Blah blah blah
Nobody who buys into the FSF has an iPhone, those like to buy an iPhone couldn't care less about what the FSF has to say.
This is nothing more than one group trying to get publicity of another's launch.
The Free Software Foundation has taken issue with fingerprint recognition in the iPhone 5S and has called on users to reject Apple’s closed system smartphones. Executive director John Sullivan used the launch of the iPhone 5S and 5C on Tuesday to zero in on the iPhone 5S, the expensive iPhone variant that comes equipped with a …
They do have a point though. A universal finger print scanner that, in all probability will be stored within the US domiciled iCloud, either through backups or some other mechanism, that shady agencies can get access to for the slightest of reasons. They have an instant, convenient large database of fingerprints without the rigmarole of having to charge the users, data protection or that whole inconvenient innocent until proven guilt fad - it's all there, freely given up!
A year ago this would have been dismissed as tin-foil paranoia. Now, it doesn't seem that far fetched...
This! So very this. What people say about security and what actually happens aren't the same thing. Imagine:
1: They're plain lying and handing fingerprints to the NSA.
2: They hand a hash to their cloud (and thus the NSA) but it's a really weak one.
3: Their device security is weak and it's easy to get the fingerprints and/or their hashes off the device.
Plain-lying used to be the tinfoil brigade, but as we've seen, the weirdy beardies are kinda turning out to be correct.
You are quite right. There is only on answer to this: if you buy an iPhone 5S then i am afraid that the first thing an AppleStore will have to do is to use an acidbath to erase your fingerprints and use a blunt spoon to scoop out your eyeballs.
That way you will be completely and totally safe from the NSA, the Free Software Foundation will applaud you and bloggers all over the world will rejoice that someone had the strength of character to deny the nasty corporate dataminers their biometric data.
Of course the fact that the NSA has been storing your voice data from Siri for the past few years is by the by ... How do you think Snowden got as far as Moscow, if not by using Putin's voiceprint?
That specifically? No.
On the other hand they may be legally unable to reveal that all fingerprint data is sent straight to the government, because it turns out we do actually live in that sort of Kafka-esque world after all, with secret trials, secret evidence gathering, gag orders etc etc
By implication fingerprint verification is done in hardware on the A7 chip. How are your VHDL/Verilog reading skills? There's no such thing as a totally open system, and even as close as we get to it there isn't anyone who understands the whole system in its entirety.
And what happens to that inaccessible black box of fingerprint dat when you trade in or lose your phone?
If someone is able to crack the black box and make a simple web tool (web tools seem popular), then what's stopping someone from thieving your biometrics straight from your handset? No need for snooping.
Not so improbable when you consider how easy it is to recover data from supposedly erased iPhones. I remember giving my sister my old 3GS after thinking I'd erased it, yet lo and behold she started receiving iMessages sent to me (they've patched that now, but took their time).
Sigh. but it's your fingerprints... You know what, if you loose your phone (even if it doesn't have a fingerprint scanner on it) there will be an easier, low tech method to obtain your print...
You know what... if you're so paranoid about your fingerprints falling into the wrong hanfs, why do you leave them everywhere?
It's fingerprints people, and you know, for now, that's of limited interest to most, if not all criminals....
What people are worried about are law enforcement, not joe criminal.
You know, if someone stole you're iphone or any nice glossy phone they could probably lift your finger prints off the case anyway so why bother trying to crack into the security chip in the first place! The cops have been getting finger prints in that way for decades!!! It does also beg one question, how secure is a finger print scanner when the finger prints to unlock the device are probably all over the device in question?
If you've ever visited the US then the US government already has your fingerprints — all visitors are required to provide them at the border.
If you carry a mobile phone then you almost certainly already allow yourself to be tracked — probably you provided details of your identity to obtain the device but even if not then you can likely be identified by the contents of your communications.
As I've visited the US and carry a contract mobile, I seem already to have sold myself out. Something about locking stable doors jumps to mind. It'd be nice to believe that everybody else has managed to avoid becoming traceable but it sounds unlikely, so while I strongly ideologically support a stand against increasing biometric intrusion, it's likely a token gesture.
Seems like every other time I log on to, open or otherwise look cross at an Apple product I have to agree to some new license agreement. Nah, they'll ALWAYS only ever store it on the chip...until we change the license. "Oh come on, click on agree. You know you want to. What are you going to do? Give up your iPhone and use something else? Muwahahhahahahahahahah!"
Words are very precise. This does not mean the same as "cannot be accessed by NSA". Perhaps they're stored in signature form inside a chip inside a system with a dirty great back door, and the signature hash can be downloaded and added to the database by whoever. A big database of hashed prints might be every bit as useful as full scans, or maybe moreso as it's already in searchable form?
The whole point is that we don't know.
@Steve Todd 14:41 said: you missed the bit where Apple said that fingerprint data would only ever be stored inside of the A7 chip and be accessed by their security API
And you obviously missed Obama overruling the ban of iPhone sales handed to Apple by the courts, weeks before Apple introduced a fingerprint scanner into iDevices? Coincidence?
They specifically said at the event that the fingerprints are only stored on the device and are NOT uploaded via iTunes or to iCloud.
So, just like the SSL people specifically said the certificates and encryption were never released... and now we find out that government agencies (e.g. GCHQ, NSA etc) can access "secure" SSL data through backdoor cheats built into the system specifically for that purpose.
If they can do it, they will do it. They are spooks after all.
Just a technical question - what is the quality/resolution/accuracy of these scanners? I saw one on a work laptop the other day, looks like a flat dimple that reminds me of the audio/tracking head in an old Betamax. Do you drag your finger down it or what? While the result might be biometrically "you" as opposed to "me", does it bear sufficient resemblance to a genuine inky paw print?
