (11 months 3 weeks 4 days 12 hours ago) and read 4962 times:
AIRLINERS.NET CREW
HEAD MODERATOR

Quoting Klaus (Reply 26):
How do you "read" my passcode? I take care to not have the display side exposed to anyone when I enter it. Changing the passcode also makes that a bit impractical. My fingerprints would be a lot easier to come by. Whether I want to or not, I leave them on smooth surfaces everywhere. And as noted above, I can't change them (practically).

If someone goes as far as trying to lift your fingerprints to gain access to your iPhone, you're probably storing way too valuable information (trade secrets of a large company? government secrets?) inside said iPhone.

In my opinion, the average citizen (and I consider myself to be one, as far as what kind of information I store on my iPhone) isn't at risk of having someone lifting his fingerprints to gain access to the phone.

I think the fingerprint scanner (if the next iPhone really gets that, if the rumors are true) is a huge step forward in security. I check my iPhone quite often, and I'm annoyed by having to type the code every time. Therefore I set it to be enabled only after 15 minutes of inactivity. This means my iPhone is *very* insecure for 15 minutes after each time I've used it. I dislike that, but it's a trade-off I took to work against the annoyance of entering the code over and over.

If I can replace that code with a fingerprint, it would mean that my iPhone is *always* locked, and that only my finger (or a code) can unlock it. Always. No 15-minute window. If I drop it or if it gets stolen, the average thief won't be able to access my data, because he won't have lifted my fingerprints off my glass at the restaurant (seriously?).

Let alone those users who don't use a PIN code at all, because they simply can't be bothered. I hear stories of iPhones being stolen all the time, and people have their personal data looked at, their social media profiles all messed up, and whatnot.

So I don't see how this can't be a huge step forward.



Never trust a statistic you didn't fake yourself
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 38, posted (11 months 3 weeks 4 days 12 hours ago) and read 4965 times:

Quoting cmf (Reply 36):
What phone out there are not worth protecting? The only I can think of are the phone that are receive only calls or those only able to dial preset numbers. Looking forward to see what you come up with.

Ask the people who don't protect their phones – not me.

Quoting cmf (Reply 36):
Again, this shows you don't understand what we are trying to protect. This is for opportunistic situation.

See my posts above.

Quoting cmf (Reply 36):
The pin code crack is already here.

Nope. It isn't. Whoever told you that didn't know what they're talking about.

A thief has no realistic chance of cracking a passcode on a semi-recent iOS device. Only for older devices which have a bug in their unfixable boot ROM (iPhone 3GS, iPhone 4, iPad 1) the outer hardware encryption layer can be circumvented, but that does no longer work with newer devices (iPhone 4S, iPad 2 and up). And even then only a simple 4-digit passcode can be cracked on the device. Good passcodes still remain out of reach even so, and critical personal data still can't be accessed.

Even Apple themselves can only unwrap the outer encryption layer through their private code-signing key, not the inner ones.

Using a nontrivial passcode makes it pretty much impossible to get at the data on the device for all that is known at this point.


User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 39, posted (11 months 3 weeks 4 days 12 hours ago) and read 4955 times:

Quoting ManuCH (Reply 37):
So I don't see how this can't be a huge step forward.

As I said: It's a step forward for people who hadn't secured their iPhone at all so far.

Replicating fingerprints is not difficult. There are easy do-it-yourself instructions on the internet. The main question is how long it will take to circumvent the new sensor (my guess: not very long).

Passcodes are a much better protection if they are used properly.


User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 40, posted (11 months 3 weeks 4 days 11 hours ago) and read 4946 times:

Quoting Klaus (Reply 38):
Ask the people who don't protect their phones – not me.

No, it is you who insist fingerprint isn't enough. back to you, where isn't fingerprint enough? My experience tells me the occasions are far between.

Quoting Klaus (Reply 38):
See my posts above.

I've seen your posts. You have dug yourself a hole from where you refuse to look out.

Security isn't about making everything perfectly safe. In fact, it hardly ever is about making it perfectly safe. Security is about making it difficult enough that it isn't worthwhile.

Quoting Klaus (Reply 38):
Nope. It isn't. Whoever told you that didn't know what they're talking about.

remember the thread where you stated you never attack other people? Another example of you failing to live up to your claims.

Problem for you is that I do know what I'm talking about. Even worse is that I'm talking about the most basic form of cracking there is and something mentioned above. All it takes is an eye and looking at the device when someone enters the code. As mentioned above it works with just about everyone and requires much less effort that lifting a fingerprint and making it readable.

Quoting Klaus (Reply 38):
A thief has no realistic chance of cracking a passcode on a semi-recent iOS device

Again, you're barking at the wrong tree. It is the steps before this that are addressed. The steps that are much more common issues.

Quoting Klaus (Reply 38):
Even Apple themselves can only unwrap the outer encryption layer through their private code-signing key, not the inner ones

Wrong. It takes them time but they can reduce it to a point where it is a realistic projects. It is a service they provide.

Quoting Klaus (Reply 38):
Using a nontrivial passcode makes it pretty much impossible to get at the data on the device for all that is known at this point.

Nope, you still have the problem of people thinking it is too much work and people looking.

Quoting Klaus (Reply 39):
Replicating fingerprints is not difficult.

Have you tried it? It is not nearly as simple as you think. depending on the technology used in the scanner it ranges from a lot of tries the first times to damn near impossible.


User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 41, posted (11 months 3 weeks 4 days 10 hours ago) and read 4935 times:

Quoting cmf (Reply 40):
No, it is you who insist fingerprint isn't enough. back to you, where isn't fingerprint enough?

On my device with my data.

Quoting cmf (Reply 40):
I've seen your posts. You have dug yourself a hole from where you refuse to look out.

Security isn't about making everything perfectly safe. In fact, it hardly ever is about making it perfectly safe. Security is about making it difficult enough that it isn't worthwhile.

Exactly. And leaving copies of the key to my data everywhere I touch any smooth surface is not my idea of data security.

I've nowhere stated that everybody had to agree with me. It's just my own position.

Quoting cmf (Reply 40):


Quoting Klaus,reply=38:
Nope. It isn't. Whoever told you that didn't know what they're talking about.

remember the thread where you stated you never attack other people? Another example of you failing to live up to your claims.

There is absolutely zero personal attack on you in my statement above. You may not happen to like what I have to say, but that is a completely different thing.

Quoting cmf (Reply 40):
Problem for you is that I do know what I'm talking about. Even worse is that I'm talking about the most basic form of cracking there is and something mentioned above. All it takes is an eye and looking at the device when someone enters the code. As mentioned above it works with just about everyone and requires much less effort that lifting a fingerprint and making it readable.

I don't even let friends look at the display and my fingers when I enter the passcode, much less potential thieves.

Quoting cmf (Reply 40):
Wrong. It takes them time but they can reduce it to a point where it is a realistic projects. It is a service they provide.

Sorry, but you're still wrong there.

Even Apple injecting special firmware which is properly signed with their private key into a device they've got in their physical possession can only unwrap the outer layer which doesn't hold sensitive data.

Even they need to inject code to run a brute-force attack against the passcode on the actual device, which after unwrapping the outer layer is no longer protected by the 10-tries-limit.

With a simple 4-digit passcode this already takes many hours (which is part of the design); With a nontrivial passcode it is just not feasible even then since it would take years or decades.

The service Apple provides for this gives no guarantee that they'll actually be able crack the passcode – just enough criminals are lazy enough to use only a basic passcode which is plausibly crackable to get police access to their data that way (at least normally with proper court orders accompanying the device in question).

And this service is not available to thieves (but possibly to the NSA even without proper paperwork, unfortunately), so thieves will already fail at the outer layer and never even get to the brute-force part since there is no known crack for the firmware signature. Ask the "jailbreakers" if you want. They have no way in to a locked device either, despite intensive reverse engineering through several years by now.

Quoting cmf (Reply 40):
Have you tried it? It is not nearly as simple as you think. depending on the technology used in the scanner it ranges from a lot of tries the first times to damn near impossible.

I didn't need to (nor do I have any such incentive). There are people who make it their hobby to circumvent locks of all kinds and other people who investigate security issues.


User currently offlinepar13del From Bahamas, joined Dec 2005, 7137 posts, RR: 8
Reply 42, posted (11 months 3 weeks 4 days 10 hours ago) and read 4936 times:

Quoting cmf (Reply 32):
Sadly too many security experts are so concerned about that once in a billion situation instead of the everyday situation that they create very unsecure systems.
Quoting ManuCH (Reply 37):
I think the fingerprint scanner (if the next iPhone really gets that, if the rumors are true) is a huge step forward in security. I check my iPhone quite often, and I'm annoyed by having to type the code every time. Therefore I set it to be enabled only after 15 minutes of inactivity. This means my iPhone is *very* insecure for 15 minutes after each time I've used it. I dislike that, but it's a trade-off I took to work against the annoyance of entering the code over and over.

  

Quoting cmf (Reply 32):
The real problem with biometric security is when the system fails and no-one remembers the password backup because it hasn't been used in the last 2 - 3 years.

Security folks are all about CYA, everything is simple and easy to put down on paper, unfortunately for the rest of the world, security folks live in their own world and only interact with us via their demands and rules implementation.
Bring on hump day then TGIF so we can get away from them for a day or two  


User currently offlineManuCH From Switzerland, joined Jun 2005, 3011 posts, RR: 47
Reply 43, posted (11 months 3 weeks 4 days 10 hours ago) and read 4937 times:
AIRLINERS.NET CREW
HEAD MODERATOR

Quoting Klaus (Reply 39):
As I said: It's a step forward for people who hadn't secured their iPhone at all so far.

Or for those who secured them, like myself, but only enable the PIN after a 15 minute timeout, for conveniency. The fingerprint sensor is probably more of a step forward in conveniency, but that's a biggie for me. If it works as expected, it'd be a huge usability improvement for my daily use cases.

Quoting Klaus (Reply 39):
Replicating fingerprints is not difficult. There are easy do-it-yourself instructions on the internet.

How easy really? How much of an effort is required? Also, how do you know whose prints you need? Any surface is likely to have many prints of several different people.

OTOH, looking over someone's shoulder when he types his PIN is easy. I know plenty of friends' PINs because I overlooked while they unlocked their iPhone - and no, not even on purpose. It would require much more of an effort to lift my friends' fingerprints. But I could unlock their iPhones, right now, without any effort.

This means that inside a "circle of trust" (close friends, family members) the fingerprint sensor is a step forward. It would be much harder to unlock, say, your partner's phone (leaving aside the fact that if you do that, your relationship probably has other issues  ). You couldn't just casually go "oh I know the code because I saw it", but you'd need to proactively lift their fingerprints?!

For the casual thief, it wouldn't probably make any difference, *unless* you have a timeout for PIN protection (like I do), which I admit is pretty unsafe. But as I said earlier, I wanted a trade-off between being annoyed with a PIN entry request every time I unlock my phone, and decent security.

To sum it up: I'll definitely enable that feature, if it is introduced, and my phone will be safer than now, because it will need some kind of security *every* time I unlock it. And I will never use my PIN, so nobody else looking over my shoulder would know it. This means that if I leave my phone unattended (which I rarely do, but still) the casual observer will not be able to unlock it.



Never trust a statistic you didn't fake yourself
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 44, posted (11 months 3 weeks 4 days 10 hours ago) and read 4937 times:

Quoting ManuCH (Reply 43):
How easy really? How much of an effort is required?

Pretty quick and easy with readily available means:
http://www.edri.org/edrigram/number6.7/fingerprint-schauble

Of course newer sensor designs have tried to counteract such home-cooked attacks, but we'll see how long the presumable sensor in the 5S will remain a barrier there.

Quoting ManuCH (Reply 43):
Also, how do you know whose prints you need? Any surface is likely to have many prints of several different people.

On your phone a thief already has in their hands, most likely there will only be your own.

Quoting ManuCH (Reply 43):
This means that inside a "circle of trust" (close friends, family members) the fingerprint sensor is a step forward.

If you have friends who you let see the code and who on the other hand are untrustworthy enough to actually steal your device and try to break into it...   

Quoting ManuCH (Reply 43):
It would be much harder to unlock, say, your partner's phone (leaving aside the fact that if you do that, your relationship probably has other issues &nbsp Wink. You couldn't just casually go "oh I know the code because I saw it", but you'd need to proactively lift their fingerprints?!

The excuse would simply be: "Oh, was it locked? It just unlocked right away, don't know why!"

This is not a falsifiable claim with a fingerprint sensor which always just has a statistical response, but a passcode will never accidentally unlock a device, so intent is definite and undeniable.

Quoting ManuCH (Reply 43):
To sum it up: I'll definitely enable that feature, if it is introduced, and my phone will be safer than now, because it will need some kind of security *every* time I unlock it. And I will never use my PIN, so nobody else looking over my shoulder would know it. This means that if I leave my phone unattended (which I rarely do, but still) the casual observer will not be able to unlock it.

I've never denied that it can be a viable option if you accept the consequences. But it's not for me.

But then I'm paranoid enough to also force sudo password entry on each and every invocation on any system under my control, by eliminating the convenient but insecure "grace period" via configuration.

I agree that security is never absolute, and convenience is always its primary antagonist. The problem is just that biometric analysis has been massively over-hyped in recent years and its security features have been wildly overstated. It can provide some security benefits if it is done right, but its impact is much more difficult to determine and its risks much more subtle and difficult to check than the old but well-understood password / key principle.

That it has become known that Apple has been subverted by the NSA recently as well unfortunately also makes it a major issue to have technical analysts check specifically for back doors providing wholesale fingerprint collection via surreptitious upload to central servers.

Things have unfortunately come to the point where that must actually be assumed until proven otherwise.   

Supremely bad timing for a feature like this.


User currently offlineDocLightning From United States of America, joined Nov 2005, 19568 posts, RR: 58
Reply 45, posted (11 months 3 weeks 4 days 3 hours ago) and read 4900 times:

Quoting Klaus (Reply 39):
Replicating fingerprints is not difficult.

Yes it is. Because you do not know which part of the print the software examines for minutae, you need an intact, complete print. Even the surface of the phone itself will have multiple smudged prints that will need to be dusted, imaged, and computer-combined to assemble a full print.

Then, because any such scanner being installed in a high-end smartphone will have thermal and pulse sensors, you need to make a very thin glove with the fingerprint on the glove's fingertips.

In the stories that have been posted, this has been accomplished, but it requires some specialized equipment and a fair amount of effort. How many petty smartphone thieves are going to be willing to go to it to unlock a phone that will probably be remotely wiped and deactivated, anyway?

I think you are too paranoid about it. Obsession with security can be counter-productive, too. The more times you have to enter a passcode, the more opportunities a hacker has to intercept it.


User currently offlinehoMsar From United States of America, joined Jan 2010, 1176 posts, RR: 0
Reply 46, posted (11 months 3 weeks 3 days 19 hours ago) and read 4838 times:

Quoting DocLightning (Reply 45):

But James Bond makes it look sooooooooo easy!



I was raised by a cup of coffee.
User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 47, posted (11 months 3 weeks 3 days 17 hours ago) and read 4817 times:

Quoting Klaus (Reply 41):
On my device with my data.

That's not an answer. You need to tell what type of data is unsecure with fingerprint but safe with pin code. All your answer provide is that you have classified some type of data you have as being in that range so it should be easy for you to provide a real answer.

Quoting Klaus (Reply 41):
And leaving copies of the key to my data everywhere I touch any smooth surface is not my idea of data security

You need to look at the effort it takes. Even for the most simple scanners it takes a significant effort to lift and create the fingerprint substitute. It is a pretty safe bet Apple would not use that kind of technology since even 10 years ago when we manufactured scanners it was easy to implement features raising the bar.

What kind of protection do you have on your house? Most people have one or two locks. The effort to steal your keys is much less than the effort required to create a fingerprint substitute.

