Ancestors

Toot

Written by the grugq on 2023-12-13 at 10:09

Accessing sensitive data will require biometric authentication on an iOS device, not just the unlocked device. This renders stealing the passcode less useful for thieves.

This configuration is, interestingly enough, the security setup that is recommended for mobile devices used on the Ukrainian front lines. Unlock the device with a passcode, but each application (that supports it) has to be individually unlocked with biometrics. This prevents the enemy from abusing access to a device recovered from the battlefield.

Innovation from the intense security environment of the Russo-Ukraine war makes its way into consumer devices!

https://www.theverge.com/2023/12/12/23998665/apple-stolen-device-protection-face-touch-id-icloud-account-vulnerability-ios-17-3-beta

=> More informations about this toot | More toots from thegrugq@infosec.exchange

Descendants

Written by nomad on 2023-12-13 at 10:40

@thegrugq prevents in case the finger / face was not recovered too...

=> More informations about this toot | More toots from nomad@cyberplace.social

Written by Eudes Corrêa :verified_rj:🇧🇷 on 2023-12-13 at 10:54

@thegrugq was a Brazilian I think it’s great, it should be even more restrictive when accessing a device without biometrics

=> More informations about this toot | More toots from eudes@bolha.one

Written by Kevin Riggle on 2023-12-13 at 10:56

@thegrugq Interesting. Biometrics are easier to fake than a passcode (I say "biometrics are usernames, not passwords"). But I guess here they're good enough and induce less friction in high-pressure use that the tradeoff when used in combination with a passcode in this fashion is worth it

=> More informations about this toot | More toots from kevinriggle@ioc.exchange

Written by Steve Bellovin on 2023-12-13 at 14:20

@thegrugq I can't speak for anyone else, but for me, winter is "my fingerprint scanners don't work anymore" season—my skin gets too dried out, so the patterns are parsed incorrectly. So much for biometrics…

=> More informations about this toot | More toots from SteveBellovin@mastodon.lawprofs.org

Written by Dave Wilburn :donor: on 2023-12-13 at 14:37

@SteveBellovin @thegrugq one of the recommendations I've read is to seasonally readd your fingerprints on your phone for this very reason.

=> More informations about this toot | More toots from DaveMWilburn@infosec.exchange

Written by Steve Bellovin on 2023-12-13 at 14:39

@DaveMWilburn @thegrugq I've tried that. It doesn't work as well as I'd like…

=> More informations about this toot | More toots from SteveBellovin@mastodon.lawprofs.org

Written by Wendy Nather on 2023-12-13 at 15:51

@SteveBellovin @thegrugq Me too. And some (badly designed) touch screens stop registering me.

=> More informations about this toot | More toots from wendynather@infosec.exchange

Written by Think For Yourself on 2023-12-13 at 18:36

@wendynather @SteveBellovin @thegrugq 💅https://www.lastwatchdog.com/fingerprints-biometrics-dont-work/

=> More informations about this toot | More toots from touchsymposium@mastodon.art

Written by Steve Bellovin on 2023-12-13 at 18:52

@touchsymposium @wendynather @thegrugq Basically, yes, though I think that there are some more nuances.

=> More informations about this toot | More toots from SteveBellovin@mastodon.lawprofs.org

Written by Paul_IPv6 on 2023-12-13 at 15:57

@SteveBellovin @thegrugq

yup. same up here in mountains about half the year

=> More informations about this toot | More toots from paul_ipv6@infosec.exchange

Written by Miro Collas on 2023-12-15 at 07:15

@thegrugq This also allows the makers to collect and resell the biometrics, if they want to.

=> More informations about this toot | More toots from Miro_Collas@masto.ai