Well, you *shouldn't* store the fingerprint. That doesn't mean they don't - think of all the stories of supposedly professional services keeping plaintext passwords. And it doesn't mean the code is well-written - it could easily have a recent_scans cache that is more vulnerable than the identity data proper.
The new iPhone's two killer new features:
1) A bling new fingerprint scanner that the iTards will all obligingly scan their own fingerprints with in order to operate their new shiny... possibly or possibly not transmitting fingerprint images to god only knows who.
2) A bling new motion sensor circuit which remains on and actively tracking the iTard's movements at all times... possibly or possibly not transmitting the tracking data to god only knows who.
Methinks NSA might be "assisting" Apple's "innovation" department.
Apple have said it is locked in the fingerprint scanner subsystem never to get out. We have no way of verifying that. However I tend to believe corporation when they say things like that loudly and unequivocally. The reason being I used to work in a corporation and remember full well the often paranoid suspicions of customers about deliberate corporate malpractice and crafty screwing of customers that were invariably simply untrue. Also people outside corporations tend to think there is a cosy group of fat-cats at the top prepared to twist rules to get what they want. The reality however is that in any of the big corporations I've worked in, asking for some dodgy deal to be ratified by legal would simply be wholly unacceptable, there are too many people from too many walks of life, and too much in the way of the rule of law. It is highly unlikely Phil Schiller would say what he said, make himself a hostage to fortune, and tell porkies for the world and his colleagues to see if he didn't think what he was saying was true.
As to whether there is a back-door he might not be aware of though - with all the shenanigans the NSA has been up to, that's a quite different matter.
The corporate I worked for had a very bad name for a while (due to digging up all the streets to install network). And people always attributed the worst motives to everything we did. To be fair there were some pretty shoddy PR cock-ups, but that's the point, they were cock-ups and not conspiracy. Like the time one of our contractors digging up a road, hit a gas main and blew up a house. The company rushed out an apology and PR statement saying compensation would be paid, the house repaired to a state better than it's previous condition and that the occupant would be receiving free cable for life. Only the statement was rushed out before checking who the occupant was. The Free Cable for life offer didn't go down to well with the press when it turned out the occupant was a 90 year old lady.
The point I'm making is that the press were attributing the worst and most cynical motives to the episode as though the company were trying to skimp on paying out, when the reality was it was pure cock-up. As though a large corporation with deep pockets, faced with those circumstances, would do anything other than say "were really sorry, we'll pay."
"Also people outside corporations tend to think there is a cosy group of fat-cats at the top prepared to twist rules to get what they want." - "sponsored lobby group" and "party political donation" come to mind.
Oh wait? You meant break the law? Why bother doing that when you are big enough to exert pressure to ameliorate current legislation to your favour, or just be too big and important to knock down (hello ebooks pricing, I'm looking at you).
CNN is already covering the device as "IPhone fingerprint scanner will start security revolution".
money dot cnn.com/2013/09/11/technology/security/iphone-fingerprint-scanner/index.html?hpt=hp_t2
Can we PLEASE amend the classic phrase to "A fool and his money, plus his data and privacy as well as his rights to expect thereto, are soon easily parted".
I await the run on the those pretty-shiny fruity stores by the great unwashed masses, looking for their next salvation in soul-selling technology. They have proven that they will gladly give away anything they own - including both their money and their life history - if only to acquire the next fashioin trend.
I'm in the middle on this one. JDX and Steve Todd are correct in saying that a proper fingerprint reader doesn't store an image of the actual fingerprint. It takes certain specific points and uses them as the basis for a hash (equivalent to a really complex password). The worry that people have about having to get new fingers if the reader is compromised is silly - delete the old file, re-enrol the finger(s), and all is back to good, just like setting a new password. In addition, it makes no more obvious sense that the iPhone sends its fingerprint data anywhere in "the cloud" than does my Lenovo X61, or anything with a password entered the old way.
However, given the recent confirmation of what bastards the security agencies and various companies, especially the USA-ican ones, are regarding personal data, the very specific comment about where things aren't sent raises flags. It is hard to trust anyone at the moment, especially those with past form for being secretive - which defines Apple to the core (pun intended).
Exactly. If anything, the FSF's debate on this topic is simply not focused enough (as witnessed by the "blah blah blah entry, above"). If the FSF has said, point blank:
"Apple's new fingerprint scanner, in association with their closed ecosystem, guarantees that you will have NO audit trail to your personal and very private biometric data. Will you be able to tell exactly who has access to your fingerprint, and when??"
then people would understand the [serious] concern here. But they didn't, so people don't.
Fingerprint scanner + closed system access to users = "NO"
Yes, because on your open system, you audit every piece of code you install and your skills for detecting issues is beyond any hacker?
Open or closed makes no difference if you're not checking. Apple is closed, but they do check. Now, are their checks good enough, that's another story, but with a closed system such as apple, at lease someone is checking. How many unchecked 'droid apps get installed every day?
Even with 'droid (some of) the libraries that link the OS to the hardware have to be provided by the manufacturers, the OS only provides a framework, so you still have closed elements - I don't know of any manufacturer who publishes those libraries.
This really isn't a straightforward problem, except to say that you shouldn't carry a phone at all if any of this stuff is an issue for you. At the very least, don't buy an iPhone 5S; it's not rocket science.
>> How many unchecked 'droid apps get installed every day?
The point is not Android vs iPhone. The FSF are not coming forward as Android fanboys, and I'm sure they're aware that not everything is open about android either.
The point is that, in isolation, not comparing to other vendors, not making favourites out of anything else at all, the iPhone is a closed ecosystem and you cannot know what's going on there, and this is pretty much against everything the FSF think is right and good with the world.
Open systems at least *can* be audited, and you hope that with a fully open system (which I agree, android as it comes from a manufacturer is not either) then people have eyes on it.
"Open systems at least *can* be audited, and you hope that with a fully open system (which I agree, android as it comes from a manufacturer is not either) then people have eyes on it."
