Re: Biometrics
I am by no means an expert but I'd go for:
[snip list]
The keynote implied they'd at least done some research into this. It mentioned they'd worked with film mask makers to attempt to mitigate this attack. They showed some very convincing looking masks, that were apparently used in the development process to train the recognition algorithms. I'm sure it's going to be fooled, but it did at least sound like they've considered the most obvious avenues of attack.
I'm still struggling to work out why using face-rec to unlock a phone isn't viable just because the user is asleep. I don't buy that one at all[...]
I didn't take this too seriously either, the same person said "Even if the new Apple algorithm for facial recognition cannot be fooled by photography, vertical self-videos can easily be found in the public domain - for example, on Instagram - and could be used to crack the device." Now, maybe they had access to prototype hardware, discovered and chose not to share this vuln with apple, or maybe they're not quite as knowledgeable as they think. (Or maybe 'possibly' just got omitted from the transcript?)
Biometrics are not authentication.
They say "I am shortly going to prove that I am this person" and then tell you which person that is. They DO NOT PROVE that you are that person. That's what actual authentication is.
This a thousand times over!
You're trading convenience for security.
So long as you know this it's fine, but I fear many people don't. (My fingerprint unlocks my phone, however it doesn't log me into my banking app no matter how many times the app tries to tell me I should let it).
Biting the hand that feeds IT
