10-Year-Old Boy Cracks the Face ID On Both Parents' IPhone X

An anonymous reader writes: A 10-year-old boy discovered he could unlock his father's phone just by looking at it. And his mother's phone too. Both parents had just purchased a new $999 iPhone X, and apparently its Face ID couldn't tell his face from theirs. The unlocking happened immediately after the mother told the son that "There's no way you're getting access to this phone."

Experiments suggest the iPhone X was confused by the indoor/nighttime lighting when the couple first registered their faces. Apple's only response was to point to their support page, which states that "the statistical probability is different...among children under the age of 13, because their distinct facial features may not have fully developed. If you're concerned about this, we recommend using a passcode to authenticate." The boy's father is now offering this advice to other parents. "You should probably try it with every member of your family and see who can access it."

And his son just "thought it was hilarious."

Missing the point

[sjbe]

Think TouchID or FaceID like a lock on your front door. Yes it can be hacked and bypassed. Sometimes in ways you might not expect. It's low grade security. But that isn't the point. The point is to keep out the majority of less determined individuals out while being a reasonable balance between security and convenience for typical usage. If you want greater security there are features (passwords, etc) you can utilize to strengthen the system. Most of the time these are overkill but sometimes they are a very good idea. Anyone expecting TouchID or FaceID to provide iron clad security has incorrect ideas about what they are for and what their limitations are.