Christ! How many ordinary people audit anything of this nature? If somebody (FSF or otherwise) does it for us, can we trust them? If so, upon what basis?
But, more realistically, what about the reams of private information we send god-only-knows-where? I will give you two examples:
1) I live in France. My British passport needed renewal. I filled in all the bits of paper, and gave my mobile number for contacting me along with photos and such and such. None of this is unusual. What is unusual was that a few weeks following my application, my French mobile (not a number I give out freely) started to receive spam texts in English. While I cannot say absolutely that the passport service gave out my private contact details, it seems pretty coincidental timing. So, where is the audit trail here? I can be reasonably certain that the UK government is a load of spineless twats so they'll have sent the lot to the Americans; but was the information also left on a USB key on the Tube? Or did they have the nerve to charge more than the rest of the civilised world for a passport and sell my data? If so, how much of it? [PS that number expired two years ago, snigger snigger]
2) Ever fill out a census form? Where did you send it? What was done with that information? How can you be certain?
2.5) Ditto loan applications, job applications, etc etc. We spaffify personal data with alarming frequency and in many cases no audit trail is possible. In a world where it can be a battle getting access to all the data held on us, also getting access to what was done with this data and who it was shared with...well, that's just not gonna happen.
But, hey, rant about the iPhone instead if it'll make ya feel happier...
There's a difference between wishing someone dead, and dancing on their grave.
Whether ol' Jobbie deserves that or not I guess depends on your opinion of the guy. I guess Stallman doesn't like him too much. I could think of a very few people who I'd happily tap-dance on the coffin of, but they're a little closer to home than Cupertino.
I don't think that saying you're glad someone is gone when they've passed away is the same as wishing them dead. One is being happy about the outcome of a natural process, the other is a selfish desire to change reality to the detriment of someone else.
That said, Stallman gets on my tits so it's unlikely I'll mourn his passing, despite his contributions to computing.
"Given his comments about sex with kids"[...]
Oh, dude, forget the paedo stuff, wiki quotes him as saying this: "Necrophilia would be my second choice for what should be done with my corpse, the first being scientific or medical use. Once my dead body is no longer of any use to me, it may as well be of some use to someone. Besides, I often enjoy rhinophytonecrophilia (nasal sex with dead plants)." That crosses the line so damn far it is in danger of suffering wraparound. In fact, that whole wiki page is a clustermindfsck, but the "on sex" part is spectacularly WTFish. Enjoy it for yourself.
"That crosses the line so damn far it is in danger of suffering wraparound. In fact, that whole wiki page is a clustermindfsck, but the "on sex" part is spectacularly WTFish. Enjoy it for yourself."
Wow, your mind is easily fscked. He must have had some real fun "seeding" that stuff. People are so gullible.
"He must have had some real fun "seeding" that stuff. People are so gullible."
Perhaps you are right and he just posted some stuff against the norm to get a reaction. However this is possibly worse than him being a weirdo. Why? Well the NSA and their abuse of power is a hot topic right now and then Apple plan to release a phone with a fingerprint scanner. Join the dots, and rant, just "to get a reaction". Possible, if what you say is correct...
It's a relatively simple thing to look up what RMS actually said, and he didn't say he was glad Jobs was dead.
One link away will get you to the quote which says:
"As Chicago Mayor Harold Washington said of the corrupt former Mayor Daley, 'I'm not glad he's dead, but I'm glad he's gone'. Nobody deserves to have to die – not Jobs, not Mr Bill, not even people guilty of bigger evils than theirs. But we all deserve the end of Jobs' malign influence on people's computing."
Quite a different thing really.
Whilst accepting the point that Stallman didn't say he is glad Jobs is dead, I'm going to put a point the other way. If you really didn't like someone when they were alive, it is absolute hypocrisy to play the "... but s/he wasn't so bad really ..." game after s/he is dead. This whole "don't speak badly of the dead" is such a stupid superstition that I can't understand how it is perpetrated by intelligent people. I didn't know Jobs or his work enough to be either pleased or disappointed about his death, but there is a certain late female Prime Minister of the UK who I'm never going to stop telling the truth, as I see it, about merely because she is dead.
Phones already track your exact location, your contacts, your web traffic, who you call, who you speak to, your photographs etc. etc. etc.
If the NSA already has all of that then frankly I don't give a toss if they get my fingerprints thrown in too for good measure.
You don't mind if the NSA collects just about the only thing that proves it's YOU using the phone?
Yes they currently get device/location/other data, lets not give them something that absolutely crystalises who is using the phone right now (or right *then* more importantly to security services).
> You don't mind if the NSA collects just about the only thing that proves it's YOU using the phone?
The only thing eh? We're just lucky there isn't a huge boatload of CCTV cameras covering most of the UK's streets and sho... oh, hang on.
/Anon just in case
"If the NSA already has all of that then frankly I don't give a toss if they get my fingerprints thrown in too for good measure."
The most common, most identifiable metric used for criminal background tracking is your fingerprint. It has been that way since police departments started taking fingerprints of criminals for file records which, according to Wikipedia, began in 1892.
So you have no problem with a for-profit, non-disclosure, closed architecture company's product recording the most often-used metric that is used for criminal investigations...and, therefore, criminal prosecutions...and leaving you with no discernible privacy tracking of said information?
Can I have your birth certificate information, credit card and National Insurance numbers then?
And don't buy those Android phones what will hit the shelves within 6 months that also contain a scanner.
All I need to know is
Can the scanner be disabled?
If it can then frankly I really don't know what all this hoo-ha is all about.
>So you have no problem with a for-profit, non-disclosure, closed architecture company's product recording the most often-used metric that is used for criminal investigations..
Perhaps he's not planning a criminal career or fleeing one?
>Can I have your birth certificate information, credit card and National Insurance numbers then?