Reality is that if you have someone dedicated enough to go thru this process to get your data then the pin code will not stop them either.

Quoting Klaus (Reply 41):
I've nowhere stated that everybody had to agree with me. It's just my own position.

Look back at your posts. This isn't what you state. You're stating fingerprints is a bad idea, that people should use pin codes instead.

Quoting Klaus (Reply 41):
There is absolutely zero personal attack on you in my statement above. You may not happen to like what I have to say, but that is a completely different thing.

You stated I do not know what I'm talking about, as It was my claim. You did not provide any support for why my statement was wrong, only an attack on my knowledge. Then add that the method for cracking open a pin code protected iPhone had already been posted and your claim is even more ridiculous.

Quoting Klaus (Reply 41):
I don't even let friends look at the display and my fingers when I enter the passcode, much less potential thieves.

You must be an extreme outlier because everyone I know slip from time to time. Reality is that most people enter pin codes so it is easy see what it is.

Quoting Klaus (Reply 41):
Sorry, but you're still wrong there.

The data we got back indicate differently...

Quoting Klaus (Reply 41):
With a simple 4-digit passcode this already takes many hours (which is part of the design); With a nontrivial passcode it is just not feasible even then since it would take years or decades.

We got the data in a week. It took a lot of time getting it setup but it was very fast once they got the device.

Quoting Klaus (Reply 41):
I didn't need to (nor do I have any such incentive). There are people who make it their hobby to circumvent locks of all kinds and other people who investigate security issues.

So how can you claim it is easy? Looks to me that you have found some claims of people being successful and think it applies to every fingerprint scanner. Even 10 years ago, when we developed our scanner, it was very difficult to fool anything but the most basic scanners.

Quoting Klaus (Reply 44):
Pretty quick and easy with readily available means

It takes time and equipment. Just that removes easy.

Quoting Klaus (Reply 44):
but we'll see how long the presumable sensor in the 5S will remain a barrier there.

What is there to suggest this? What is preventing locking the phone after x number of failed attempts at reading a fingerprint? It is afterall what you rely on to prevent brute force pin code crack. We have already addressed that it is much easier to lift a pin code than it is to create a workable fingerprint, as most people use them. As with all new code there are options for exploits but they will be locked down quickly, just as happened with the pin codes.

Quoting Klaus (Reply 44):
On your phone a thief already has in their hands, most likely there will only be your own.

What real difference is there because of this? There is no shortage of stolen phones today. The process if your phone is stolen will not be any different than it is is today.

Quoting Klaus (Reply 44):
This is not a falsifiable claim with a fingerprint sensor which always just has a statistical response, but a passcode will never accidentally unlock a device, so intent is definite and undeniable.

This got me laughing   If you did this to me I'd just tell you to unlock it again... You will fail and then we will have the same discussion as if you lifted my pin code.

Quoting Klaus (Reply 44):
I've never denied that it can be a viable option if you accept the consequences. But it's not for me.

I have to accept the consequences of using pin code too. Reality is that with fingerprint I am just about every other person is safer than with pin code because the people around me are much more likely to get my pin code than they are to be able and ready to make a fingerprint substitute. In all other situations there really isn't a difference in risk as those people will do the same if I use pin code or fingerprint.

There you have the sum of the pin code or fingerprint argument in the real world. Not the outlier situations you seem so concerned about.

Quoting DocLightning (Reply 45):
but it requires some specialized equipment and a fair amount of effort.

   Fingerprint takes away all opportunists. It makes no difference to the dedicated.

Quoting DocLightning (Reply 45):
Obsession with security can be counter-productive, too.

  
It is amazing how many people, including those with security titles, insist on locking everything so much that in reality all they do is cause costs to the company.


User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 48, posted (11 months 3 weeks 3 days 15 hours ago) and read 4810 times:

Quoting cmf (Reply 47):
That's not an answer. You need to tell what type of data is unsecure with fingerprint but safe with pin code. All your answer provide is that you have classified some type of data you have as being in that range so it should be easy for you to provide a real answer.

The answer to the question when protection is safe "enough" is inherently a judgment call and inherently does not have an objective answer except where formalized requirements and sufficiently precisely quantifiable assumptions about all significant circumstances are available (which is rarely the case – even where that is desired).

In my case I prefer passcodes with known properties over an opaque, sensor-based method with merely a statistical distribution of rejection vs. acceptance.

Quoting cmf (Reply 47):
You need to look at the effort it takes.

I have. The example I've linked to back then stunned many experts because they had massively overestimated the effort it should have taken. This may have shifted gradually due to sensor improvements since then (minus the margin imposed by an ultra-compact, low-power, high-convenience implementation in a mobile phone), but it's still a statistical gamble which inherently needs to be skewed towards false positives in order to actually deliver its desired convenience benefit in the first place.

Quoting cmf (Reply 47):
It is a pretty safe bet Apple would not use that kind of technology since even 10 years ago when we manufactured scanners it was easy to implement features raising the bar.

If the rumours have it correct, they're just starting.

Quoting cmf (Reply 47):
Look back at your posts. This isn't what you state. You're stating fingerprints is a bad idea, that people should use pin codes instead.

Nope. I have presented my view on what the technology can do and where I see risks and benefits. For myself I see more risks than benefits, for people who out of convenience never used a passcode I see more benefits than risks, as I have stated above.

Quoting cmf (Reply 47):
You stated I do not know what I'm talking about, as It was my claim.

Nope. I have said that whoever told you that didn't know what they were talking about. Which still isn't a personal slight but addressing the factual content of a statement.

Quoting cmf (Reply 47):
You did not provide any support for why my statement was wrong, only an attack on my knowledge. Then add that the method for cracking open a pin code protected iPhone had already been posted and your claim is even more ridiculous.

Nope. I have explained in detail how cracking of a passcode works on iOS devices – and what the limitations of such attempts are. You can research the current state of this issue and you will find that my presentation does reflect it correctly and by contrast your assumptions didn't.

Quoting cmf (Reply 47):
The data we got back indicate differently...

Nope. What you're saying is exactly consistent with my explanation above:
• (Unless you're the NSA or other secret agency which operates outside the law) you need to provide a) the actual physical device to Apple with b) a valid court order confirming that you do indeed have a legitimate right to have it cracked (I assume your "we" fits that description here).
• Even at Apple it takes many hours to break a simple passcode.
• If you do this more often, you will sooner or later come across devices locked with a proper passcode which even Apple can't break. This has already happened as far as I'm aware.

Quoting cmf (Reply 47):
We got the data in a week. It took a lot of time getting it setup but it was very fast once they got the device.

The toxic nature of dealing with a specifically prepared passcode-breaking firmware version correctly signed by Apple (as explained above) forces Apple to be highly restrictive and to not let it out of their sight since it could be extremely corrosive to the security of millions of devices in the field (at least to those using weaker passcodes).

That is why most likely only very few of their employees are trusted with this and that and the still-remaining difficulty of actually brute-forcing the passcode (which is by design!) means that they can process only a small number of devices at a time, resulting in long waiting lists for law enforcement clients.

This is exactly consistent with what I've explained above.

Quoting cmf (Reply 47):
You must be an extreme outlier because everyone I know slip from time to time. Reality is that most people enter pin codes so it is easy see what it is.

I'm an individual. And one who does indeed happen to have an above-average level of knowledge on a) software, b) chip design, c) sensor technology and its theoretical and practical application, d) iOS and its internal security architecture and e) the mathematical foundations of digital security technology.

For my own needs and existing risks I see passcodes as the primary mitigation strategy. I see too many drawbacks and too few benefits in sensor-based security for myself. But as I've said repeatedly: It depends on what your status quo is and what you're ready to accept in exchange for increased data security.

Quoting cmf (Reply 47):
What is preventing locking the phone after x number of failed attempts at reading a fingerprint? It is afterall what you rely on to prevent brute force pin code crack. We have already addressed that it is much easier to lift a pin code than it is to create a workable fingerprint, as most people use them.

No, you're simply assuming that to be the case. Whether that is actually true varies from case to case.

Quoting cmf (Reply 47):
This got me laughing   If you did this to me I'd just tell you to unlock it again... You will fail and then we will have the same discussion as if you lifted my pin code.

Nope. Unless a passcode is set in addition to the fingerprint, the fingerprint sensor response will always just be statistical. The claim that it "just unlocked" via fingerprint is not falsifiable unless you've got access to internal system logs.

By contrast, that same claim vs. a passcode lock is always and definitely false.

Quoting cmf (Reply 47):
I have to accept the consequences of using pin code too. Reality is that with fingerprint I am just about every other person is safer than with pin code because the people around me are much more likely to get my pin code than they are to be able and ready to make a fingerprint substitute. In all other situations there really isn't a difference in risk as those people will do the same if I use pin code or fingerprint.

There is no definitive and absolute answer to this. As I've said all along: It depends on the circumstances and on your willingness to accept inconvenience in exchange for increased security.

Quoting cmf (Reply 47):
There you have the sum of the pin code or fingerprint argument in the real world. Not the outlier situations you seem so concerned about.

Somebody trying to crack your device is already an "outlier" situation in itself. We're not discussing standard situations either way.

All that said, we'll have to see a) whether Apple has actually introduced such a sensor into the new iPhone, b) in what way they're actually employing it and c) which level of security is achievable this way.

Data security is too complex a topic to provide clear-cut, simple answers to many questions. Which is why it remains necessary to differentiate between different situations and behaviours on the one hand and technological mitigation approaches on the other.

Just because there might(!) be a new technological solution this does not automatically mean that it had to be a better solution for absolutely every need. This is not how that kind of thing works.


User currently offlineManuCH From Switzerland, joined Jun 2005, 3011 posts, RR: 47
Reply 49, posted (11 months 3 weeks 3 days 14 hours ago) and read 4796 times:
AIRLINERS.NET CREW
HEAD MODERATOR

Quoting Klaus (Reply 48):
Nope. Unless a passcode is set in addition to the fingerprint, the fingerprint sensor response will always just be statistical. The claim that it "just unlocked" via fingerprint is not falsifiable unless you've got access to internal system logs.

And you really think that 2 friends, or 2 partners in a relationship, will have a discussion going along the line of "oh well, your claim is not falsifiable, so I'll just believe that it unlocked by itself"? Probably Sheldon from Big Bang Theory with one of his nerdy girlfriends might do so - but 2 regular people who don't happen to be data security specialists will never discuss along these lines, realistically.

I know how fingerprint scanners work, and that there might be "false positive" unlocks (although unlikely if implemented properly). But if I found anyone with my phone unlocked, I would smell BS from miles away and wouldn't believe their claims of "it just unlocked by itself". Everything else is just academic banter, which doesn't apply in the real world among non-specialists.

Quoting Klaus (Reply 48):
Somebody trying to crack your device is already an "outlier" situation in itself. We're not discussing standard situations either way.

I disagree. A spouse or a friend unlocking your phone is not an "outlier". He may just be curious, looking for some gossip, or mad at you and wanting to do some damage to your social networks. You know, random things humans do when they're not being rational. And that is much easier to achieve if they look over my shoulder and catch my PIN, than if they start lifting my fingerprints. My friends may be crazy, but there's a limit to everything  

[Edited 2013-09-09 01:34:52]


Never trust a statistic you didn't fake yourself
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 50, posted (11 months 3 weeks 3 days 14 hours ago) and read 4786 times:

Quoting ManuCH (Reply 50):
And you really think that 2 friends, or 2 partners in a relationship, will have a discussion going along the line of "oh well, your claim is not falsifiable, so I'll just believe that it unlocked by itself"?

Of course if that happens in a relationship, other issues have already gone wrong before.

Quoting ManuCH (Reply 50):
But if I found anyone with my phone unlocked, I would smell BS from miles away and wouldn't believe their claims of "it just unlocked by itself". Everything else is just academic banter, which doesn't apply in the real world among non-specialists.

No, deniability is very much a real-life issue when things are getting heated. When further escalation of a situation is at stake, it can be a crucial factor.

Quoting ManuCH (Reply 50):
I disagree. A spouse or a friend unlocking your phone is not an "outlier". He may just be curious, looking for some gossip, or mad at you and wanting to do some damage to your social networks. You know, random things humans do when they're not being rational. And that is much easier to achieve if they look over my shoulder and catch my PIN, than if they start lifting my fingerprints. My friends may be crazy, but there's a limit to everything

The combination of someone around me going crazy and at the same time actually managing to get a hold of my phone and knowing my passcode is very much an outlier scenario, at least as far as I'm aware right now...!   


User currently offlineManuCH From Switzerland, joined Jun 2005, 3011 posts, RR: 47
Reply 51, posted (11 months 3 weeks 3 days 13 hours ago) and read 4782 times:
AIRLINERS.NET CREW
HEAD MODERATOR

Quoting Klaus (Reply 50):
Of course if that happens in a relationship, other issues have already gone wrong before.

I agree. But I'd still prevent it from happening by using technical means, along the line of reasoning "better safe than sorry".

Quoting Klaus (Reply 50):
No, deniability is very much a real-life issue when things are getting heated. When further escalation of a situation is at stake, it can be a crucial factor.

True. But at that point, if it escalates *that* much, the relationship/friendship/etc is pretty much over anyway  
Quoting Klaus (Reply 50):
The combination of someone around me going crazy and at the same time actually managing to get a hold of my phone and knowing my passcode is very much an outlier scenario, at least as far as I'm aware right now...!   

Touché  



Never trust a statistic you didn't fake yourself
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 52, posted (11 months 3 weeks 3 days 13 hours ago) and read 4768 times:

Quoting ManuCH (Reply 51):
I agree. But I'd still prevent it from happening by using technical means, along the line of reasoning "better safe than sorry".

Sure; And depending on your circumstances and priorities you'd choose an appropriate way to do that.

Quoting ManuCH (Reply 51):
True. But at that point, if it escalates *that* much, the relationship/friendship/etc is pretty much over anyway

Indeed. Digging into the privacy of the other is an unfriendly act in any case, regardless of any protections being in place or not.

Which applies pretty exactly to the NSA issue as well...!   


User currently offlineManuCH From Switzerland, joined Jun 2005, 3011 posts, RR: 47
Reply 53, posted (11 months 3 weeks 3 days 13 hours ago) and read 4763 times:
AIRLINERS.NET CREW
HEAD MODERATOR

Quoting Klaus (Reply 52):
Sure; And depending on your circumstances and priorities you'd choose an appropriate way to do that.

Exactly. Which leads us back to the original discussion. Hence we closed the circle  
Quoting Klaus (Reply 52):
Which applies pretty exactly to the NSA issue as well...!  

... which would entitle a completely separate thread. You're very welcome to start it (disclaimer: I haven't checked if there is one already)



Never trust a statistic you didn't fake yourself
User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 54, posted (11 months 3 weeks 3 days 13 hours ago) and read 4764 times:

Quoting Klaus (Reply 48):

Amazing. You are completely missing the point of what the fingerprint protection is about. Instead you dig yourself into minutia that misses the point.

It is as simple as this:
  • Pin codes are considered a big hassle by many meaning they set long times before the units locks or they don't use them at all.
  • Pin codes are easily cracked by people looking as they are entered and thus the typical way of bypassing them. It requires nothing more than looking.
  • Lifting a fingerprint and creating a usable substitute require effort in time and equipment. It is never a spur of the moment event.
  • Any person has a better chance of guessing the typical 4 digit pin code than their finger generating a false positive.
  • Most unauthorized access is spur of the moment access to to access data, impersonating or unauthorized calls.
  • Neither provide real protecting against people stealing the units for data or resell.


On top of this you have still not been able to provide a class of data that is properly secured with a pin code but unsafe with fingerprint, rendering your objection to fingerprint over pin code without justification.

