"iPhone" entries

Upward Mobility: Getting Your Fingers on Some Security with the New iPhone 5s

There's no such thing as perfect security, and we should stop sacrificing the good for the perfect.

I’ve had a day or two to play with my new iPhone 5s, and the fingerprint scanner is one of the nicer things about it. I like the added security of being able to unlock it with my fingerprint, because I was one of those people who could never be bothered to have a passcode on it before.

Of course, the news of the day is that some inventive folks in Germany have managed to unlock one of the phones by lifting a print from the glass of the display and using a variety of fairly low tech steps to create a false thumbprint from it. This should come as no surprise to anyone who understands how fingerprint sensors work. The 5s does more than some to prevent spoofing, but pretty much no fingerprint scanner is impervious to a determined attack.

What is sad to see is the conclusion that these hackers (and the press) have drawn. “Fingerprints aren’t a good method of securing data. You should never use something that you can’t change as a password. Always practice two-factor security policies.” Of course, if someone really wants to break into your phone, and is willing to expend the effort to do it, they can. If someone wants to break into a typical house, they can. If someone wants to steal your car, they can.

Read more…