... you can order a copy online here: https://www.gro.gov.uk/gro/content/certificates/
...if you need his NI fill out a CA5403
...his credit card is trickier - you might have to resort to shop or bar work, but then he'll happily hand it over and may even tip.
...but if you want to get into his new iPhone, you'll need his cold dead hands......
Hypothetically, if an Android phone was released with fingerprint reading capability (now a likely outcome in response to apple) would you trust it more? Yes, you could possibly see the code in use by the sensor (but I'm pretty sure android isn't completely open source when it comes to hardware drivers, etc - so this isn't neccessarily a given) and you could audit every piece of code you install to make sure it doesn't use the sensor... but would the averge person do that (even the truely paranoid will be relying on skills they may not posess to the same degree as the person trying to subvert their phone). The argument for apple, I guess, relies on how much you trust them, first in their assertion that the fingerprint is only stored on the phone, and second, how good they are at vetting software in their store to prevent it from accessing the stored fingerprint, or capturing a new one during operation.
Apple may lie, but I'm not paranoid enough to believe they will (in this instance). The risk seems to be subverting the app store vetting process. That's an interesting risk though, as let's face it, your fingerprint is pretty useless to most criminals (at present at anyrate). Yes, law enforcement would love it but are law enforcement going to break the law to get it (I guess only if they think they can get away with it)?
At the moment, in balance, I think it's probably safe (I mean, fingerprints have inherent flaws if you go beyone specific uses anyway - I don't know about you, but I leave mine lying around everywhere I go!). As always, this is subject to change, but at present I don't see any reasonable vector that causes any concern.
"Yes, law enforcement would love it but are law enforcement going to break the law to get it "
I would say recent revelations would indicate that law enforcement agencies the world over are more than willing to break the law to get what they want.
Major tech companies have been feeding the NSA information for years, spying on their own countrymen, without any legal justification. Do you really believe they'll stop just because they've been caught at it?
Given the choice of either trusting an advertising company that gets it's revenue from selling your data which it harvests from your activities on the internet using it's software and a company who makes its money selling hardware and software, I know who I am happiest trusting.
As for people who use iPhones not using free software - well here's one. All of my machines run Linux and I have an iMac.
A locked app ecosystem has its pluses and minuses. I'm not aware of any viruses, trojans or nnasties that have targeted iOS and made it to the market, which unfortunately cannot be said for Android.
I will not own an Android phone, and neither will I use Google software or services wherever possible.
"your fingerprint is pretty useless to most criminals (at present at anyrate). Yes, law enforcement would love it but are law enforcement going to break the law to get it (I guess only if they think they can get away with it)?
It will become increasingly interesting to everyone. However, it must be remembered that what isn't going to be recorded/stored using one of these scanners--at least for the foreseeable future--is your mDNA. The evidentiary standard, once biometric scanners come increasingly into play, will likely evolve to require '2-factor authentication' i.e. given that biometrics are necessarily digital in nature, the records produced are necessarily also (seen to be) copiable/transmittable/etc., so any evidence of a 'fingerprint' will have to be backed up by the presence of mitochondrial DNA from the same location, to prevent abuse of gummie-bear- or 3D-printer-produced 'prints'. Things will evolve, IOW.
p.s. On the subject of hashes: I'm supposing it safe to surmise that the fingerprint being scanned is--at least temporarily--instantiated in digital form, in memory, in order for a hash to be produced from it? If that is so, the security concerns about fingerprints, per se, would come to a sharp focus on that particular point in the entire scanning process, and that's where the security largely belongs.
Just because you can trust the software doesn't mean you can trust the hardware, so unless both software and hardware were "open" and verifiable, then surely you are still at risk, even with open software.
I think it was Carl Sagan that said something like "If you wish to make an apple pie from scratch, you first have to invent the universe."
I use free and open software out of choice, but I am no fanatic.
With the recent security/privacy disclosures I don't think you could trust anybody, 'free' or otherwise to keep fingerprint data. A big database of fingerprints (OK, probably only one finger...) would be far too tempting for the security services, especially if they could correlate that data with location.
Law enforcement is surely interested in scans of your fingerprint that can be matched to actual fingerprints? Apple only needs to derive a unique biometric signature, that may have no resemblance to an physical fingerprint. It's not a given that there can be a mapping between the two
The FSF open version of Android seems like a lawsuit waiting to happen. Yes, you can make an open-ish version of Android, but once you get anywhere near the software that makes a phone a phone, you're in patent-land
That's a good point. As I understand it the Apple sensor isn't scanning the surface of the finger, although I don't recall reading what process they're actually using. So theirs is supposedly not subject to damage and paper cuts interfering with the print. Which leads to the question of how their biometric compares with the actual fingerprint found on the incriminating evidence / gun / cattle-prod / whipped cream can in question.
I had a laptop with a fingerprint scanner a few years back. I played with it for a bit, but I don't think I ever got more than 50% accuracy out of it, so gave up. I don't know if that means I've got unreadable fingerprints and can go on a killing spree with impunity, or if it just means the technology was crap.
... which is why I'd like a really dumb phone that is basically a modem with a known api; I can then drive it from whatever pda-like device that I choose to trust; so that the phone-modem manufacturer, or network operator, and any pals/cronies/whatever they may have, don't get (and cannot smuggle) automatic access to everything I might want to store on my pda-like device and/or the sensors/etc it might have.
The NSA already has your fingerprints. This just insures that your fingerprints and identity are linked to your iPhone in case it is stolen. Makes it near impossible for anyone to use, who isn't you. So this isn't going to give the NSA your fingerprints because they already have them, know who you are, who you talk to, and what you're doing.
The general comment is always that open source is good/better/preferred to closed source (or closed hardware) because you can see for yourself what the thing is doing and as such it is more secure (in the sense that it can't do things which you couldn't have known about).