What you have done is demonstrate how many proclaimed security experts look at security. As a requirement to lock down everything and prioritize prevention of data above everything else. This is why we see things like requirements on "impossible" passwords that people can't remember and thus circumvent everything by writing them down. Look at david Miranda.

It is ironic that the group you represent insist on making things so secure that the end result is more open systems.


User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 55, posted (11 months 3 weeks 3 days 12 hours ago) and read 4752 times:



Quoting cmf (Reply 54):
Amazing. You are completely missing the point of what the fingerprint protection is about. Instead you dig yourself into minutia that misses the point.

I simply have different priorities than you do, and I have always acknowledged that different views on the matter can lead to different conclusions and different protection measures. See all my posts above.

Quoting cmf (Reply 54):
On top of this you have still not been able to provide a class of data that is properly secured with a pin code but unsafe with fingerprint, rendering your objection to fingerprint over pin code without justification.

Simply because it's not the data itself but rather the priorities of its users which determine the security measures to be taken. Protection of the same type of data may be absolutely critical to one person and negligible to the next, and the circumstances of using that data may be so different between users that again very different security measures can make sense for each of them.

Quoting cmf (Reply 54):
It is ironic that the group you represent insist on making things so secure that the end result is more open systems.

"Open" systems and insecure systems are two independent dimensions – although they can in fact overlap as Android has shown.

I personally have no use for a fingerprint sensor and actually see substantial abuse potential in it. The mere presence of that sensor in an always-online device easily allows such abuse and unless I had credible analysis reports from independent experts plausibly showing that abuse was in fact unlikely, I would actively avoid purchasing such a device.

The recent subversion of Apple by the NSA unfortunately raises the suspicion of hostile mechanisms being injected into products even where that is strongly against the interests of the manufacturer and its customers.

I don't even see much actual risk for me in this particular respect – my incentive to pay good money for deliberately pre-infected and subverted products is just diminishing substantially.

I'm well aware that many people will see this differently (or not at all), which is also their right.

[Edited 2013-09-09 03:55:00]

User currently offlineTLG From United States of America, joined Jul 2005, 370 posts, RR: 0
Reply 56, posted (11 months 3 weeks 3 days 5 hours ago) and read 4694 times:

Quoting Klaus (Reply 55):

I've said it before about the points you make concerning security, but I'll say it again: what you say is probably technically correct, but I question the real world value. Let's say for argument's sake that a PIN code is more secure than a fingerprint scanner, as you claim. But is a fingerprint scanner secure enough? Are we actually going to see more security breaches in iPhones because of it?

[Edited 2013-09-09 11:26:53]

User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 57, posted (11 months 3 weeks 3 days 3 hours ago) and read 4657 times:

Quoting Klaus (Reply 55):
I simply have different priorities than you do, and I have always acknowledged that different views on the matter can lead to different conclusions and different protection measures. See all my posts above.

Yet so much hate and misinformation.

Quoting Klaus (Reply 55):
Simply because it's not the data itself but rather the priorities of its users which determine the security measures to be taken.

Those are details, the big picture remains very similar. It is clear you can't find a way to defend your statement.

Quoting Klaus (Reply 55):
"Open" systems and insecure systems are two independent dimensions – although they can in fact overlap as Android has shown.

Open has many meanings, but you know that, don't you? So why drag the discussion away from open as in security to open as in how source code and licensing is handled?

Quoting Klaus (Reply 55):
I personally have no use for a fingerprint sensor and actually see substantial abuse potential in it.

Which of course is why we are having this discussion. You do not know what technology they are (possibly) so you do not know what abuse potential there is, you assume.

Quoting Klaus (Reply 55):
unless I had credible analysis reports from independent experts plausibly showing that abuse was in fact unlikely, I would actively avoid purchasing such a device.

You better give up your current iPhone then because there is a great abuse potential with the pin code. Sure you have set it to pretty advanced settings but you have also stated you're not perfect so it is possible for people to pickup your pin and then they are in.


User currently offlinemax999 From United States of America, joined Dec 2005, 1039 posts, RR: 0
Reply 58, posted (11 months 3 weeks 3 days 3 hours ago) and read 4648 times:

I believe the 5C is going to be Apple's 'growth' phone. Developed markets are already too saturated so it's getting more and more difficult to grow market share. However, the next wave of smartphone expansion is in the developing countries so the 5C is Apple's way of diving into it.

While the rumored price of the 5C ($300-$400) will be cheaper than the regular iPhone ($650), it's still tough for many people in developing countries to put out that much money for a single purchase. And with Samsung and Chinese brands selling even cheaper low cost smartphones in developing countries, Apple will rely on its brand cachet to lure people who want to flash the status symbol of using an Apple product.



All the things I really like to do are either immoral, illegal, or fattening.
User currently offlineDocLightning From United States of America, joined Nov 2005, 19568 posts, RR: 58
Reply 59, posted (11 months 3 weeks 3 days ago) and read 4605 times:

Quoting max999 (Reply 58):
While the rumored price of the 5C ($300-$400) will be cheaper than the regular iPhone ($650), it's still tough for many people in developing countries to put out that much money for a single purchase. And with Samsung and Chinese brands selling even cheaper low cost smartphones in developing countries, Apple will rely on its brand cachet to lure people who want to flash the status symbol of using an Apple product.

There is more to Apple than status. The way they got that way is by making the best products. And, truly, of all the smartphones I've used, the iPhone/iOS combo is the most integrated, intuitive, and stable product I've encountered. It may be missing this customizable setting or this flashy gimmick, but the bottom line is that when I pick up my iPhone, I know that it is going to do what I tell it to do the first time.


User currently offlinetugger From United States of America, joined Apr 2006, 5515 posts, RR: 8
Reply 60, posted (11 months 3 weeks 2 days 23 hours ago) and read 4606 times:

Quoting DocLightning (Reply 59):
but the bottom line is that when I pick up my iPhone, I know that it is going to do what I tell it to do the first time.

Well, unless you are using Siri.....     

Tugg



I don’t know that I am unafraid to be myself, but it is hard to be somebody else. -W. Shatner
User currently onlineRara From Germany, joined Jan 2007, 2079 posts, RR: 2
Reply 61, posted (11 months 3 weeks 2 days 23 hours ago) and read 4601 times:

Quoting DocLightning (Reply 59):
There is more to Apple than status. The way they got that way is by making the best products. And, truly, of all the smartphones I've used, the iPhone/iOS combo is the most integrated, intuitive, and stable product I've encountered. It may be missing this customizable setting or this flashy gimmick, but the bottom line is that when I pick up my iPhone, I know that it is going to do what I tell it to do the first time.

This statement was 100% true about two years ago, when the other mobile ecosystems were still experimental. Since then they've really come into their own in terms of reliability and stability. The other day I had an iPhone 5 and one of the new Galaxies next to each other on the table on front of me. The iPhone just looked and felt horribly dated and unimpressive. The "wow factor" in terms of speed, snappiness and intuitive handling was entirely on the Galaxy side.

I do believe, however, that the iPhone will regain a lot of competitiveness with the new iOS version. I've seen it in action and I think it's a brilliant achievement. Really makes the phone feel like 2013 again.



Samson was a biblical tough guy, but his dad Samsonite was even more of a hard case.
User currently offlinetugger From United States of America, joined Apr 2006, 5515 posts, RR: 8
Reply 62, posted (11 months 3 weeks 2 days 23 hours ago) and read 4601 times:

Quoting Rara (Reply 61):
Really makes the phone feel like 2013 again.

The problem is that 2013 is already nearing its end....

I know I may sound too negative, but honestly Apple needs to produce something that feels like 2014 and then keep to that type of cycle. They did it before, and that is how they blew past everyone. I hope they can do it, I may not participate in their "universe" but I very much appreciate what they have done and hope they can continue to remain relevant and thrive long into the future.

Tugg



I don’t know that I am unafraid to be myself, but it is hard to be somebody else. -W. Shatner
User currently offlinemmedford From United States of America, joined Nov 2007, 561 posts, RR: 8
Reply 63, posted (11 months 3 weeks 2 days 22 hours ago) and read 4594 times:

Quoting tugger (Reply 62):
I know I may sound too negative, but honestly Apple needs to produce something that feels like 2014 and then keep to that type of cycle. They did it before, and that is how they blew past everyone. I hope they can do it, I may not participate in their "universe" but I very much appreciate what they have done and hope they can continue to remain relevant and thrive long into the future.

Jobs is dead, there is no innovation left.



ILS = It'll Land Somewhere
User currently offlinehoMsar From United States of America, joined Jan 2010, 1176 posts, RR: 0
Reply 64, posted (11 months 3 weeks 2 days 19 hours ago) and read 4569 times:

Quoting cmf (Reply 54):
This is why we see things like requirements on "impossible" passwords that people can't remember and thus circumvent everything by writing them down.

One of my biggest pet peeves. Every website has a different requirement about how many numbers, capital letters, symbols, hieroglyphics, etc. are required in passwords. And then the more annoying ones make you change it every few months. I honestly can't remember which passwords I use on which websites. I don't go to the point of writing them down, but I am always clicking the "forgot password" link on certain sites, and having to reset. Then they won't let you reuse passwords you've already used, so if I remember what password(s) work with that site (often, I'll remember the password once I see the specific combination of requirements they set which differentiate it from all the other websites' password requirements), I can't use them anyway and have to come up with yet another password that I'll never remember.

This all really defeats the purpose of good security.

Or, to put it another way: http://xkcd.com/936/

As for the whole argument about PIN vs. fingerprint, I guess it's a question of whom you're trying to protect your data against.

If it's James Bond or Jason Bourne (or the guys from Mission Impossible), then perhaps the PIN might be better (assuming they didn't install a hidden camera in your shirt collar to capture your PIN or use some kind of infrared sensor to detect where you've touched the screen). But if it's to stop a nosy friend from snooping, I really doubt they'd go through the trouble of getting a fake fingerprint to unlock the phone (but catching a glimpse of someone's PIN is painfully easy, and then it only takes a few seconds of the phone being left unattended by its owner for that nosy person to do as they please).

As for a random thief stealing your phone, my guess is that they'd wind up putting their own prints on the phone, in the process of acquiring it, and thus making it more difficult to lift the correct set.



I was raised by a cup of coffee.
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 65, posted (11 months 3 weeks 2 days 17 hours ago) and read 4539 times:

Quoting cmf (Reply 57):
Quoting Klaus (Reply 55):
I simply have different priorities than you do, and I have always acknowledged that different views on the matter can lead to different conclusions and different protection measures. See all my posts above.

Yet so much hate and misinformation.

There is absolutely zero "hate" or other personal issue with you on my side as anyone can see from my posts.

As to "misinformation", we've been discussing two fact-related issues:

• The "crackability" of passcodes on iOS devices, which I have explained in some technical detail as I know it. If you claim this is "misinformation", please provide comparably detailed information to the contrary. I'm ready to learn if you've got something there.

• The question of relative security of passcode vs. fingerprint. My position has always been that this depends on the situation and the user's priorities. You seem to insist that fingerprint sensors are always and definitely more secure, which I continue to disagree with.

Quoting cmf (Reply 57):


Quoting Klaus,reply=55:
Simply because it's not the data itself but rather the priorities of its users which determine the security measures to be taken.

Those are details, the big picture remains very similar. It is clear you can't find a way to defend your statement.

You don't address my arguments but simply discard them. At least I find that not very convincing.

Quoting cmf (Reply 57):
Open has many meanings, but you know that, don't you? So why drag the discussion away from open as in security to open as in how source code and licensing is handled?

Would you then please explain your intention behind your own use of the term?

Quoting cmf (Reply 57):
Which of course is why we are having this discussion. You do not know what technology they are (possibly) so you do not know what abuse potential there is, you assume.

The only way to somewhat reduce abuse potential would be to design a fixed custom preprocessor right into the sensor subsystem which reduced the fingerprint data to a hash value. This would make it difficult or impossible to reconstruct the original fingerprint from the hash value but would still retain the personal identifiability which is the primary problem here. An extra individual (per device) encryption key embedded in that special coprocessor could reduce the identifiability to just that device, but that would make production even more complicated and expensive (Apple does that with the main processor because the hardware flash encryption depends on it).

It would also be difficult and expensive to develop, prone to incorrigible bugs (in a highly calibration-dependent device), would not allow updates or upgrades (because that would again open a door to abuse), would leave the already existing image processing capability in the main CPU/GPU/photo coprocessor unused, would require more space and use more power than the obvious implementation: An image-providing raw sensor providing a raw fingerprint image with subsequent software analysis – which would have full access to the actual fingerprint, however, which is where the abuse potential is obvious.

The abuse potential is unfortunately inherent to the technology, simply because our fingerprints happen to remain attached to us individually and we can't reasonably change them.

It's the same reason why criminals get their fingerprints taken. (And why harmless tourists entering the USA, for instance, don't necessarily relish being treated the same way.)

Quoting cmf (Reply 57):
You better give up your current iPhone then because there is a great abuse potential with the pin code. Sure you have set it to pretty advanced settings but you have also stated you're not perfect so it is possible for people to pickup your pin and then they are in.

Nope. None of the inherent problems of fingerprint sensing applies to passcodes:
• There are no copies of the passcode lying around in easy reach for an attacker (or at all).
• Passcodes can be changed at will. Fingerprints are generally constant throughout a person's adult lifetime.
• Passcodes are not bound to an individual person – they are completely anonymous.

An attacker against my data would need to:
a) Try to observe my passcode input (difficult enough),
b) actually get their hands on my phone before I change the passcode again and
c) extract meaningful data before I remotely erase the device.

a) and b) are already a very difficult combination.

I have no problem with other people preferring fingerprint sensing over passcodes for themselves, but I just don't – and I'm willing to invest the effort to increase the passcode's security by the way I handle the device. Not everybody wants that, so preferences will differ.

Quoting Rara (Reply 61):
The other day I had an iPhone 5 and one of the new Galaxies next to each other on the table on front of me. The iPhone just looked and felt horribly dated and unimpressive. The "wow factor" in terms of speed, snappiness and intuitive handling was entirely on the Galaxy side.

Great that you have a choice, then. My own impression keeps being a very different one, so it's great that I've got a choice, too.

Quoting hoMsar (Reply 64):
One of my biggest pet peeves. Every website has a different requirement about how many numbers, capital letters, symbols, hieroglyphics, etc. are required in passwords. And then the more annoying ones make you change it every few months. I honestly can't remember which passwords I use on which websites. I don't go to the point of writing them down, but I am always clicking the "forgot password" link on certain sites, and having to reset. Then they won't let you reuse passwords you've already used, so if I remember what password(s) work with that site (often, I'll remember the password once I see the specific combination of requirements they set which differentiate it from all the other websites' password requirements), I can't use them anyway and have to come up with yet another password that I'll never remember.

This all really defeats the purpose of good security.

This is definitely a relevant issue and fingerprints are one of the attempts to address it, but this approach has its own problems as well – which ones you find more relevant to your own use is the main question, and the answer will always be an individual one (unless, for instance, an employer enforces specific rules for company devices).

Quoting hoMsar (Reply 64):
As for the whole argument about PIN vs. fingerprint, I guess it's a question of whom you're trying to protect your data against.

Yes, among other things.

[Edited 2013-09-09 23:16:31]

User currently offlinemad99 From Spain, joined Mar 2012, 543 posts, RR: 0
Reply 66, posted (11 months 3 weeks 2 days 16 hours ago) and read 4531 times:

If the phone does come with the print reader it will be interesting to see how it works. I have a lenovo laptop and you have to swipe your finger over a thin bar for the reader to read the print and to be honest it doesn't work well especially after a shower!

If the new phone has a quick and reliable reader it will be an improvement over the pin system in my opinion.


User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 67, posted (11 months 3 weeks 2 days 13 hours ago) and read 4512 times:

Quoting Klaus (Reply 65):
The "crackability" of passcodes on iOS devices, which I have explained in some technical detail as I know it. If you claim this is "misinformation", please provide comparably detailed information to the contrary. I'm ready to learn if you've got something there.

