Slashdot Mirror
'Dear Apple, The iPhone X and Face ID Are Orwellian and Creepy' (hackernoon.com)
Trent Lapinski from Hacker Noon writes an informal letter to Apple, asking "who the hell actually asked for Face ID?" and calling the iPhone X and new face-scanning security measure "Orwellian" and "creepy": For the company that famously used 1984 in its advertising to usher in a new era of personal computing, it is pretty ironic that 30+ years later they would announce technology that has the potential to eliminate global privacy. I've been waiting 10-years since the first iPhone was announced for a full-screen device that is both smaller in my hand but has a larger display and higher capacity battery. However, I do not want these features at the cost of my privacy, and the privacy of those around me. While the ease of use and user experience of Face ID is apparent, I am not questioning that, the privacy concerns are paramount in today's world of consistent security breaches. Given what we know from Wikileaks Vault7 and the CIA / NSA capabilities to hijack any iPhone, including any sensor on the phone, the very thought of handing any government a facial ID system for them to hack into is a gift the world may never be able to return. Face ID will have lasting privacy implications from 2017 moving forward, and I'm pretty sure I am not alone in not wanting to participate.
The fact of the matter is the iPhone X does not need Face ID, Apple could have easily put a Touch ID sensor on the back of the phone for authentication (who doesn't place their finger on the back of their phone?). I mean imagine how cool it would be to put your finger on the Apple logo on the back of your iPhone for Touch ID? It would have been a highly marketable product feature that is equally as effective as Face ID without the escalating Orwellian privacy implications. [...] For Face ID to work, the iPhone X actively has to scan faces looking for its owner when locked. This means anyone within a several foot range of an iPhone X will get their face scanned by other people's phones and that's just creepy.
The fact of the matter is the iPhone X does not need Face ID, Apple could have easily put a Touch ID sensor on the back of the phone for authentication (who doesn't place their finger on the back of their phone?). I mean imagine how cool it would be to put your finger on the Apple logo on the back of your iPhone for Touch ID? It would have been a highly marketable product feature that is equally as effective as Face ID without the escalating Orwellian privacy implications. [...] For Face ID to work, the iPhone X actively has to scan faces looking for its owner when locked. This means anyone within a several foot range of an iPhone X will get their face scanned by other people's phones and that's just creepy.
This article is so stupid. The author clearly has no idea how existing biometrics that Apple offers work. Touch ID stores information in a secure element, and nowhere else. No cloud, no device transfer methods, nothing - it is On Device only. Face ID is no different. In fact, it doesnâ(TM)t even store images of your face - it reduces your faceâ(TM)s geometry to a mathematical equation that is literally impossible to reverse engineer, due to the high levels of iOS hardware security. Read the damn iOS Security Guide, published and updated by Apple - it is FULL if information on how this stuff works, how keys are handled, how the Secure Enclave works, how encryption works across the OS and user data, itâ(TM)s a great read and would put these inane âoefearsâ to rest simply by understanding how it works. âoePeoples will always fear what they donâ(TM)t understandâ
This guy is just making stuff up. First off, he has no idea if people around the phone owner also get scanned. Secondly, Apple doesn't take a picture of anyone, only a hash of a mathematical representation of the 3D scan of the facial contours created from the 3D projector. And finally, it doesn't send that (irreversible) hash anywhere - it stores it internally in the Secure Enclave, so it wouldn't even matter if they *where* scanning other faces.
Get a grip, man, I'm sure you can find other things to hate them for, you don't have to make stuff up!
Why didn't anyone hate on Samsung for *actually* taking pictures?
Who asked for the original Macintosh or iPhone either?
Neither of those require giving up private information for a product. Do we need facial rec. to unlock a stupid phone? Heck, no. You could easily come up with a dozen, quick means to unlock a phone, that did not involve privacy violation. So we can assume this method was deliberately chosen to invade the privacy of users.
People often don't know what they've been missing out on until you show it to them.
It's nothing new. For instance, face unlock was available on Alienware laptops 7+ years ago and has been common on Samsung devices for a while. The fact that Apple users "discover" that in September 2017 says a lot about this brand and their customer base.
lucm, indeed.
It's also available for Microsoft Surface devices which just goes to show how much things have changed. Now it's no problem when MS does it but when Apple does it's "Orwellian and creepy".
One in 50K false positive was for Touch ID. The false positive for Face ID is one in 1 million.