But fact of the matter is that this argument is slightly flawed. A lot of open source projects have grown to such proportions that simply "looking into the source" isn't quite possible. At least not with actually studying the setup of the program first. Which introduces another problem; bigger projects usually have a lot of different programmers who usually also have different coding styles. Of course you can't expect code to be commented either for example.
And what if you're not a programmer at all?
I think that for non-programmers there is basically no difference between open source and closed source, except maybe for the price. In both cases they'll simply have to believe the stuff which people tell them, with the strict exception that if you buy something you'll get some "guarantees" (for whatever that's worth; most have been waved away with acceptance policies anyway) whereas you take open source "as is without warranties".
This isn't a black / white issue any longer I think. In some cases open source projects suffer from the exact same issues as closed source; the shroud of mystery. With, of course, the specific exception that with open source you have all the tools available to take that shroud down. For free. But would an ordinary end user go all the way for that?
More to the point, with Apple's (or anyone else's) closed system : NSA come along and say "We want a back door into it - or someone is going to disappear". Apple say "What style of doorknob ?"
With open source project it's a lot harder. Who are they going to go to since few projects have only one person involved. Yes, they can apply pressure to one person, but then he has to explain what the code is that he's submitting - and all the others in the project can look at that code.
So in practice, they'd need to coerce a number of people - some of whom won't be under their jurisdiction. Even then, that doesn't prevent someone on the sidelines seeing something fishy in the code.
So it is correct to say that being open source can't prevent such things - but it makes it a darned sight harder to pull off without being caught.
"I think the point is more along the lines that since it is Open Source there is quite likely to be someone, somewhere in the world, that does understand it and is quite likely to blow the whistle on anything dodgy that appears in there."
Assuming that he person will be believed and actually gets a platform.
A very far fetched theory: what if some agency got to Torvalds, offered him a shitload of money and then got their fingers inside the Linux kernel?
I don't think it would be easy for anyone to find out. And if someone does find something weird and asks about it on the mailing list wouldn't it be predictable that they'd simply get scolded for not understanding the module in question after which no one will pay it any further mind?
How often are security updates released for any open source project?
Almost every month.
Buffer overruns, cryptography flaws, bugs in new functionality.
Maybe some of those "bugs" are back doors being inserted deliberately. They don't have to last long, just has to be one in every release, so whether or not you upgrade they can get you.
Maybe that one guy one the project isn't "one guy". It's a team of NSA programmers working out how to put a plausible bug in this months security update while fixing last months crop of "bugs".
And if you spot the bug, they are only too happy to fix it. After they spend weeks swearing up and down that it isn't their code, and asking you to provide exhaustive debug traces etc. Like almost every programmer.
A zero day doesn't have to last for ever, just long enough for the next zero day to "turn up" (be inserted).
>This isn't a black / white ... shroud of mystery ... that with open source you have all the tools available to take that shroud down. For free. But would an ordinary end user go all the way for that?
Probably would not. The 'openness' is theoretical, therefore, and almost every user of FOSS is acting--in this respect, at least--as a free-rider (free-loader), hoping/expecting that, in addition to writing the code and updating it from time to time, the programmers and others--with far too much free time and/or OCD--are also vetting the code from a security standpoint. Is there oversight to ensure that a fresh-eyed someone, somewhere is, in fact, pawing through this particular steaming pile of code to ensure that there's nothing untoward hidden inside it? IOW, who's ensuring that the watchmen are clocking in? There's a risk being taken when you use FOSS: you're hoping that the difference between the theoretically-possible vetting of the code and the actual vetting of it approaches 0. If that were the goal, or target, you'd see FOSS packaged in such a way that you'd know almost immediately something of its security audit history...
WIth android it's less of a "do you trust them more/less" issue to be honest. With android you'd at least have the choice of enabling, disabling, third party app usage, configuration or just plain ignoring it. With apple and their track record you'll get an "on" or "off" setting, but that's about it. I'd be willing to bet that will only last another iteration or two as well. Given that "android" isn't a manufacturer i'm sure they won't all do it, and if they don won't all make it , eventually, mandatory.
Ok so let us take the tinfoil approach and say this will give the NSA access to my fingerprint. Between previously working for the Government and having more background checks than I can think off, they already have it multiple times.
So it is proprietary, so what? That seems to be the basis of his complaint. All smartphones have a way to enter a password. I doubt they are using the same open source software.
Ok so Apple is pretty much a closed shop. There are other vendors out there. It doesn't mean the NSA isn't deeply imbedded in those too.
Apple said that the fingerprint data is never stored on Apple servers. We've learned to treat all such statements as half truths. What is significant is that they did not say that the data never leaves the phone.
I'm actually in favour of everyone's fingerprints being available to the police to catch criminals to make everyone safer. What I'm not in favour of is this data being available only to spooks serving the most power-seeking people, making everyone less safe.
Why is everyone annoyed about the finger print scanner, you are constantly handing over your financial details to 100's of shops a year. Any of which could copy those details and do as they wish! I don't see you screaming about NFD... Also what about phones that scan your face, is that not more worrying to be in the wrong hands... a full scan of your face can be used in video editing to put you anywhere!
Long and short, to have the freedom that we all love, someone has to be watching for the ones who want to take it away!
Its a nice idea, its the not responsibility of the company to secure your information, you choose to give them it, you protect yourself.
There is a huge difference between a fingerprint scanner for convenient (biometric) access to a consumer device and that required for fingerprint recognition for legal or criminal investigation uses... i.e., multiple digit, entire finger extent imagery with "interesting" topological points indexed for quick comparisons.
In this case, fingerprint recognition is used to check that your finger roughly approximates to the finger that you configured to be allowed to unlock the device. Apple have also specifically stated that the matching parameters are only stored on the device itself and that Apple do not upload it or do anything else with it. While it's quite sensible to have some concern about this being the case or future creep of this information, it's not such a big deal.