Oh God. When will you get that this is about how pins generally are compromised, from watching them being entered. Limiting the number of attempts doesn't matter when you only need one.

Quoting Klaus (Reply 65):
You seem to insist that fingerprint sensors are always and definitely more secure, which I continue to disagree with.

I insist it takes a lot more effort to lift a fingerprint and create a usable substitute than it takes to look at a pin as it entered, memorize it and then re-enter.

I insist that breaking a finger print protection takes so much effort it is never an opportunistic event and that opportunistic events is all both fingerprints and pin codes protect against.

Quoting Klaus (Reply 65):
You don't address my arguments but simply discard them. At least I find that not very convincing.

Your arguments should be discarded because all they do is trying to glide away from the answer. There is good consensus on how data is classified. It isn't absolute but the span is narrow. All I have asked for is examples. I have not asked for absolute rules. I'm however very likely to challenge as to how you justify the difference.


Quoting Klaus (Reply 65):
Would you then please explain your intention behind your own use of the term?

Open in the security meaning means easily accessible, as in open door to enter a house.

Quoting Klaus (Reply 65):
preprocessor right into the sensor subsystem which reduced the fingerprint data to a hash value

Why on earth would you store the fingerprint in the clear? Seeding and multi-iteration hashing has been best practice for longer than I can remember. Storing passwords in clear is pretty much as big violation of security procedures as you can do. Fortunately hashing is very low on cpu power. So simple that 1,000 iterations is very common. To put some strain on those trying to do brute force cracking...

Quoting Klaus (Reply 65):
An extra individual (per device) encryption key embedded in that special coprocessor could reduce the identifiability to just that device, but that would make production even more complicated and expensive (Apple does that with the main processor because the hardware flash encryption depends on it).

Special coprocessor, you're going way overboard. You could use the same seed you have for the main processor but why? Much better to use best practice and generate a new seed each time a fingerprint is scanned. Reality is that if they can read the hash and the seed they really don't need either to access the data on the device and since you can't recreate the fingerprint data from the hash it doesn't matter if someone gets both.

Quoting Klaus (Reply 65):
The abuse potential is unfortunately inherent to the technology, simply because our fingerprints happen to remain attached to us individually and we can't reasonably change them.

Remember what it is you're trying to accomplish. Unlocking a phone is similar to unlocking the door to your apartment. It is only there to protect against the opportunistic. The dedicated will always be able to bypass both fingerprints and pins. Same goes for passwords. We have reached a stage where just about every written word and phrase exist in hash libraries and thus are quickly cracked. using email and SMS are easily intercepted so they too are very low protection.

Quoting Klaus (Reply 65):
It's the same reason why criminals get their fingerprints taken.

No, those fingerprints are taken for identification, a very different application. They are not taken to be reproduced and used in other places   That they don't change is the reason why we take criminals fingerprints. The reason we use fingerprints for access control is that they are unique, readily available and easy to use. Completely different reasons.

Quoting Klaus (Reply 65):
There are no copies of the passcode lying around in easy reach for an attacker (or at all).

Negated by it being so easy to read pin codes as they are entered and that "attackers" do not carry around kits allowing them to create fingerprint substitutes on the spot. It takes too much time   If the phone is stolen then neither matter anymore.

Quoting Klaus (Reply 65):
Passcodes can be changed at will. Fingerprints are generally constant throughout a person's adult lifetime.

Doesn't matter. We are protecting against opportunists, that's all. You do not change pin each time you unlock your phone. For all practical purposes they are the same when it comes to unlocking phones.

Quoting Klaus (Reply 65):
Passcodes are not bound to an individual person – they are completely anonymous.

Negated by being easily observed when entered.

Quoting Klaus (Reply 65):
Try to observe my passcode input (difficult enough)

No, extremely simple in most cases. You claim to always make sure to shield your entry which makes you an outlier. Even so I'm sure you fail from time to time. probably often enough to make it more risky than the chance of someone going through the effort of being successful in replicating your fingerprint. Especially since if they have that dedication they will most likely use completely different methods anyway.

Quoting Klaus (Reply 65):
actually get their hands on my phone before I change the passcode again

Honestly, how often do you think the normal person change pin code on their phone? Let me provide the answer. Only if they find the current code has been used. So in most cases never.

Quoting Klaus (Reply 65):
extract meaningful data before I remotely erase the device.

Same with fingerprints. It isn't as fast as you portray.

Quoting Klaus (Reply 65):
a) and b) are already a very difficult combination.

No, a is extremely simple. As I said my 8 year old friend has already picked up the codes of just about every phone around him. Why, to play games.

B would complicate it but reality is that codes are rarely changed. Then add the process for doing so and consider the problem that a large percentage of current phones do not have even pin codes because the process is considered too complicated.

Quoting Klaus (Reply 65):
I just don't – and I'm willing to invest the effort to increase the passcode's security by the way I handle the device. Not everybody wants that, so preferences will differ.

You're an outlier. Even so I'm pretty confident you're not nearly as protected as you think. Humans mess up, you have stated you do too   If I worked with you I'm sure I could have access to your phone within a week.


User currently offlinevirginblue4 From United Kingdom, joined Jun 2008, 902 posts, RR: 0
Reply 68, posted (11 months 3 weeks 2 days 10 hours ago) and read 4490 times:

Quoting mmedford (Reply 63):

Oh please. This argument is just getting ridiculous now.



The amazing tale of flight.
User currently offlineMIAspotter From Spain, joined Nov 2001, 2758 posts, RR: 25
Reply 69, posted (11 months 3 weeks 2 days 10 hours ago) and read 4477 times:

I suggest this thread has its name changed to ¨Fingerprint reader vs Pin Code which is safest¨ or either locked already and a new one opened where we can actually discuss the new iPhone 5S, and or follow the keynote.

MIAspotter.



I think, therefore I don´t fly Ryanair.
User currently offlinecasinterest From United States of America, joined Feb 2005, 4588 posts, RR: 2
Reply 70, posted (11 months 3 weeks 2 days 6 hours ago) and read 4420 times:

I think the fingerprint reader will be a real difference maker, but one that Android and Windows will quickly replicate. There is a lot of security refinements going on in many industries that are requiring. "Two-Factor " and "Three-Factor" authentication. Not only will people need logins and passwords, but they need a secondary or even tertiary authentication . Pincodes texted, hardware sync clocks, and fingerprint scanners. The fingerprint scanners are far from foolproof, as are pins, but at the end of the day, when you use one secure login with another secure login, you are getting more security. The argument of pin vs fingerprint is irrelevant. You need both,


Older than I just was ,and younger than I will soo be.
User currently offlinecasinterest From United States of America, joined Feb 2005, 4588 posts, RR: 2
Reply 71, posted (11 months 3 weeks 2 days 6 hours ago) and read 4418 times:

Anyhow, new demarcation point in thread. Almost need a new one here.

Here is the live blog from Gizmodo from the Apple event.

http://live.gizmodo.com/



Older than I just was ,and younger than I will soo be.
User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Reply 72, posted (11 months 3 weeks 2 days 6 hours ago) and read 4418 times:

Quoting casinterest (Reply 70):
I think the fingerprint reader will be a real difference maker, but one that Android and Windows will quickly replicate.

I think it will be a good idea and with the thousands of iPhones stolen if its not easily hacked then will be a more secure way. The number of people that do not have pass codes or ''Find my iPhone'' to remotely wipe data is unbelievable. All that personal info open to thieves.

As for the other content of the new 5S I am moving to the direction that I will wait for the 6. I dont think it will give me anything I really need. Unless we hear something more than the leaks its more of a tweak than anything new.


User currently offlinecasinterest From United States of America, joined Feb 2005, 4588 posts, RR: 2
Reply 73, posted (11 months 3 weeks 2 days 6 hours ago) and read 4416 times:

Quoting OA260 (Reply 72):
As for the other content of the new 5S I am moving to the direction that I will wait for the 6. I dont think it will give me anything I really need. Unless we hear something more than the leaks its more of a tweak than anything new.

For me , I am not sure whether the tweaks matter or not. I still have a lot of coworkers still running 3GS and 4's. They are ready for IOS 7 , and they may jump at these features. If the China Telecom deal is real, the impact of that for Apple Stock Holders will be intense.

I still expect to see a rather substantial update to the Apple TV and it's software interaction with home TV's.



Older than I just was ,and younger than I will soo be.
User currently offlinetugger From United States of America, joined Apr 2006, 5515 posts, RR: 8
Reply 74, posted (11 months 3 weeks 2 days 6 hours ago) and read 4416 times:

Quoting casinterest (Reply 70):
I think the fingerprint reader will be a real difference maker, but one that Android and Windows will quickly replicate. There is a lot of security refinements going on in many industries that are requiring. "Two-Factor " and "Three-Factor" authentication. Not only will people need logins and passwords, but they need a secondary or even tertiary authentication . Pincodes texted, hardware sync clocks, and fingerprint scanners. The fingerprint scanners are far from foolproof, as are pins, but at the end of the day, when you use one secure login with another secure login, you are getting more security. The argument of pin vs fingerprint is irrelevant. You need both,

I can see fingerprint, a simple PIN, and facial recognition being pretty good.

Tugg



I don’t know that I am unafraid to be myself, but it is hard to be somebody else. -W. Shatner
User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Reply 75, posted (11 months 3 weeks 2 days 6 hours ago) and read 4415 times:

Quoting casinterest (Reply 73):
They are ready for IOS 7 ,

I have been running the developers IO7 for a few months now and love it on my iPhone 5 so even less of a jump for me to a 5S which is why for the first time ever I might let this one pass me by !! Just depends. Never say never.  
Quoting casinterest (Reply 73):
I still expect to see a rather substantial update to the Apple TV and it's software interaction with home TV's.

I got the new type Apple TV to replace my 250GB older one . Any new updates are welcome.






[Edited 2013-09-10 10:11:00]

User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 76, posted (11 months 3 weeks 2 days 6 hours ago) and read 4404 times:

iOS was always geared towards keeping each device fresh for 2 or more years and the outer appearance usually changed only every second generation, which suits most 2-year-contract customers just fine...

For me it's at least 3 years this time, which is no problem with iOS 7 on the 4S (later today), but other people will step up from the 5 already – individual choices.

[Edited 2013-09-10 10:12:59]

User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Reply 77, posted (11 months 3 weeks 2 days 6 hours ago) and read 4440 times:





[Edited 2013-09-10 10:25:22]

User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 78, posted (11 months 3 weeks 2 days 5 hours ago) and read 4434 times:

Quickest updates in writing: ars technica
http://live.arstechnica.com/apple-september-10-event/

More pictures than words: The Verge
http://live.theverge.com/apple-iphone-5s-liveblog/

Ah, iOS 7 release is on the 18th, not today (sniff!).   
But for the iPad on the same day.   


User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Reply 79, posted (11 months 3 weeks 2 days 5 hours ago) and read 4426 times:









[Edited 2013-09-10 10:29:42]







[Edited 2013-09-10 10:38:08]




[Edited 2013-09-10 10:42:12]

User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 80, posted (11 months 3 weeks 2 days 5 hours ago) and read 4405 times:

The A7 in the 5S does indeed have the new ARM 64 bit ISA – there have been rumours, but I did not expect it today already (that it would come eventually was clear, but they're sprinting pretty far ahead with this).

This is pretty impressive technologically.

Claimed doubled performance for both CPU and GPU each.

Given that 64 bit code generally costs a bit of performance by itself, they must have racked up architectural complexity by quite a bit to achieve a massive performance increase instead. "desktop-class architecture" according to Phil Schiller sounds about right in this regard.

They could also have gone quad-core to get there, but so far no indication of this, so I doubt it.

And at the same time further improved battery life... not bad at all, technologically...!

[Edited 2013-09-10 10:52:46]

User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Reply 81, posted (11 months 3 weeks 2 days 5 hours ago) and read 4384 times:


.


.


.

.



.


.


.


[Edited 2013-09-10 11:00:34]

.


[Edited 2013-09-10 11:03:39]

User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 82, posted (11 months 3 weeks 2 days 5 hours ago) and read 4363 times:

As I had expected, the fingerprint sensor scans a raw image and the main processor does the decoding.

They are giving assurances that nothing is uploaded and fingerprint data is segregated within the processor against software except the fingerprint driver – under the circumstances that is about as good as can be expected, but also given the circumstances, external analysis and corroboration of these claims remains necessary, since NSA & co. are undoubtedly salivating at the thought of surreptitiously collecting millions of individual fingerprints and potentially tracking individuals relatively reliably across different devices.

Given that the NSA is calling the shots at Apple as well since last year, obvious suspicions need more than public assurances.

(Ah, the expected 128GB capacity version is not coming after all!)

So all in all:
• Huge leap in terms of CPU technology: Obviously they designed and built a 64 bit successor of their also in-house developed 32 bit Swift core from the A6; Unless I've missed something, this should be the first actual implementation of the still-warm 64 bit ARM architecture. I'm not sure if any other manufacturers have even announced an actual processor using it, let alone manufactured it. The big speed bost from it is remarkable; And given that the A7 is very unlikely to have more than 4GB of RAM, the performance gain has apparently been their main driver with this (64 bit is actually only needed when an application can actually use 4GB or more).

• Pretty nice camera update: Exploiting improved sensors, tuning the flash and other components, putting the A7 performance to good use as well.

• Fingerprint sensor: Convenient if you use it (which you don't need to); Apparently good security thinking overall, just execution in doubt due to known subversion of the company by the NSA with obviously security-hostile interests (intentionally placed back doors etc.).

• Not obvious from the feed I've watched, but highly likely: Expanded LTE band compatibility as announced for the 5C, apparently by updating the LTE subsystem to the latest version without needing more space and battery power.

[Edited 2013-09-10 11:23:29]

User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Reply 83, posted (11 months 3 weeks 2 days 4 hours ago) and read 4362 times:

Ok the 5C is not for me as I said. I can see it appealing to the lower end of the market and teenagers. I like the 5S and the finger print sensor. The other features I can take or leave. Will I upgrade? Not sure will not be standing out in line for it thats for sure. I want to see it and use it first in store before making my mind up.

User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 84, posted (11 months 3 weeks 2 days 4 hours ago) and read 4356 times:

The 5C appears to be a still nicely updated 5 in a plastic case, the 5S has all the new tech. Both have identical software features otherwise (no device-coupled software feature like Siri this time).

The 5S has nothing I personally would need or would normally notice as a difference to my 4S, but I'm extremely interested in the inevitable teardown of the new A7 – pushing it all the way to a massively complex 64 bit architecture is a pretty huge achievement (the complexity is not inherent in 64 bit as such, but was added on top to boost its actual performance at the same time).

Undoubtedly the teardown providers are already warming up their acid baths, fine-tuning their precision grinders and checking their X-ray machines as we speak, with the orders for OZ and/or NZ units ready to go so no hour would go to waste...!


User currently offlinecasinterest From United States of America, joined Feb 2005, 4588 posts, RR: 2
Reply 85, posted (11 months 3 weeks 2 days 3 hours ago) and read 4280 times:

I will be interested to see more about this "M7" chip in the new IPADS and IPODS during the fall event for those. I suspect this has more to do with gameplay.
I really feel strongly that Apple is going after the gaming market with this chip.



Older than I just was ,and younger than I will soo be.
User currently offlinemax999 From United States of America, joined Dec 2005, 1039 posts, RR: 0
Reply 86, posted (11 months 3 weeks 2 days 1 hour ago) and read 4203 times:

Quoting OA260 (Reply 83):

Ok the 5C is not for me as I said. I can see it appealing to the lower end of the market and teenagers.

The price of the 5C is unexpectedly high at $550. I wouldn't consider this a low end price whatsoever.