#DeleteFacebook
Don't like face ID?
Use a passcode. Or no security at all...
when October 31st rolls around and everyone who has an iPhone 10 and is wearing a mask discovers that they have to take off part of their costume just to make a phone call.
I'm guessing you don't work on anything more complicated than a horoscope generator, then. Clearly, the fallback in this case would be the passcode. Did you seriously not consider that? And because you didn't actually consider that possibility, did you seriously not consider that Apple engineers would consider it? Or were you just trying to score snark points?
Seriously, which is it? I want to know.
People who say "sheeple" have about as much sophistication as an AOL user, and in fact are probably actually AOL users.
It recently leaked that - in the opening scene of Game Of Thrones Season 8, we'll see Arya Stark successfully unlock Littlefinger's iPhone X using his face.
#DeleteChrome
Zoom lenses are typically too large to fit on phones, so you're out of luck...
Browsing at +1 - no ACs, I ignore their posts. So refreshing!
I'm not sure that I see the relevance of the expectation of privacy in public places. What about the expectation of privacy in private places? The phone isn't going to detect the transition between the two and adjust its behaviour.
Like touchscreen = touchscreen, hidef screens = hidef screens, fingerprint reader = fingerprint reader, trackpad = trackpad, etc...
Except that people who used Apple’s implementation of these and many other technologies panned as “2-3 years behind the curve” realize that Apples implementation is the first widely available _GOOD_ implementation of them.
I used touchscreens on phones for years before the iPhone. They all sucked.
Hidef screens on PCs, same (mostly due to poor OS support).
Fingerprint readers that worked 1/4 of the time (and were trivially spoofed), same thing, in fact my most recent Samsung work phone STILL only unlocks after multiple tries.
Apple’s Magic Trackpad & MacOS’ gesture support are _still_ better than everyone else’s.
But you go ahead and stick your fingers in your ears while muttering “late to the game” & “expensive”.
Democracy is a sheep and two wolves deciding what to have for lunch. Freedom is a well armed sheep contesting the issue
4. Placing a TouchID sensor on the back of the phone is a singularly horrible idea from a usability standpoint
That is nonsense.
There are plenty of phones that have the touch sensor on the backside, and my friends who own such phones, love it.
Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
The watch word of the day is "normalization," isn't it? Apple including facial recognition technology helps normalize the idea and numb people to its use in a way thet Microsoft and Samsung apparently weren't because lack of hipster cred. But now that Apple has done it, it will go "mainstream" (i.e., people will realize it is where it was and think that's new. Also will want to add it other places).
There is only a bit of snark there. But frankly, yes, facial recognition technology is more invasive than fingerprint readers because i don't have to touch the phone. It is passive collection technology. And it isn't even necessarily the fact that Apple is using it for login (biometrics should replace user names, not passphrases) or that scan data is held in the SEP. it is that Apple has a chip in the phone that can do reasonably accurate scans at a good rate. Its probably only a matter of time before a Square-like device is made leveraging the ability to provide minority-report like indenrification of shoppers (and then they'll helpfully airplay ads and coupons to people!)
Like I said, some degree of snark there. But if any company can push pervasive biometric identification beyond "z0mg government spying!!" to "this is totally normal and acceptable. I don't remeber a world wherein my face wasn't scanned 300 times a day creating an irrefutable log of my movements and actions throughout the day! Isn't it a totally wonderful and acceptable social norm?!," well that would be Apple.
Neither of those require giving up private information for a product. Do we need facial rec. to unlock a stupid phone? Heck, no. You could easily come up with a dozen, quick means to unlock a phone, that did not involve privacy violation. So we can assume this method was deliberately chosen to invade the privacy of users.
I typically hate the response I'm about to give since I've always felt it to be a cover-all-cop-out but this time I think this is an instance where it does apply. You're under no obligation to buy it. If they miscalculate a technology or marketing decision, you and everyone else should "punish" them by simply not buying the phone. Corporations aren't democratic. At best, you can stretch them to qualify as a republic with money being your elected representative. We can sit here and criticize them all day but if the phone sells like hot cakes because people love this feature, then we're just wrong.
1. Apple's FaceID Facial Recognition, including Enrollment, is done entirely on the iPhone. And any Recognition Data on the phone is stored in the Secure Enclave, inaccessible to everyone, including Apple.
How do you know, you've looked at the source code?
y finger naturally falls right into the TouchID hole on the rear.
Are we still talking about phones?