Why? This is a consumer device and the matching details will not be unique enough able to match your details on a database of millions of others, instead it's likely to be accurate enough to ensure that something like only 1% of the population could unlock the device because they and your fingerprint profiles are similar enough. Don't forget, this is just about unlocking a consumer device therefore it has to work more often than not compared to real security fingerprint readers where if there's a chance of not being a match they will err on the side of rejecting a match but where if Jo Public's shiny new mobile started doing this depending on the relative temperature, health and water conditions there'd be an uproar that people were locked out of their devices. To mitigate even this, there is always a standard pin number or other fallback unlock method.
I'd have more concerns about it being used to approve AppStore purchases but given that many people don't even bother protect this, therefore allowing their kids to rack up hundreds of $£, etc in in-app purchases, adding a marginally more convenient way to protect such purchase is an improvement.
That more people trust the chocolate factory than Apple round here. Seems a very odd situation, I trust neither but I certainly would not trust a company known for spaffing user data, stealing data, and generally being potentially iffy just because they give away some parts of the code (but not all the important bits) and promise to do no evil. (Also odd how the el Reg readership generally hates marketing/advertising and sales types with a passion, but happily bow before the biggest ad/marketing company to have ever existed).
Me, I dont trust anyone, but I reckon if the govermint wants to lock me up there are plenty of ways they could make it happen without fingerprinting (isnt that why we have terror lawa after all?).
Anonymous because no-one can hack my el Reg account to find out who I am, one minute there's a knock at the ddddoooooooooooooooooooooooooooooooojdiipwidafoavhdvOOF OIFHdfaoi d f ASOfhaoF AII
Arguably more concerned about privacy than 'driod users - breaking it down to simple things people here will understand - Google... they are an advertising/marketing company that sell hardware and software services to facilitate getting saleable information on people. Their business is finding out about you. Apple are a company who make hardware (used to be computers, but these days more entertainment hardware).
The sensible answer is to trust neither, but to single out i-users may seem a little foolish when you actually consider the facts (I know, not a popular thing 'round these parts...).
I'm now waiting for the first reported case of someone who has their finger chopped off by the mugger stealing their iPhone, just like the Malaysian dude who had his finger chopped off when thieves car-jacked his fingerprint-secured Mercedes (http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm). Thief-magnet gadgetry that requires an easily-removable physical part of me to work? No thanks.
Been through passport control in the US? The NSA already have your fingerprints on file. Actual images, not just a set of key indicators that will be stored in a phone's processor somewhere. Indicators that cannot possible be used to reconstruct original print images.
Chopped-off fingers: that's not going to work, so crims had better wise-up fast. Touch ID senses finger temperature and pulse. A dead finger won't work. Bad guys will have much more luck by just giving you a good thumping.
Sure, I suppose you could interpret the fingerprint thing this way.
Though, Apple says it's sequestered onto a non-network-accessible portion of the A7. Which pretty much flies in the face of everything the FSF is claiming. I'm not particularly worried. We leave fingerprints everywhere, for anyone to retrieve and store.
Of course, the FSF chooses not to believe what corporations say. Maybe that's good, maybe it's foolish. It would be nice to have all the facts, though, rather than scare tactics about possibilities without evaluating the actual hardware's capabilities and design.
Just because Android's open doesn't mean it can't be abused. In fact, it's easier to abuse Android than iOS (though that isn't impossible, as recent news has shown).
Apple have stated explicitly that the finger prints are stored on the phone and not transmitted to a network.
Now if, and that's a big if, Apple are lying and they do transmit the data to a network, be it their's the NSA's or anybody else's it is going to leave a foot print. Evidence of this would be a huge story so expect a lot of people with vested interests ripping both the iPhone and iOS7 apart looking for this smoking gun.
If this evidence is found then Apple is looking at two major situations;
A) Pretty much every EU customer would be entitled to a refund as Apple's earlier statement constitutes as false advertising.
B) Apple will he dragged before the EU on data protection laws as it is recording information that is sensitive and unnecessary. Data Protection Act breaches can carry long jail terms.
The potential damage to reputation, stock value and brand would far outweigh any benefits gained from transmitting this data to the NSA.
Since the home button and finger print scanner is the same thing you are forced to use it , even if you don't want to. We don't have the source code so you won't know when it is scanning your finger. If the encryption does get broken someone can get your finger prints just by touching the phone.
Is this like the time apple said it wasnt tracking users movements and then it turned out it was keeping a complete log and uploading it back to apple...
If the tech hasn't changed (since the purchased upek) its stored on the fingerprint micro processor/chip however that doesn't mean it cant be access with something with the right level of system permissions and syphoned off to where ever....!
I respect the FSF, quite a bit. Mostly for their history. RMS strikes me as a fanatic, and a disagreeable person in general, but that's his game. Linus Torvalds can be very disagreeable himself, threatening to kill people at ARM and SoC design labs for instance. Alot of engineers and academics are asshats sometimes. Same with Politicians, and RMS acts more like an unconventional Politician than an engineer anymore. Nothing wrong with that I guess, but people tend to follow blindly and I see that as a problem.
But I'm far from what you'd call a Free Software or even Open Source zealot. I understand Software licensing, something that both sides of the debate would do well to actually learn before licensing under the GPL, BSD, CC, or Apache License, and its legal quirks, that being said, IANAL and while I get they're just trying to reiterate a point they've made countless times in the past, it seems to me that the FSF is once again the lonely voice crying out in the desert and only a very small number who may consider purchasing iToys are really going to take into account the FSF, GNU, and Stallman's feelings on the subject. Quite a few of their users have no idea what the FSF is or who Richard M. Stallman is.