Once people tear down the 5C and figure out the component costs, then we'll know whether Apple priced it at $550 because of the actual cost of making the device. Or the price was inflated so as not to introduce cheapness into the brand, especially when selling in developing markets.

[Edited 2013-09-10 14:32:16]


All the things I really like to do are either immoral, illegal, or fattening.
User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Reply 87, posted (11 months 3 weeks 2 days 1 hour ago) and read 4187 times:

Quoting max999 (Reply 86):
The price of the 5C is unexpectedly high at $550. I wouldn't consider this a low end price whatsoever.

The prices are lower in the USA. Here in the UK/Ireland an iPhone 5 is $860 ! The 5S is going to be the same.


User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 88, posted (11 months 3 weeks 2 days ago) and read 4162 times:

Quoting casinterest (Reply 85):
I will be interested to see more about this "M7" chip in the new IPADS and IPODS during the fall event for those. I suspect this has more to do with gameplay.
I really feel strongly that Apple is going after the gaming market with this chip.

I don't think so, because the expressed purpose of that extra chip is apparently to track(!) sensor data while the main processor is in sleep mode. During game play the main CPU is in high-performance mode anyway much of the time (if not permanently), so the extra chip wouldn't have much of any benefit.

The main purpose appears to be tracking(!) motion while the iPhone is in your pocket and (at least much of the time) the main CPU is asleep while the M7 collects and buffers sensor data at much lower power consumption for this task, consuming less of your battery charge than the main CPU would for the same purpose.

Quoting max999 (Reply 86):
Once people tear down the 5C and figure out the component costs, then we'll know whether Apple priced it at $550 because of the actual cost of making the device. Or the price was inflated so as not to introduce cheapness into the brand, especially when selling in developing markets.

The cost of just manufacturing the device is very probably already substantially different from the very raw estimate given by iSuppli & Co.;

And the total cost to Apple is again substantially different because development (of hardware, software and OS!) and all related expenses (among many others including license payments, distribution, support, warranty etc.) have to be summed up as well.

Apple has comparatively comfortable total margins (as expressed in revenue vs. profit), but they are not remotely as high as the isolated estimates suggest which are bandied about all the time, generally without any context whatsoever and often with the intention to just rile up the audience, not to actually provide usable information.


User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 89, posted (11 months 3 weeks 2 days ago) and read 4166 times:

Quoting OA260 (Reply 87):
The prices are lower in the USA. Here in the UK/Ireland an iPhone 5 is $860 ! The 5S is going to be the same.

The US prices are without tax, european ones are usually inclusive (VAT in particular).

If I've read irish VAT correctly at 23%, your irish price of $860 (converted, I presume) would be $699 without VAT. Other national charges may also apply.

American customers also don't get the mandatory european 2-year warranty which also needs to be budgeted for (in the US it's only 90 days limited warranty as far as I'm aware).

[Edited 2013-09-10 15:24:00]

User currently offlinedoug_Or From United States of America, joined Mar 2000, 3403 posts, RR: 3
Reply 90, posted (11 months 3 weeks 1 day 23 hours ago) and read 4128 times:

The 5c looks a like a big disappointment. For most people in the US who are on contract the newest model of iPhone has generally been $200 while the older one has been $100. It looks like Apple is continuing this tradition but downgrading the case as well. Perhaps the price of an unlocked phone will have a larger price difference, making it more attractive to pay as you go folks?


When in doubt, one B pump off
User currently offlineCadet985 From United States of America, joined Mar 2002, 1551 posts, RR: 4
Reply 91, posted (11 months 3 weeks 1 day 23 hours ago) and read 4098 times:

I just got my iPhone 5 in June, I'm not likely to upgrade for awhile, unless I hit it really big in Vegas in a couple weeks.

I also wonder this. Instead of making a cheaper version to sell in some foreign markets, why not pay for food for those foreign markets? I'm sure some person on a street corner in a third world country would rather eat then have the latest phone...

Marc


User currently offlineJetsgo From United States of America, joined Jul 2003, 3083 posts, RR: 5
Reply 92, posted (11 months 3 weeks 1 day 22 hours ago) and read 4089 times:

I think it's an ok release, for the 5S that is... I mean no one really expected anything more, right? Apple has a history of making a mild refresh around this time and 2013 was no different. The main focus here should be on iOS 7 more than anything.

The 5C is a complete joke, even though it's their business model from here on out seeing as how they are discontinuing the 5. The fact of the matter is $550 is A LOT of dough for a "cheaper" phone. I think Apple should have tried to be more competitive considering one can have a Nexus 4 and presumably a Nexus 5 UNLOCKED for less than half.
Quoting Cadet985 (Reply 91):
I also wonder this.

Because Apple is in the business of selling phones, not handing out food.

I wonder why UNICEF doesn't just come in swinging and show iOS and Android the door?

[Edited 2013-09-10 17:29:26]


Marine Corps Aviation, The Last To Let You Down!
User currently offlineLuftfahrer From Germany, joined Mar 2009, 1013 posts, RR: 2
Reply 93, posted (11 months 3 weeks 1 day 22 hours ago) and read 4079 times:

Quoting casinterest (Reply 70):
I think the fingerprint reader will be a real difference maker, but one that Android and Windows will quickly replicate.

Hopefully not. Some may see it as a cool feature, but it serves little purpose and does not even increase security (fingerprints can be replicated quite easily). Given the revelations of Mr. Snowden over the past few weeks, there is however a good chance your fingerprints will eventually end up with NSA, GCHQ and the likes. No thanks!



Et là tu montes encore plus haut et ça persiste, alors on vole
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 94, posted (11 months 3 weeks 1 day 22 hours ago) and read 4064 times:

Quoting Jetsgo (Reply 92):
The 5C is a complete joke, even though it's their business model from here on out seeing as how they are discontinuing the 5. The fact of the matter is $550 is A LOT of dough for a "cheaper" phone. I think Apple should have tried to be more competitive considering one can have a Nexus 4 and presumably a Nexus 5 UNLOCKED for less than half.

Given that Apple makes more money than their entire mobile phone competition combined, I doubt they feel any urgency to beat the others in a race to the bottom.


User currently offlineJetsgo From United States of America, joined Jul 2003, 3083 posts, RR: 5
Reply 95, posted (11 months 3 weeks 1 day 21 hours ago) and read 4045 times:

Quoting Klaus (Reply 94):

Be that as it may, it strikes me as a half assed effort to offer a "cheap" phone. Kind of like when Delta introduced Song and United Ted. And while I prefer iOS to Android, I wouldn't exactly refer to the Nexus line as the bottom.

Curious what your thoughts are on iOS 7, if any, Klaus?



Marine Corps Aviation, The Last To Let You Down!
User currently offlinehoMsar From United States of America, joined Jan 2010, 1176 posts, RR: 0
Reply 96, posted (11 months 3 weeks 1 day 21 hours ago) and read 4046 times:

Disappointed in the lack of a 128GB option. I wasn't really expecting it, given that it wasn't among the prominent rumors.

That said, I still might actually take the plunge and go for this one, and if/when they release a 128 GB option (iPhone 6?), just buy that and sell the 64. I just really want to get rid of Android, and WP8 isn't doing much for me.



I was raised by a cup of coffee.
User currently onlineRyanairGuru From Australia, joined Oct 2006, 5449 posts, RR: 5
Reply 97, posted (11 months 3 weeks 1 day 21 hours ago) and read 4035 times:

Quoting Luftfahrer (Reply 93):
there is however a good chance your fingerprints will eventually end up with NSA, GCHQ and the likes

I hadn't thought of that!

I actually don't have any issue with spy agencies, I have nothing to hide from the NSA if they want to look into me, but I could definitely understand why a lot of people would be cautious to save their fingerprints on their phone because of this.



Worked Hard, Flew Right
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 98, posted (11 months 3 weeks 1 day 20 hours ago) and read 4029 times:

Quoting Jetsgo (Reply 95):
Be that as it may, it strikes me as a half assed effort to offer a "cheap" phone.

They have no interest in offering a "cheap" phone. They only have an interest to broaden their base by a) ditching their expensive machined metal case for the new midrange model and thus gaining faster and cheaper manufacrturing while b) appealing to a colour-loving audience which they hadn't served with iPhones at all so far.

The "cheapest" option is the 4S anyway.

Quoting Jetsgo (Reply 95):
Curious what your thoughts are on iOS 7, if any, Klaus?

I wasn't thrilled with the ultra-thin fonts they had started with, which I had considered to be a mistake for Windows Phone already. The adjustable font size and improved weight should take care of that, however.

Otherwise the move from simulated physical properties (such as shadows or pseudo-highlights) towards a more abstract, more reduced UI can make sense, if it still works as well as or better than the existing version in practice.

I haven't used it yet, but it could be quite nice. I'll check it out.

Quoting RyanairGuru (Reply 97):
I actually don't have any issue with spy agencies, I have nothing to hide from the NSA if they want to look into me, but I could definitely understand why a lot of people would be cautious to save their fingerprints on their phone because of this.

One issue is that a subverted firmware could surreptitiously collect fingerprints even when their use in iOS itself was disabled. This is one of many points where the question of trust comes up.


User currently offlineseb146 From United States of America, joined Nov 1999, 11586 posts, RR: 15
Reply 99, posted (11 months 3 weeks 1 day 18 hours ago) and read 3987 times:

I am riding out my contract with AT&T so I can get a Samsung Android phone. Otherwise, iYawn. iDontcare.


Life in the wall is a drag.
User currently offlinemad99 From Spain, joined Mar 2012, 543 posts, RR: 0
Reply 100, posted (11 months 3 weeks 1 day 17 hours ago) and read 3974 times:

Looking forward to the ios7 and i'll keep the 4s for another year...maybe

User currently offlinemdavies06 From United Kingdom, joined Aug 2009, 382 posts, RR: 0
Reply 101, posted (11 months 3 weeks 1 day 16 hours ago) and read 3955 times:

If Apple is really aiming at emerging markets with the 'iphone 4S' - as 5C is far too expensive as a cheap phone, they should really make a small effort to at least revamp it by calling it iphone 5Z or something like that. Whilst people in emerging market are poorer, they are not going to be interested in a model that is at least 2 years old. It may perform well but compared with other phone makers who churn out a new model once a month or once every two months, this kind of once a year product release cycle is far too slow. People perception is important. They don't want to buy an old model that works ok. They want a new model that works at the same level and pay a bit less.

Also, on 5s vs 5c, I am surprised that they thought two seperate models are needed at all because the price differential is so small and the model are so similar. I mean is it to be expected that 5c will perform much worse than 5s, stutter and all?
The differential between models that matters to a user is getting smaller and they really need that giant step which will wow users again. I'd suggest they roll out the rumoured 4.8 inch model asap as a first step.


User currently offlineJJJ From Spain, joined May 2006, 1817 posts, RR: 1
Reply 102, posted (11 months 3 weeks 1 day 15 hours ago) and read 3975 times:

Quoting Klaus (Reply 94):
Given that Apple makes more money than their entire mobile phone competition combined, I doubt they feel any urgency to beat the others in a race to the bottom.

Samsung overtakes Apple as world's most profitable mobile phone maker

Falling profits from iPhone sales and strong demand for Galaxy handsets combine to end California firm's four-year reign

http://www.theguardian.com/technolog...sung-apple-profitable-mobile-phone


User currently offlineKen777 From United States of America, joined Mar 2004, 8225 posts, RR: 8
Reply 103, posted (11 months 3 weeks 1 day 14 hours ago) and read 3942 times:

Quoting JJJ (Reply 102):
Samsung overtakes Apple as world's most profitable mobile phone maker

Falling profits from iPhone sales and strong demand for Galaxy handsets combine to end California firm's four-year reign

This seems to me to be an annual event where, just before Apple releases new phones (or tablets) sales of the old product go down and Samsung looks to be surging past Apple.

Then Apple announces new products and Samsung falls behind, rushes around to catch up on new features (wasn't there something about them caught with their pants down on the colors in the 5C?). We'll soon see Samsung delivering some copycat color phones. Guess Samsung was slow because they were too busy copying the Dyson vacuum cleaner.  

(http://news.cnet.com/8301-17852_3-57602222-71/dyson-accuses-samsung-of-ripping-off-its-vacuum-cleaners/)

I missed the announcements as the Wife & I are in Venice on a vacation she richly deserves. Pulled something in my heel this AM slipping on the stairs so I am in the hotel room after taking a pain pill left over from kidney surgery. The extent of my understanding of the 5C comes from the videos and it's enough for me to believe that both the 5S and 5C will cow out the door.

Too often in the past Apple has been slammed when introducing a new product and this looks about the same. The new products are slammed and then explode in the areas of consumer desire and sales.

I believe that the 5C will be in very high demand and will be the killer phone for the mass markets. The 5S will benefit from the fingerprint technology - especially from commerce and the "gold" 5S will be a huge seller in the women's market and also the designer's market.

Most important for me is the 64 bit processor, which will provide a strong tie between teh iPhone, iPad and (at some point) a MacBook Air type notebook - all running iOS and pulling market share from MS.

Next month the new iPads will get a refresh with iOS 7 and a new processor - or at least one new processor.


User currently offlineMIAspotter From Spain, joined Nov 2001, 2758 posts, RR: 25
Reply 104, posted (11 months 3 weeks 1 day 14 hours ago) and read 3940 times:

Quoting mad99 (Reply 100):
Looking forward to the ios7 and i'll keep the 4s for another year...maybe

Same here, not quite impressed with the 5S (let alone the 5C) but as I said before, I will see what users think of it first, and then decide to buy or not.

MIAspotter



I think, therefore I don´t fly Ryanair.
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 105, posted (11 months 3 weeks 1 day 13 hours ago) and read 3933 times:

Quoting mdavies06 (Reply 101):
They don't want to buy an old model that works ok. They want a new model that works at the same level and pay a bit less.

They just won't get that either way. The 4S is still a high-end phone with (for most users) negligible differences to the the latest model, since you get the exact same iOS version on both (including subsequent upgrades, just not for quite as long as for the newer models). The physical quality alone is head and shoulders above any cheap Android with its glass-and-steel case and from my point of view even above the latest model.

Quoting JJJ (Reply 102):
Samsung overtakes Apple as world's most profitable mobile phone maker

Falling profits from iPhone sales and strong demand for Galaxy handsets combine to end California firm's four-year reign

Which is just not actually correct – journalists have been confusing different numbers between Apple and Samsung and others ran with it because it sounds so much more exciting than the more complicated truth:
http://appleinsider.com/articles/13/...-dethroned-apple-in-mobile-profits


User currently offlinena From Germany, joined Dec 1999, 10703 posts, RR: 9
Reply 106, posted (11 months 3 weeks 1 day 13 hours ago) and read 3915 times:

Its looks 250 Euros cheaper, and is 100 cheaper. Disappointing.

User currently offlineTLG From United States of America, joined Jul 2005, 370 posts, RR: 0
Reply 107, posted (11 months 3 weeks 1 day ago) and read 3789 times:

Is it accurate to look at a company's total profits? Both Apple & Samsung produce other things besides phones. Apple produces iPhones, iPods, iPads, computers, software, and services, and I imagine they make a profit from each of them. Samsung produces products other than phones as well. To be fair, shouldn't you look at Apple's profit from the iPhones, and compare that to the profit Samsung makes from their phones? If Exxon Mobile bought a Mexican restaurant, you could say that it would be the most profitable Mexican restaurant company on earth.

That said, I suppose it would be difficult to separate the profit since devices, software, and services are all intertwined.


User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 108, posted (11 months 3 weeks 23 hours ago) and read 3764 times:

Quoting TLG (Reply 107):
Is it accurate to look at a company's total profits? Both Apple & Samsung produce other things besides phones. Apple produces iPhones, iPods, iPads, computers, software, and services, and I imagine they make a profit from each of them. Samsung produces products other than phones as well. To be fair, shouldn't you look at Apple's profit from the iPhones, and compare that to the profit Samsung makes from their phones? If Exxon Mobile bought a Mexican restaurant, you could say that it would be the most profitable Mexican restaurant company on earth.

Exactly that is at the basis of the article I've linked to above. It is possible to make a much more educated guess than the lazy journalists with their sensationalist pieces did, but it takes some actual work.


User currently offlineTLG From United States of America, joined Jul 2005, 370 posts, RR: 0
Reply 109, posted (11 months 3 weeks 21 hours ago) and read 3748 times:

Quoting Klaus (Reply 108):
Exactly that is at the basis of the article I've linked to above. It is possible to make a much more educated guess than the lazy journalists with their sensationalist pieces did, but it takes some actual work.

I'll be honest with you, I hadn't even clicked the link you supplied. The reason is that when looking for information like this I don't rely on any website with "apple" or "samsung" or "android" or "microsoft" or "any specific tech company" in the URL. However, I did read over it, and what I gathered is that whoever did the research doesn't really know. The results are based on assumption. But it is as believable as anything I've read.

One thing is clear: both Samsung and Apple make more money than I do!

But no matter whether Apple or Samsung makes the most profit; who cares? Walmart makes more money than any other retailer in the world. Does that mean they have the best products? No, it means that the difference between their expenses and income is greater than that of any other retailer.

[Edited 2013-09-11 18:22:06]

User currently offlineRedd From Poland, joined Jan 2013, 96 posts, RR: 0
Reply 110, posted (11 months 3 weeks 11 hours ago) and read 3683 times:

http://www.youtube.com/watch?v=1sIWez9HAbA


A good laugh about the new iPhones  


User currently offlinecasinterest From United States of America, joined Feb 2005, 4588 posts, RR: 2
Reply 111, posted (11 months 3 weeks 9 hours ago) and read 3643 times:

Quoting Klaus (Reply 88):
I don't think so, because the expressed purpose of that extra chip is apparently to track(!) sensor data while the main processor is in sleep mode. During game play the main CPU is in high-performance mode anyway much of the time (if not permanently), so the extra chip wouldn't have much of any benefit.

The main purpose appears to be tracking(!) motion while the iPhone is in your pocket and (at least much of the time) the main CPU is asleep while the M7 collects and buffers sensor data at much lower power consumption for this task, consuming less of your battery charge than the main CPU would for the same purpose.

No, the M7 is there for aggregation of data and interpretation of movements and sounds that the active chip does not want to burden itself with and send those events to the main processor to handle. This is much like the use of DSP's for audio and video. you dedicate a processor to do what it does best with input streams and interpret the data so the main CPU doesn't have to. This can go a long way towards fitness applications, but also towards game play and other items.

Quoting Luftfahrer (Reply 93):
No thanks!

It's more of a feature for the paranoid, and unfortunately that will involve Security Administrators in many corporations that want to protect data. It is a very sellable feature.



Older than I just was ,and younger than I will soo be.
User currently offlineAcheron From Spain, joined Sep 2005, 1638 posts, RR: 2
Reply 112, posted (11 months 3 weeks 9 hours ago) and read 3642 times:

Quoting scbriml (Reply 4):
Seriously, for someone who really wants to get into your phone, dealing with a PIN is easier than trying to lift fingerprints.

The NSA now gets both with the 5S. Handing your fingerprints for free, lol.

And I found this related bit of news as quite amusing:

Quote:
A purported secret presentation leaked by Edward Snowden presents screengrabs from Apple's iconic 1984 commercial followed by pictures of Steve Jobs, saying "Who knew in 1984 ... that [Steve Jobs] would be Big Brother ... and the zombies would be paying customers?"

The implication of the presentation is that iPhone users are somehow complicit in their own surveillance by buying iPhones in the first place.
http://www.businessinsider.com/nsa-i...n-der-spiegel-2013-9#ixzz2egbkgcvP

Lol, zombies...


User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 113, posted (11 months 3 weeks 5 hours ago) and read 3593 times:

Quoting Redd (Reply 110):
A good laugh about the new iPhones

It's pretty obvious that video was made before the presentation, without a clue of the actual product. But in line with the tenor of that video: Why bother with pesky facts, when your own existing prejudices can just be warmed over so much more easily...?
 

Quoting casinterest (Reply 111):
No, the M7 is there for aggregation of data and interpretation of movements and sounds that the active chip does not want to burden itself with and send those events to the main processor to handle. This is much like the use of DSP's for audio and video. you dedicate a processor to do what it does best with input streams and interpret the data so the main CPU doesn't have to. This can go a long way towards fitness applications, but also towards game play and other items.

No, that doesn't add up at all. The sensors the M7 is catering to sensors with very slow acquisition rates, which wouldn't stress the A7 at all. It wouldn't make any sense to insert a chip just to offload that little throughput.

But what you don't want when the device is in idle is having to wake up the big, relatively power-hungry CPU from its power-down mode many times per second when all you need is just fetching a few bytes from a few slow sensors for hours on end. That is a perfect task for a slow-clocked, low-power slave processor: The M7.

According to Apple:

http://www.apple.com/iphone-5s/design/

Quoting Apple:
The new M7 coprocessor is designed to make iPhone 5s even more efficient. It offloads work from the A7 chip by collecting motion data from the accelerometer, gyroscope, and compass. Apps can then use this data without constantly engaging the A7 chip. Because M7 is engineered for this specific task, it uses significantly less power than A7 would require. So again, battery life is spared.


User currently offlinecasinterest From United States of America, joined Feb 2005, 4588 posts, RR: 2
Reply 114, posted (11 months 3 weeks 5 hours ago) and read 3586 times:

Quoting Klaus (Reply 113):
But what you don't want when the device is in idle is having to wake up the big, relatively power-hungry CPU from its power-down mode many times per second when all you need is just fetching a few bytes from a few slow sensors for hours on end. That is a perfect task for a slow-clocked, low-power slave processor: The M7.

Right, but looking at every bit of input and processing it, is still a valuable offset to the load that the main CPU is performing. It is a dedicated task. These aren't necessarily low intensity efforts. they require specialization and free up the CPU to do more important tasks while waiting for the menial work to be done. It is like a stamp licker. The CEO can do it, but it is much more efficient to let a low level admin do it and just report back when it is done.



Older than I just was ,and younger than I will soo be.
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 115, posted (11 months 3 weeks 4 hours ago) and read 3580 times:

Quoting casinterest (Reply 114):
Right, but looking at every bit of input and processing it, is still a valuable offset to the load that the main CPU is performing. It is a dedicated task. These aren't necessarily low intensity efforts. they require specialization and free up the CPU to do more important tasks while waiting for the menial work to be done. It is like a stamp licker. The CEO can do it, but it is much more efficient to let a low level admin do it and just report back when it is done.

Your metaphor has it right in one aspect: The CEO would cost a lot more in performing the same task, just like the main CPU would.

Slow sensor data acquisition is a low-intensity task, however. The processor doing it must wake up maybe 10 or 50 times per second, fetch a few bytes from the respective sensors, apply some filtering to the data, put the results into an aggregation buffer, tell the sensors to start their next sample and stop again.

Low-power controllers don't have fancy power-ramping features because they don't need them (this is one of the reasons why waking the main CPU up and putting it back to sleep is power-inefficient). They are simple, static logic which doesn't really need actual "sleep" states like a bigger CPU does. They are simply stopped and consume practically no current any more. It's basically on the level of an LCD watch. This kind of design cannot reach gigahertz clock rates, but it can run slowly at extreme efficiency.


User currently offlineKen777 From United States of America, joined Mar 2004, 8225 posts, RR: 8
Reply 116, posted (11 months 3 weeks 3 hours ago) and read 3557 times:

Quoting Acheron (Reply 112):
The implication of the presentation is that iPhone users are somehow complicit in their own surveillance by buying iPhones in the first place.

And obviously you and I are now somehow complicit in our own surveillance by writing in this thread.  


User currently offlinezckls04 From United States of America, joined Dec 2011, 1332 posts, RR: 3
Reply 117, posted (11 months 3 weeks 2 hours ago) and read 3547 times:

Quoting cmf (Reply 32):
Reality is that lifting a fingerprint and making a good enough copy to fool a reader is a much more complicated task than lifting a pin code. Again, considering real life and not theoretical life.
Quoting ManuCH (Reply 37):
If someone goes as far as trying to lift your fingerprints to gain access to your iPhone, you're probably storing way too valuable information (trade secrets of a large company? government secrets?) inside said iPhone.
Quoting DocLightning (Reply 45):
How many petty smartphone thieves are going to be willing to go to it to unlock a phone that will probably be remotely wiped and deactivated, anyway?

A thief doesn't steal a smartphone to sell on to an end user (or use himself). A lot of smartphone thieves are either employed by or sell their phones to much larger criminal networks. With the volume such operations generate it may well be within their budget to purchase the necessary equipment. The phones would have to be handled with some care, but it's not impossible to see how such an operation could work.

Once you realize the scale of these operations a fingerprint suddenly seems rather less secure than a PIN.



If you're not sure whether to use a piece of punctuation, it's best not to.
User currently offlinevirginblue4 From United Kingdom, joined Jun 2008, 902 posts, RR: 0
Reply 118, posted (11 months 3 weeks 2 hours ago) and read 3538 times:

Quoting zckls04 (Reply 117):

Well with activation lock in iOS 7, stealing an iOS device is going to be a pretty pointless thing to do.



The amazing tale of flight.
User currently onlineRara From Germany, joined Jan 2007, 2079 posts, RR: 2
Reply 119, posted (11 months 3 weeks 1 hour ago) and read 3523 times:

Quoting virginblue4 (Reply 118):
Well with activation lock in iOS 7, stealing an iOS device is going to be a pretty pointless thing to do.

We'll see. Chances are there'll always be a use for an iOS device, whichever way acquired.



Samson was a biblical tough guy, but his dad Samsonite was even more of a hard case.
User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 120, posted (11 months 3 weeks 1 hour ago) and read 3522 times:

Quoting zckls04 (Reply 117):
Once you realize the scale of these operations a fingerprint suddenly seems rather less secure than a PIN.

No, those operations use other methods.


User currently offlinezckls04 From United States of America, joined Dec 2011, 1332 posts, RR: 3
Reply 121, posted (11 months 3 weeks ago) and read 3509 times:

Quoting cmf (Reply 120):
No, those operations use other methods.

Other methods to what?



If you're not sure whether to use a piece of punctuation, it's best not to.
User currently offlineAcheron From Spain, joined Sep 2005, 1638 posts, RR: 2
Reply 122, posted (11 months 3 weeks ago) and read 3513 times:

Quoting Ken777 (Reply 116):
And obviously you and I are now somehow complicit in our own surveillance by writing in this thread.  

Hey, I'm not the one who is going to run into an Apple Store to buy a device that will give the NSA my fingerprint for free and without any effort  


User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 123, posted (11 months 2 weeks 6 days 20 hours ago) and read 3481 times:

Quoting zckls04 (Reply 121):
Other methods to what?

What do you think? It was you who brought up that there are leagues dealing with stolen phones, What do you think they do with them?


User currently offlinezckls04 From United States of America, joined Dec 2011, 1332 posts, RR: 3
Reply 124, posted (11 months 2 weeks 6 days 20 hours ago) and read 3482 times:

Quoting cmf (Reply 123):
What do you think? It was you who brought up that there are leagues dealing with stolen phones, What do you think they do with them?

I am asking you to clarify your statement, because the logical interpretation of what you said is "they use other methods to", followed by my previous statement, namely:

Quoting zckls04 (Reply 117):
With the volume such operations generate it may well be within their budget to purchase the necessary equipment. The phones would have to be handled with some care, but it's not impossible to see how such an operation could work.

Since I am clearly talking in hypotheticals, and the iPhone is the first mainstream phone to incorporate a fingerprint sensor, then it is obvious that these networks "use other means". Why would they develop methods to break a non-existent piece of security?

What am I missing? I'm eager to be elucidated.



If you're not sure whether to use a piece of punctuation, it's best not to.
User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 125, posted (11 months 2 weeks 6 days 12 hours ago) and read 3451 times:

Quoting zckls04 (Reply 124):
Since I am clearly talking in hypotheticals, and the iPhone is the first mainstream phone to incorporate a fingerprint sensor, then it is obvious that these networks "use other means". Why would they develop methods to break a non-existent piece of security?

What am I missing? I'm eager to be elucidated.

You proposed those organizations would start using fingerprints. They won't because using fingerprints require more resources than the other methods they use now. A factory restore is all they want. You don't need the pin code to do that today so why should you get the fingerprint to do it with the 5S?


User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 126, posted (11 months 2 weeks 6 days 9 hours ago) and read 3423 times:

Quoting cmf (Reply 125):
You proposed those organizations would start using fingerprints. They won't because using fingerprints require more resources than the other methods they use now.

Which "other methods" are these, pray tell?

With a locked iPhone 4S, 5, 5C or 5S?

Apple won't help a criminal operation out, so even weak passcodes are out of reach for them.

Contrary to your earlier claims, it has nothing to do with Apple being "more determined" or having some other generic resources a criminal could hope to duplicate – Apple has the private firmware key to sign alternate firmware versions, and that key has never been leaked to the outside to my knowledge (to prevent that from happening, they force even law enforcement to physically ship the devices to them).

Quoting cmf (Reply 125):
A factory restore is all they want. You don't need the pin code to do that today so why should you get the fingerprint to do it with the 5S?

It just got worse for them with iOS 7: Now they need the iTunes account password of the user to even wipe a device.

Cracking of locked devices has been unfeasible for a while already; Wiping them for resale is just now becoming unfeasible as well.

Or which concrete information to the contrary do you have?


User currently offlinezckls04 From United States of America, joined Dec 2011, 1332 posts, RR: 3
Reply 127, posted (11 months 2 weeks 6 days 7 hours ago) and read 3421 times:

Quoting cmf (Reply 125):
You proposed those organizations would start using fingerprints. They won't because using fingerprints require more resources than the other methods they use now. A factory restore is all they want. You don't need the pin code to do that today so why should you get the fingerprint to do it with the 5S?

In other words, they factory restore because they are unable to access the data any other way, because they don't know and cannot crack the password, if somebody chooses to put one on.

If you haven't watched somebody type the password (and the password is not one of the ten most common) you can't access the data. That makes it by definition more secure than fingerprints when used as intended. The earlier assertion was that this is not the case because the petty thief does not have the ability to purchase the required equipment, so I was making the point that when many phones are concatenated through a network the costs equations may tilt in favor of doing this kind of hack.

The key word being "may", since we don't know exactly how much useful data the average iPhone has nor the actual cost of the equipment to lift a fingerprint. However at best the fingerprint sensor would be as secure as a properly used password, not more so. This is because as you state above it is currently impractical for thieves to do anything than factory reset the device when password protected.



If you're not sure whether to use a piece of punctuation, it's best not to.
User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 128, posted (11 months 2 weeks 6 days 6 hours ago) and read 3395 times:

Quoting Klaus (Reply 126):
Which "other methods" are these, pray tell?

Ask the leagues selling stolen iphones.

Quoting zckls04 (Reply 127):
In other words, they factory restore because they are unable to access the data any other way, because they don't know and cannot crack the password, if somebody chooses to put one on.

No, because the leagues are interested in selling them. They do not find the time spent in wading through data worthwhile.

It is the mainly people around you that you should worry about for data. They are the ones praying on your messages, etc. They are the ones around you when you enter your pin code. They are not likely to go through the effort of lifting and creating fingerprints.

Quoting zckls04 (Reply 127):
nor the actual cost of the equipment to lift a fingerprint.

Main cost is time. If you have a solution that works with the scanner you use.

Quoting zckls04 (Reply 127):
However at best the fingerprint sensor would be as secure as a properly used password, not more so.