My good friend uses an iPad, a MacBook, and an iPhone on a daily basis, he asks me about FOSS all the damned time because he knows nothing about it, and is kind of on a crash course with debian since he started managing a college radio station, which sucks for him. I use Fedora, CentOS, and RHEL. I can handle Debian, but I don't know all that it does, and Ive never had time to learn it beyond its basics as Ubuntu pissed me off back in 2006 and I haven't been a fan of Debian derivatives since, not out of disrespect, just out of necessity, as I seem to do my jobs faster on CentOS or RHEL, I know how to use RPM much better than APT, and with Fedora on my desktop and test VMs, I know what's coming down the pipe soon enough). People like my friend here may have seen the GPL a few times on installing programs, but thats about it.
Hell, even Mac users sometimes have no idea that their Kernel is basically CMU's Mach (which at one time was a candidate for GNU's "failed" kernel project AFAIK), and their userland is basically BSD's.
For the rest of us, especially those that work with FOSS, Its important to note whatever the FSF is complaining about, and paying heed to it, but letting the FSF or anyone else dictate your on the job behavior is zealotry (or simple arrogance, youthfulness, or amateurism masked as zealotry).
The only way in the real world to get ahead, especially in anything related to any of the sub-disciplines of IT, is learn as much as you can about your profession, whether its so open its Public Domain, or so Closed that IBM, et. al. make you sign a Non-Disclosure Agreement to work on it. Being pragmatic about what you know and learn will keep you from falling into the trap of specialization and obsolescence. In real life you have to use the correct tool for the job, and sometimes the client may go so far as to specify what tool they're forcing you to use, whether its FOSS or something Ultra-Mega-Sue-Your-Pants-Off Proprietary with 500-Patent-Encumberances at no extra cost*, you might be stuck with it, so learn how to use it.
TL;DR - Moderating your position can do you a world of good professionally.
People seem to be looking for things to criticize Apple about, but they've said clearly the data doesn't leave the phone. Likely it isn't even saving your actual print but some sort of signature/hash to compare with the signature/hash it gets when you try to unlock it. That's why it has you do it several times at first to build up a baseline.
Android has "face unlock" which seems more rife for government abuse when you think about it - once they have your face they can track your movements over security cameras everywhere Minority Report style. Obviously the US government already has the face of any US citizen with a passport or driver's license, but do the rest of you really want to trust that Google doesn't provide the face unlock data to the NSA so that you evil furriners can be tracked whenever you visit here or when you're in any place (like the UK) that works with the NSA?
Somehow I don't recall hearing a lot of privacy worries over face unlock, only the usual comments that it showed how Apple was behind in the feature lists. Now that Apple moves ahead (not first, but they'll beat Android's installed base of fingerprint readers in the first 15 minutes of iPhone 5S sales) suddenly it is a huge privacy concern. I remember hearing objections to the Xbox One having Kinect enabled all the time because it could recognize you and see who is watching TV. Why was it a great feature on a phone but a terrible idea for a console? Because you can turn it off on your phone? Do you really trust that not enabling face unlock keeps the front camera disabled on your Android? It has to have the front camera enabled to do all that gimmicky hands-free answering and stuff on the GS4, you know...
I guess the 5S fingerprint scanner, like Android face unlock, it is more of a concern for those overseas who don't want to risk giving the NSA any more personal data than they already likely have. In the US, those of us who have served in the military, been arrested, worked for the federal government, obtained a concealed carry permit, worked in a bank, works with children in any capacity and so on can be assured the NSA already has our prints on file so even if this gives them another copy it is too late to prevent whatever abuses they make of it.
There are lots of good reasons not to use IPhones... restrictive licensing, restrictive user interface, inflexible, substandard RF performance (a really good reason for a phone!), plus it's overpriced and generally technologically obsolete by the time it's even released. It would be good to know if the fingerprint data is used ONLY on the phone or if it's sent all over the place. This should be easy to verify though:
1) Turn off cellular data
2) Turn on wifi
3) Sniff the hell out of wifi as you play with fingerprint scanner.
If this is sent out at all, it is unlikely it would hold onto the data and wait until it has a cellular data connection, so this should be good enough to tell what it does with this information. Indeed, if this is sent out it then providers no protection compared to having a plain text password sent out (i.e. fine if nobody abuses the password store, and useless otherwise.). I should point out, you DON'T need a fake fingerprint or even a reader to abuse this information, you just send credentials claiming a clean read with data matching the data obtained from your fingerprint, and as far as the other end is concerned you swiped your finger over a reader.
If on the other hand it's kept on the phone... well, not as bad overall, but hopefully nobody pulls your fingerprint store off the phone; if any other readers generate similar data then people could impersonate your fingerprint for those types of readers.
...he's 100% correct about the Jobsian influence on the entire industry:
"It was the FSF's president, Richard Stallman, who marked the 2011 passing of Apple chief Steve Jobs by saying he was glad Jobs was gone because the Apple boss had exerted a "malign influence" on computing with his closed systems."
You could've waited a few more months but you're dead on, Mr Stallman...
It makes not one jot of difference if code is "open" or not.
Not all the code in all parts of Android phones or Windows or Meego or .... is public. It is all proprietary even if Google choose to make it available.
Tell me how Android being open means that Google or app developers do not collect more data than you realise. Show me you have all dead and UNDERSTOOD every bit of source code and verified the numerous libraries, the firmware, the Google servers and so on.
Stall an is an odd fish, to put it politely. Have you checked him to trust what he says and his motives?
I was dithered g. Now I feel impelled to get the 5S as soon as I can.
I have read that Motorola produced a mobile using fingerprint authentication; I know that some laptops use it. So, two references and some information I want to find:
Mr. Stallman must have made similar pronouncements about these devices. Anyone got references?
Where or how do these other systems, especially the Motorola, store the prints or derived data? How and what? References?