No, the best fingerprint sensor is significantly more secure as it will not be fooled. It is the cheaper fingerprint sensors that are equal.

Quoting zckls04 (Reply 127):
This is because as you state above it is currently impractical for thieves to do anything than factory reset the device when password protected.

I really think no interest is more accurate. If they thought data was worthwhile they would find ways to steal XRY or similar SW and go to town.


User currently offlinezckls04 From United States of America, joined Dec 2011, 1332 posts, RR: 3
Reply 129, posted (11 months 2 weeks 6 days 4 hours ago) and read 3375 times:

Quoting cmf (Reply 128):
No, the best fingerprint sensor is significantly more secure as it will not be fooled. It is the cheaper fingerprint sensors that are equal.

Assuming the iPhone uses the most sophisticated fingerprint scanner possible, it can only be as secure as a properly used password. If it is a less sophisticated device which can be fooled, it is less secure than a properly used password.

Quoting cmf (Reply 128):
They do not find the time spent in wading through data worthwhile.

That can be largely automated, the same way it is with many trojans. The only real time investment is the actual hack.

Quoting cmf (Reply 128):
It is the mainly people around you that you should worry about for data. They are the ones praying on your messages, etc. They are the ones around you when you enter your pin code. They are not likely to go through the effort of lifting and creating fingerprints.

Hence, don't tell them or show them your password. Pretty simple to do.



If you're not sure whether to use a piece of punctuation, it's best not to.
User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Reply 130, posted (11 months 2 weeks 6 days 2 hours ago) and read 3355 times:

Sweaty types may find the iPhone 5S fingerprint sensor a challenge, Apple tells WSJ
No doubt there are more than a few hardcore Apple fans out there already scrubbing their fingertips with the best cleaning products available in giddy anticipation of next week’s launch of the iPhone 5S, which for the first time incorporates a fingerprint sensor.
For owners of the new device, it’ll mean no more four-digit codes for unlocking the handset and no more passwords for making purchases from iTunes and the App Store. Simply press the tip of your finger on the

Touch ID sensor and the necessary deed will be done. Hopefully.
A company spokesperson told the Wall Street Journal on Wednesday that testers at Apple found that the new feature “sometimes doesn’t work with moisture-laden fingers covered in sweat, lotion or other liquids.”
With the iPhone 4’s antennagate incident in 2010 still fresh in the minds of many at Apple, you can bet there are employees at its Cupertino campus walking around right now with bandaged fingers battered by endless tortuous trials involving the new feature. But it still may not be perfect.
Latex finger gloves
So what do such comments mean for would-be iPhone 5S owners who spend most of their time in the gym or live in swelteringly hot locations? Or those with hands that are naturally clammy and never seem to get dry no matter how many times they wipe them on clothes, towels, or indeed every absorbant material known to man? Should they hold off buying the new phone to see if sweatyfingergate hits the headlines – a situation that could result in Apple’s crisis management team sending out thousands of latex finger gloves with unique prints to damp, disgruntled users.

http://www.digitaltrends.com/mobile/...5s-fingerprint-sensor-a-challenge/


User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 131, posted (11 months 2 weeks 6 days 1 hour ago) and read 3345 times:

Quoting zckls04 (Reply 129):
Assuming the iPhone uses the most sophisticated fingerprint scanner possible, it can only be as secure as a properly used password.

Still no.

Quoting zckls04 (Reply 129):
If it is a less sophisticated device which can be fooled, it is less secure than a properly used password

It will be more secure in some ways and less in others. Passwords have lost most of their security.

Quoting zckls04 (Reply 129):
That can be largely automated, the same way it is with many trojans. The only real time investment is the actual hack.

You're unlikely to find anything of value you can't find cheaper in other ways.

Quoting zckls04 (Reply 129):
Hence, don't tell them or show them your password. Pretty simple to do.

Not showing the password is actually quite hard t. Especially if you need to enter it as often as people tend to do with their phones. Even more so because of the environments where phones are used.


User currently offlinezckls04 From United States of America, joined Dec 2011, 1332 posts, RR: 3
Reply 132, posted (11 months 2 weeks 5 days 23 hours ago) and read 3338 times:

Quoting cmf (Reply 131):
Still no.

Saying no don't make it so. If you are careful not to show anybody your password and pick a strong one (hence: used properly) there is as near to a zero chance of them guessing it in ten tries as makes no odds. That's just a fact.

Quoting cmf (Reply 131):
It will be more secure in some ways and less in others. Passwords have lost most of their security.

No, it just seems that way. Having a password, even a carelessly used one, gives you protection in the vast majority of circumstances. Most iPhones are lost, robbed or pickpocketed. Thieves tend to work as fast as they can- they don't sit around waiting for you to type a code so they can peer over your shoulder.

Quoting cmf (Reply 131):
You're unlikely to find anything of value you can't find cheaper in other ways.

Hence:

Quoting zckls04 (Reply 127):
The key word being "may", since we don't know exactly how much useful data the average iPhone has nor the actual cost of the equipment to lift a fingerprint.
Quoting cmf (Reply 131):
Not showing the password is actually quite hard.

I guess this is the crux of things. Personally I think it's incredibly easy.



If you're not sure whether to use a piece of punctuation, it's best not to.
User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 133, posted (11 months 2 weeks 5 days 22 hours ago) and read 3325 times:

Quoting zckls04 (Reply 132):
If you are careful not to show anybody your password and pick a strong one (hence: used properly) there is as near to a zero chance of them guessing it in ten tries as makes no odds. That's just a fact.

Even klaus admitted he isn't perfect. People do pick up passwords all the time. That is fact.

Quoting zckls04 (Reply 132):
Having a password, even a carelessly used one, gives you protection in the vast majority of circumstances.

It does give you protection. It just is very vulnerable to the people around you. The people who are most likely to want your data. Fingerprints on the other hand are not very vulnerable to them because the effort is too high.

When you look at the people who steal your phone to sell it a pin code or fingerprint makes no difference. The way to solve that is to block IMEI but because so many operators fail to corroborate there is still a market.

Quoting zckls04 (Reply 132):
I guess this is the crux of things. Personally I think it's incredibly easy.

You're overconfident or a freak of nature. Experience from when I did defense work is that people mess up a lot. Then add installation of hidden cameras and it is simple.


User currently offlinezckls04 From United States of America, joined Dec 2011, 1332 posts, RR: 3
Reply 134, posted (11 months 2 weeks 5 days 21 hours ago) and read 3321 times:

Quoting cmf (Reply 133):
You're overconfident or a freak of nature. Experience from when I did defense work is that people mess up a lot. Then add installation of hidden cameras and it is simple.

Woah there- hidden cameras? I think we're straying into a rather fantastic scenario. Phones don't stay in one place. Hidden cameras would be ludicrously impractical for such a scheme. Is there any evidence such a crime has ever been perpetrated? Sure, it's possible with an ATM when you only have to read a 4 digit number, but a password on a tiny iPhone screen?

Quoting cmf (Reply 133):
It does give you protection. It just is very vulnerable to the people around you. The people who are most likely to want your data.

Who are these people around you? Your friends, your colleagues? I don't think so. Thieves? As before, thieves don't hang around. Unless they're very dumb thieves. They just want to get the merch and move on; they don't hang around waiting for you to show your password then hope you leave your phone in a vulnerable place. That would be a losing strategy.



If you're not sure whether to use a piece of punctuation, it's best not to.
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 135, posted (11 months 2 weeks 5 days 21 hours ago) and read 3322 times:



Quoting cmf (Reply 128):


Quoting Klaus,reply=126:
Which "other methods" are these, pray tell?

Ask the leagues selling stolen iphones.
Unprotected iPhones can still be extracted, wiped and resold, and iOS 7 and the iPhone 5S won't change that as far as I'm aware..

Protected ones practically cannot be extracted, but until iOS 7 arrives, they can still be wiped and resold.

With the iPhone 5S the number of unprotected iPhones will shrink further, and with that the likelihood to actually get at user data via device theft.

With iOS 7 the option to wipe a protected iPhone will go away as well.

This leaves only the remaining unprotected iPhones as a target for data and device thieves – with the likelihood falling that a stolen iPhone can be extracted and resold, the incentive to steal one shrinks as well.

Quoting cmf (Reply 128):
No, the best fingerprint sensor is significantly more secure as it will not be fooled. It is the cheaper fingerprint sensors that are equal.

Not true. Even the best fingerprint sensor only works statistically: It has a nonzero false-negative and a false-positive error probability, and in a consumer device this will be skewed towards false-positive in order to achieve better convenience. Ideally this should be adjustable at least, but I haven't seen that hinted at.

As I've said above: I give it a week until the first faked fingerprint crack.

Quoting OA260 (Reply 130):
For owners of the new device, it’ll mean no more four-digit codes for unlocking the handset and no more passwords for making purchases from iTunes and the App Store. Simply press the tip of your finger on the Touch ID sensor and the necessary deed will be done. Hopefully.

Just for completeness' sake: Four-digit PIN codes are only the base level for iOS passcodes. You can always choose to set an alphanumeric passphrase of any length you desire, putting the standard cracking methods completely out of range as long as the underlying cryptography remains sound.

Quoting OA260 (Reply 130):
With the iPhone 4’s antennagate incident in 2010 still fresh in the minds of many at Apple,

That was mostly a hoax, an artificially cooked-up hype about something that affects absolutely every mobile phone on the planet (right down to all kinds of user manuals describing exactly the same effect for those devices). But the exact same effect on an Apple product of course immediately justifies the "-Gate" signifier as we all know...!  mischievous 

It is telling that the iPhone 4 kept being sold unchanged right up to now with a deafening lack of outrage from the customers. At least the iPhone 4S, 5 and 5S (and effectively the 5C as well) use the exact same antenna technology, just with an added diversity mechanism owed to newer chipsets.

Quoting cmf (Reply 131):
Passwords have lost most of their security.

Still no. See zckls04's post above and my earlier ones.

Quoting cmf (Reply 131):
Not showing the password is actually quite hard t. Especially if you need to enter it as often as people tend to do with their phones. Even more so because of the environments where phones are used.

If you can't manage to hide your passcode when entering it, then just change it afterwards.

Quoting cmf (Reply 133):
Even klaus admitted he isn't perfect. People do pick up passwords all the time. That is fact.

You misunderstand the way data security works. Passwords are inherently less than "perfect", because they inherently provide the theoretical possibility that an attacker could simply stumble on the proper password by random accident.

The point of a good password is to reduce that probability to below any reasonable significance level.

Quoting cmf (Reply 133):
It does give you protection. It just is very vulnerable to the people around you. The people who are most likely to want your data.

That may depend on the type of people you're hanging out with.

Quoting cmf (Reply 133):
Fingerprints on the other hand are not very vulnerable to them because the effort is too high.

There have been many counter-examples to that already.

Quoting cmf (Reply 133):
When you look at the people who steal your phone to sell it a pin code or fingerprint makes no difference. The way to solve that is to block IMEI but because so many operators fail to corroborate there is still a market.

Such an IMEI block has turned out to be practically worthless so far, not least because the stolen devices can simply be exported to somewhere where the blacklists are not observed.

No, actually good protection at this point needs:
• A passcode set (or a fingerprint for at least rudimentary protection).
• iOS 7 which prevents a wipe and reset unless the person has the owner's iTunes account name and password.

[Edited 2013-09-13 18:48:40]

User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 136, posted (11 months 2 weeks 5 days 20 hours ago) and read 3311 times:

Quoting zckls04 (Reply 134):
I think we're straying into a rather fantastic scenario.

Happened when you guys suggested lifting fingerprints and fooling the sensors.

Quoting zckls04 (Reply 134):
Is there any evidence such a crime has ever been perpetrated?

That's what you try to attack after suggesting lifting fingerprints to fool the sensor? But yes, it has been used. Don't know about phones but I do know about on computers.

Quoting zckls04 (Reply 134):
Who are these people around you? Your friends, your colleagues? I don't think so. Thieves?

Spouses is very common. You'd be amazed how often I'm asked to install key trackers on computers.

Quoting zckls04 (Reply 134):
Thieves? As before, thieves don't hang around. Unless they're very dumb thieves.

Again, thieves are generally stealing to sell the phone. getting access to phones are people around you.

Quoting zckls04 (Reply 134):
That would be a losing strategy.

That's what I have been saying.

Quoting Klaus (Reply 135):
Protected ones practically cannot be extracted, but until iOS 7 arrives, they can still be wiped and resold.

I'm sure there are plenty of bugs they know how to explore. Would be strange if IOS is the exemption from bugs.

Quoting Klaus (Reply 135):
Not true. Even the best fingerprint sensor only works statistically

Good luck fooling a good fingerprint scanner.

Quoting Klaus (Reply 135):
I give it a week until the first faked fingerprint crack

Very possible. Plenty of new code uncertainty about how well the sensor behaves. Would be strange if they don't find some bugs in it. Just as they have found plenty enough other bugs to open up locked iPhones before.

Quoting Klaus (Reply 135):
Still no. See zckls04's post above and my earlier ones.

Still yes. Steve Gibson of GRC provide reasonably simplified explanations.

Quoting Klaus (Reply 135):
If you can't manage to hide your passcode when entering it, then just change it afterwards.

Theoretical, not reality.

Quoting Klaus (Reply 135):
The point of a good password is to reduce that probability to below any reasonable significance level.

No, given enough time the probability is always 100%. The point of an access system is to make it so time consuming it isn't worthwhile.

Quoting Klaus (Reply 135):
That may depend on the type of people you're hanging out with.

Spouses, family, friends and colleagues are the most common. I suspect you have them too.

Quoting Klaus (Reply 135):
There have been many counter-examples to that already.

Really, where? How often has people gained access to computers by lifting fingerprints vs finding passwords? They are afterall usually the simplest scanners so most susceptible to the methods you propose.

Quoting Klaus (Reply 135):
Such an IMEI block has turned out to be practically worthless so far

Ding, ding ding. What was it I said.

Quoting Klaus (Reply 135):
A passcode set (or a fingerprint for at least rudimentary protection)

Again, better in some cases. Worse in the most common.

Quoting Klaus (Reply 135):
iOS 7 which prevents a wipe and reset unless the person has the owner's iTunes account name and password.

Clearly Apple wrote perfect code for this. Unlike the fingerprint SW that is very buggy...


User currently offlinezckls04 From United States of America, joined Dec 2011, 1332 posts, RR: 3
Reply 137, posted (11 months 2 weeks 5 days 18 hours ago) and read 3302 times:

Quoting cmf (Reply 136):
Happened when you guys suggested lifting fingerprints and fooling the sensors.

Well that depends on the accuracy of the sensors, and the technology available to fool it. Technology marches on, but no matter the technology your hidden camera scheme will never work.

This isn't theoretical stuff- this is from over ten years ago, and that was before the advent of 3d printing:

http://www.geek.com/news/fingerprint-sensors-hacked-549909/

And remember, once your fingerprint is in the public domain, you can't reset it.

Quoting cmf (Reply 136):
But yes, it has been used. Don't know about phones but I do know about on computers.

Computers don't move around. The fact that phones do makes them practically impervious to a hidden camera scheme.

Quoting cmf (Reply 136):
Spouses is very common. You'd be amazed how often I'm asked to install key trackers on computers.

But in the real world I've never met an iPhone user whose spouse doesn't know their iPhone password, so that's somewhat irrelevant.

Quoting cmf (Reply 136):
Still yes. Steve Gibson of GRC provide reasonably simplified explanations.

Can you provide a link?

Quoting cmf (Reply 136):
No, given enough time the probability is always 100%. The point of an access system is to make it so time consuming it isn't worthwhile.

That assumes you get unlimited tries.



If you're not sure whether to use a piece of punctuation, it's best not to.
User currently offlineBill142 From Australia, joined Aug 2004, 8445 posts, RR: 8
Reply 138, posted (11 months 2 weeks 5 days 17 hours ago) and read 3299 times:

Quoting cmf (Reply 136):
I'm sure there are plenty of bugs they know how to explore. Would be strange if IOS is the exemption from bugs.

Some people here think it is.


User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 139, posted (11 months 2 weeks 5 days 15 hours ago) and read 3291 times:

Quoting zckls04 (Reply 137):
Well that depends on the accuracy of the sensors, and the technology available to fool it.

As I have said over and over again. It really depends on what you're trying to protect if it matters. If all you want to get rid off are the opportunists then even the worst fingerprint scanner provide enough protection.

Quoting zckls04 (Reply 137):
your hidden camera scheme will never work.

Yet it has been used. It takes less effort than your lifting fingerprint and create substitute and require no skill.

Quoting zckls04 (Reply 137):
This isn't theoretical stuff- this is from over ten years ago, and that was before the advent of 3d printing:

Yet again, it only works on the simple scanners and even in that case it only matters if what is protected is worth the effort. As the article you posted says:

"If we're using fingerprint biometrics to get into our server rooms, then most people aren't going to go through much trouble to swipe the glass we held at a restaurant when we go out for a Friday IT department lunch, and then do the various processes to make a gummy finger with our print."

Quoting zckls04 (Reply 137):
Computers don't move around. The fact that phones do makes them practically impervious to a hidden camera scheme.

Actually they do. But the key point in this case is that you will regularly use your phone at certain locations.

Quoting zckls04 (Reply 137):
But in the real world I've never met an iPhone user whose spouse doesn't know their iPhone password, so that's somewhat irrelevant.

You don't know the real world then. It happens all the time.

Quoting zckls04 (Reply 137):
Can you provide a link?

https://www.grc.com/securitynow.htm

There are 421 episodes right now. I am not going to look through them to find the exact points.

Quoting zckls04 (Reply 137):
That assumes you get unlimited tries.

Very often you do. You just need to shutdown the system between. Or you are able to create a virtual copy that you work on.

Quoting Bill142 (Reply 138):
Some people here think it is.

All but one module   


User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 140, posted (11 months 2 weeks 5 days 11 hours ago) and read 3277 times:

cmf, your problem is that you're insisting on making general conclusions and absolute claims but you are not equipped to back those up with sufficient evidence.

You claim that passwords can always be broken.

That is not true in reality. Good passwords with good encryption cannot be broken with any substatial probability, let alone always as you claim.

You claim that passwords were "useless" anyway, which would be true if they could always be broken; That just isn't true, so as above: Good passwords with good encryption are not "useless" at all – but both of these must actually be used.

Your imaginations about breaking into iOS devices are also contradicted by your own statements above, saying that "you" were breaking into iOS devices by shipping them to Apple (apparently you're in law enforcement, going through the process via court orders).

Apart from you apparently not knowing what that the technical process behind that procedure actually is, the fact that "you" cannot simply apply a cracking tool in house "yourselves" but instead have to jump through hoops and wait for your turn at Apple instead is a pretty clear indication that at least at this point there is no such way if you don't have Apple's private firmware key.

You may imagine "bugs" of any kind as much as you like, but at least at this time there are no known ones. And given the very small exposed surface of the unlock mechanism of an iOS device, the issue is not about any bugs at all, but specifically bugs in the unlocking mechanism and again specifically exploitable bugs.

As I had explained before, Apple did in fact have such a severe bug in the boot ROM of the older devices which was in fact exploited by the "jailbreaking" community and probably by others as well, but a) that bug also just let them circumvent the outer access layer (rendering the going-through-Apple route unnecessary), b) even with that bug the second encryption level remained out of reach when good passcodes were used and c) that bug has been fixed since the iPhone 4S and iPad 2. No cold break in on that route to a locked newer device has become known since then, and not for lack of intense trying.

Bugs are not impossible, but notably apart from the actual boot ROM they can be fixed via firmware updates. And at least as of now, there is no externally known way to break into a properly protected iOS device – not even via Apple.

It is of course not fundamentally impossible, but very far outside of practicality. (And your organisation will likely get back the occasional device from Apple with the remark that the data could not be extracted when the owner had actually used a proper passcode.)

The main problem of your argumentation is that you're making absolute claims – claiming that passwords were definitely and absolutely weaker than fingerprints, and that is still nonsense. That is still not borne out by the facts.

It still depends on many factors what level of security you can reach with which kinds of measures. It is a matter of weighing the advantages and drawbacks of either approach based on one's own habits, circumstances, capabilities and technical options.

No absolute statements to be had there, unfortunately. These matters remain nontrivial.

Quoting cmf (Reply 136):
Quoting Klaus (Reply 135):
iOS 7 which prevents a wipe and reset unless the person has the owner's iTunes account name and password.

Clearly Apple wrote perfect code for this. Unlike the fingerprint SW that is very buggy...

Even though it is not a piece of cake, an implementation of mathematical encryption / security code can in fact be made "perfect", exactly performing the mathematically specified algorithm without any bugs, to precisely accept only keys exactly matching the stored hash and to precisely reject all others. There can be algorithmic weaknesses on the mathematical level (as discussed before) and passwords can be chosen badly from or too close to cracking dictionary entries. But these mistakes are controllable well enough; And, of course, in most systems you can change passwords at any time and as often as you like.

(To bust another TV and movie myth: "Perfect" code is actually possible and in fact rather common – just difficult to produce in larger quantities for more complex algorithms. For particularly critical code there are various tools and methods to expand the range where this is possible, however.)

Fingerprint readers are like all other sensors: They provide a statistical range of input which necessarily needs to be filtered for noise and distortions and a capture range of accepted inputs needs to be defined. With biometric sensors that range must have a relative large width or you'd have to use multiple tries all the time, negating the convenience advantage.

The filtering and matching is an analog process, just encoded digitally, but still inherently in need of calibration and fuzzy decision ranges. And, of course, you can't change your fingerprints (at least not practically).

In addition, the algorithms should have good fake rejection, which is a challenge for fingerprints in particular. (There is no indication yet that the 5S sensor can sense multiple factors, but this will of course need more detailed analysis.)

These are inherent differences between these approaches, not automatically negating the usefulness of one or the other, but reasons why their use can and should depend on the circumstances.

Quoting cmf (Reply 139):
Quoting zckls04 (Reply 137):
That assumes you get unlimited tries.

Very often you do. You just need to shutdown the system between. Or you are able to create a virtual copy that you work on.

All not possible with a properly configured iOS device. Not even low-level imaging of the flash content would get you anywhere, since the data is encrypted individually per device and the individual device key is not extractable, unless maybe(!) with extreme and exotic effort for a single device.

It is not that all your arguments were completely without merit – they just don't allow the kinds of absolute conclusions you're making.


User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 141, posted (11 months 2 weeks 5 days 8 hours ago) and read 3230 times:

Quoting Klaus (Reply 140):

cmf, your problem is that you're insisting on making general conclusions and absolute claims but you are not equipped to back those up with sufficient evidence.

You keep looking at the problem from just one side and then support it in the same way you object me supporting my claims.

Let me try to open your eyes yet another time.

1 – Realize this is first and most a human problem.
If it wasn't for that humans will try to access and steal other people’s phones there would be no need for any of this.

2 – Because it is a human problem you need to consider what humans will do.
Per Apple more than 50% of all iPhone users leave their phones open. When you can’t make them use a 4 digit pin code how can you propose a longer more complicated password is the solution?
A major reason why they don't use pins is that they find it too cumbersome. Even those who use pins often have long lockout times because of convenience. Fingerprints typically address these issues and from what has been displayed Apple’s fingerprint system is one of them.

3 – The biggest threat to the data you have on your phone is from the people around you.
They are the ones who have interest in in it. The number of random people grabbing phones for its data is small.

3a – They are also the people least likely to use advanced methods.
You will find very few of them are prepared to go through the effort of learning how to lift clean fingerprints and then create clean substitutes. What they are prepared to do is look when you enter your pin code or password. It doesn't take any equipment and if you're somewhat social they are likely to be around you often enough.

3b – If they are prepared to lift fingerprints and create substitutes then they are also prepared to go at length to get your pin code / password.
It isn't trivial to find good enough fingerprints, learn how to lift them clean, go through an additional cleaning process and then create a usable substitute. Most people use their right thumb or index finger for fingerprint scanning. While they are likely to leave plenty of fingerprints on the phone it is very uncertain if they leave quality full size prints as the edges generally are too small and they together with prints on the front and back are likely to be smudged. It takes significant investment in time and effort with uncertain outcome.

If they are prepared to go through that process they are clearly prepared to spend effort on getting your password too.

4 –Other people are most likely to steal your phone.
It is very unlikely they will find a way to lift your fingerprint, create a substitute and then find you again to use it. Instead they will steal the phone. You will then go through the same process as you would with the pin code / password, i.e. initiate a wipe and report it stolen. Thus there is no real difference between the methods you use to protect access to your phone.

5 – Net result is that all your theoretical discussions about password advantages end up in negatives on usage and thus less security as people just don’t use them and little difference in everything else.


User currently offlinezckls04 From United States of America, joined Dec 2011, 1332 posts, RR: 3
Reply 142, posted (11 months 2 weeks 5 days 3 hours ago) and read 3199 times:

Quoting cmf (Reply 141):
When you can’t make them use a 4 digit pin code how can you propose a longer more complicated password is the solution?
Quoting cmf (Reply 141):
A major reason why they don't use pins is that they find it too cumbersome

I wouldn't argue with that. Hence the reason I prefixed every instance of password with "properly used". Nobody's claiming that a fingerprint sensor is not convenient and does not provide some level of security. You're arguing a straw man there.

Quoting cmf (Reply 139):
Yet it has been used. It takes less effort than your lifting fingerprint and create substitute and require no skill.

Where and when has it been used? Can you show me some evidence of that?

Quoting cmf (Reply 139):
Yet again, it only works on the simple scanners and even in that case it only matters if what is protected is worth the effort. As the article you posted says:

You assume technology always remains the same. Right now there is little motivation for more sophisticated methods since nobody uses fingerprint sensors on their phones. That is about to change.

Quoting cmf (Reply 139):
You don't know the real world then. It happens all the time.

I have no doubt there are spouses who don't know their partner's iPhone password, but they are a minority. You are I think assuming your work is a microcosm of the world, and it appears to you that people around you are more interested in your data than strangers looking to defraud you, who don't appear on your radar as much but are far more common.

Quoting cmf (Reply 139):
There are 421 episodes right now. I am not going to look through them to find the exact points

Then I have to question why you brought it up. Obviously I am not going to read 421 episodes to find the one which happens to address your claims.



If you're not sure whether to use a piece of punctuation, it's best not to.
User currently offlinegingersnap From United Kingdom, joined exactly 4 years ago today! , 893 posts, RR: 5
Reply 143, posted (11 months 2 weeks 4 days 22 hours ago) and read 3165 times:

Quoting casinterest (Reply 70):

I think the fingerprint reader will be a real difference maker, but one that Android and Windows will quickly replicate.

Except it has already been done. The company that implemented a fingerprint swipe scanner into the Android powered ATRIX 4G, is the same company bought up by Apple to create the scanner in the new iPhone. All Apple have done thereafter is patent it so nobody else can use it.



Flown on: A306 A319/20/21 A332 B732/3/4/5/7/8 B742/4 B752 B762/3 B772/W C152 E195 F70/100 MD-82 Q400
User currently offlinecmf From , joined Dec 1969, posts, RR:
Reply 144, posted (11 months 2 weeks 4 days 6 hours ago) and read 3050 times:

Quoting zckls04 (Reply 142):
You're arguing a straw man there.

No, I'm arguing reality. You're arguing a non realistic situation and even then you get it wrong.

Quoting zckls04 (Reply 142):
You assume technology always remains the same.

Not at all. I expect that apart from bottom line scanners they will continue to develop scanners to stay ahead.

Passwords on the other hand is failing on that humans are unable to remember the long, random passwords required to be as safe as you guys claim they are. That you completely ignore what humans do when faced with that situation, write them down, just makes it worse.

Quoting zckls04 (Reply 142):
You are I think assuming your work is a microcosm of the world, and it appears to you that people around you are more interested in your data than strangers looking to defraud you, who don't appear on your radar as much but are far more common.

I think the comment about microsm relates to you.

Quoting zckls04 (Reply 142):
Then I have to question why you brought it up. Obviously I am not going to read 421 episodes to find the one which happens to address your claims.

I provided a source from where you can get educated.


User currently offlinePellegrine From United States of America, joined Mar 2007, 2437 posts, RR: 8
Reply 145, posted (11 months 2 weeks 3 days 12 hours ago) and read 2968 times:

USA Verizon Wireless Apple iPhone 5S 2 year contract
16GB $199
32GB $299
64GB $399

+$30 upgrade fee which they are a pain in the ass about waiving.

VZW Retail no contract
16GB $649
32GB $749
64GB $849


5C ain't shit, for $100 more get the 5S no brainer..............



oh boy!!!
User currently offlinecasinterest From United States of America, joined Feb 2005, 4588 posts, RR: 2
Reply 146, posted (11 months 2 weeks 3 days 8 hours ago) and read 2924 times:

Quoting gingersnap (Reply 143):
All Apple have done thereafter is patent it so nobody else can use it.

Apple can't patent the fingerprint scanner if it is another companies. They have licensed it. However they can attempt to patent certain usages of it. I don't think they will hold the advantage long. If you read my post. I expect Windows and Android phones that are mass produced to get it soon.



Older than I just was ,and younger than I will soo be.
User currently offlineKlaus From Germany, joined Jul 2001, 21442 posts, RR: 53
Reply 147, posted (11 months 2 weeks 3 days 6 hours ago) and read 2883 times:

Quoting casinterest (Reply 146):
Apple can't patent the fingerprint scanner if it is another companies. They have licensed it.

No, they have bought the company which made this particular technology (and which has since stopped selling it to other companies). Other patents may of course apply as well, but this technology they own themselves (plus very probably a number of new pending patents coming from the Touch ID development).


User currently offlinecasinterest From United States of America, joined Feb 2005, 4588 posts, RR: 2
Reply 148, posted (11 months 2 weeks 3 days 6 hours ago) and read 2884 times:

Quoting Klaus (Reply 147):
No, they have bought the company which made this particular technology (and which has since stopped selling it to other companies). Other patents may of course apply as well, but this technology they own themselves (plus very probably a number of new pending patents coming from the Touch ID development).

oops. Should be interesting.



Older than I just was ,and younger than I will soo be.
User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Reply 149, posted (11 months 2 weeks 2 days 6 hours ago) and read 2758 times:

BTW anyone running a non developer IOS7 needs to downgrade to IOS6 before tomorrow. Developers have already upgraded to the IOS7 GM.

User currently offlineOA260 From Ireland, joined Nov 2006, 26947 posts, RR: 58
Reply 150, posted (11 months 2 weeks 1 day 7 hours ago) and read 2660 times:

iOS 7 'could cause iPhone apps to crash'

iPhone users around the world are eagerly anticipating the launch of Apple iOS 7 today, but the new software could cause large numbers of apps to crash, according to app-testing company uTest.

Millions of iPhone users are expected to download the latest version of Apple's iOS operating system when it becomes available at around 18.00 BST this evening.
However, app-testing company uTest – which tests web and mobile apps for customers like Google, HBO, and Amazon through a global crowdsourced community of 100,000 testers in 200 countries – has warned that 90 per cent of pre-exisiting iOS apps are having trouble with the new system.

http://www.telegraph.co.uk/technolog...ld-cause-iPhone-apps-to-crash.html


User currently offlinecasinterest From United States of America, joined Feb 2005, 4588 posts, RR: 2
Reply 151, posted (11 months 2 weeks 1 day 6 hours ago) and read 2646 times:

IOS 7 is Available

Download begins now



Older than I just was ,and younger than I will soo be.