Does Mr. Stallman use, for instance, bank automats or a credit or debit card or comply with any government requirements for personal data and how does he verify what is done with his data? Or is he some sort of luddite who uses a hand cranked computer (to avoid registering as a customer for electricity), living in a cave somewhere and keeping well away from networks with any external connectivity?
Thank you in advance for your help..
You could not make it up could you?
How many of the people who are whingeing about the iPhone's fingerprint scanner use a telephone or a tablet via a TOUCHSCREEN?
You know, something that you use with your fingers and therefore leave your fingerprints all over the thing?
Now, are you ABSOLUTELY SURE that there is no way that there is no way they can be scanned and the info sent back to GHCQ or whoever?
So just don't buy the iPhone if you are that worried about your fingerprints being "stolen" and used for whatever purpose you think they will be used for.
Though when Samsung e.t.c. start to use the same "feature" on their 'phones, what are you going to use then?
"How many of the people who are whingeing about the iPhone's fingerprint scanner use a telephone or a tablet via a TOUCHSCREEN?"
Most of them probably, but we know for sure that the iPhone's touchscreen is just that - there is no scanning mechanism built into the earlier iPhone. There may be fingerprints all over my tablet, but I can be confident that they are not going to GCHQ or NSA. With fingerprints being scanned by the 5S we don't know for definite what happens with them, or even if the full image is scanned or just a hash of it. The Apple assertion that the scan (whatever form it is in) doesn't get uploaded to their servers doesn't mean a lot. If they an unequivocal statement saying that it is not uploaded to ANY servers, anywhere in the world, then people like the FSF should be pacified.
> the Apple boss had exerted a "malign influence" on computing with his closed systems
Yes. The locking-in of users is pretty much Apple's biggest and most profitable invention. Their whole business is based on locking in users. I've always been puzzled that people love Apple for taking away their options and choice.
And now Microsoft is emulating Apple's recipe.
Strange. I can drop any ePub or PDF file I want into iBooks. Anything that's not directly compatible, I can convert with Calibre. I can also drop many standard music file formats into iTunes – even MP3. It'll offer to convert some formats, while others can be converted by other (free) tools. Same goes for video, which I tend to stream off a QNAP NAS: AVI, MKV, FLV, MPEG-2, MP4 – you name it. (You are aware you can even get VLC for iOS, right?)
The *only* restriction Apple's iDevices have is that there is only the one App Store, and it's the one Apple created. Yes, it's curated, but so is every shop in the high street: nobody can walk into a John Lewis department store and demand that they sell their products without the permission of the Head Buyer. Curation is *normal*. It is not some form of control-freakery.
A "store" that lets anyone come in and set up their own stall is called a "bazaar". Perhaps you're unaware of this, but in the countries I've lived in, bazaars are surprisingly rare. It turns out most people like to know they can bring an item to a store and not find the item's seller has done a runner!
I'm not sure how a focus on good design and usability makes Jobs a "malign influence". Most successful CEOs tend to be abrasive and even a little OCD and Jobs was no exception. Neither, it seems, is Richard Stallman, so he certainly doesn't get to criticise Jobs on that front.
However, it is clear that Stallman is unaware that "freedom" is a two-way street:
Jony Ive and Apple have just as much right and *freedom* to follow their own design philosophy – which they've never made any attempt to hide: http://www.youtube.com/watch?v=VpZmIiIXuZ0 – as Stallman does. Apple aren't forcing you to buy their stuff. You have the freedom to choose one of the many competing products instead. Apple won't mind: they have a very specific target market and they're sticking with it.
Stallman, however, is a hypocrite: he seems hell-bent on *forcing* the entire planet to kowtow to his own, rather peculiar, views and philosophy. This is the exact *opposite* of freedom.
"nobody can walk into a John Lewis department store and demand that they sell their products without the permission of the Head Buyer. Curation is *normal*."
Oh, you are forgetting one thing - you as a high-street shopper can go to Debenhams if you don't like John Lewis. If you don't like Apple App Store - tough shit!
But the reason was The Ever Shrinking Apple's SIM Card Format. I've cut my wife's miniSIM to microSIM when I've boght her iPhone 4S and I've bought separate microSIM for her iPad 2, but I won't subject myself to these inconveniencies anymore. I've grown tired of that marketing shit, so no nanoSIMs and no more microSIMs either. I want to use plain old miniSIMs, and I want smartphone's storage to be accessible as USB mass storage device (a la Amazon Kindle), and no stinking iTunes, please. There are absolutely no technical reasons for requiring smaller SIM for iPhone 4 series and even smaller for iPhone 5 ones.
And it only covers part of your thumb, and it's against the law to retain fingerprints at will. We don't know what data it takes or stores, it may not even be like traditional finger print at all.
So would the Sheepdroids please stop sneering and get back to stealing software and dodging viruses.
These devices generally don't take an image of a fingerprint, they measure specific characteristics and hash them. If that hash were to leave your iStatusSymbol, then Apple don't have a copy of your fingerprint - they do have a hash that could cenceivably be matched againdt your fingerprint. Given the nature of such hashes, and the tolerances which are necessary to avoid too many false negative matches, it would probably also match against a few million other people too. Much as I disike Apple and their closed-system, this is not a massive security threat.
No-one who buys an iPhone will care, because the FSF is not suggesting a realistic alternative to buying one -- some freetard Android fork is not an iPhone substitute. Hell, I'd say most Android phones aren't an iPhone substitute either, and they run code that isn't open source until Google deigns to release it. And then there are the closed modules that every phone vendor adds... so the FSF is really saying "Just forget about a good, functional smart phone. You shouldn't buy anything unless all of its code is published... which is none of them, unless you buy a working Android phone and hope you can install this freetard fork. Which probably won't work on your phone at all, but if by some miracle it does, it certainly won't work with all of the cool features of your phone, because it won't have the right drivers." I mean, seriously?