Disclaimer: Derek Gelinas is a guest writer for TechXaminer. He is an Android fanatic who co-founded Carbon ROM, runs OSX, Linux, and Windows environments, and is generally cranky. His rants do not necessarily reflect the opinions of TechXaminer, though it is his personal belief that they would be better off if they did.
So the iPhone has this fancy new fingerprint scanner. Everyone, predictably, has their panties all a-twist about it. "OMG THAT'S NOT REALLY SECURE WE HAVE TO CRACK IT TO PROVE iPHONE IS BAD," or something to that effect. This shit again? Really? Must be September!
To the surprise of no one, someone found a way to beat it. Of course it was beaten - anyone who knows even the slightest bit about biometrics knows that fingerprint security is pretty far down the "things you can use to secure a system" totem pole. It can be beaten. We know that. We've always known that. Big whoop, I watched "Sneakers" too. Just because you can beat it doesn't mean you don't need to put in a good bit of work. You're gonna need the print - easy enough - and you're gonna need the time to scan it, print it in high res, etc. You're going to need to want to do it.
Which brings me to my next point. It doesn't matter. Not one bit. In fact, it's still a fantastic feature, and one that I hope we see in the Android world soon. Do you know many people who bother with a screen lock? Of course you don't. It's a giant pain in the ass and even enthusiasts can't be bothered. I can't even imagine the supreme effort of will it would require to get even one of my family members to use it. They don't care and they never will.
Now, those same people who love using iPhones but can't be bothered with a lock screen have a way to lock their phone with zero effort. Is it going to stand up to a focused attack? Hell no. Will it keep their idiot friends, coworkers, or your average thief from accessing your personal data? Yup. And here's a secret - that's all it needs to do. Remember face unlock? Not exactly hard to fool, and it isn't going to really keep anyone out really wants in. I don't recall the Android community tripping over themselves to attack that, though. It wasn't even implemented well - no one uses it because the damned thing only works under basically perfect conditions. The fingerprint scanner is no different - it just works better. Unless there was an epidemic of phone thieves running around wearing other people's cut-off faces that I didn't hear about, there won't be a sudden increase in fingers being chopped off, either. Anyone with data that requires real security isn't going to be relying on a stupid thumbprint.
And let's not fool ourselves about security, my Android brethren. How many of you are running a custom ROM? I don't care if you're using a lock screen or not - your phone isn't the tiniest bit secure when anyone can boot into your bootloader and flash anything they want.
Look, I'm an Android guy. Touchwiz and Sense make me want to throw my phone out the window onto train tracks, where it will hopefully be peed upon by a luddite hobo before being atomized by a passing bullet train. As far as I'm concerned, stock Android and open source are where it's at. So I get it. I'm basically a fanboy for Android. But here's the thing, guys - we're not the underdog anymore. Android is huge. It's advanced as hell. It has better and more features than iOS in many ways. Jumping all over the latest iPhone to show how clever and superior we are only serves to make us look like assholes. It brings the whole level of the conversation down. Some people like their iPhones - pretty sure that doesn't make them iSheep. (note: Windows phone and Surface users, on the other hand, are fair game. I hate those guys.)
Maybe Apple oversold the fingerprint scanner a bit. There's a shocker - that's kind of their thing, man. It doesn't mean that from an engineering and user perspective they don't have a real winner on their hands. The iPhone just got a whole lot more secure in real-world conditions for their users, and that's awesome. Will it stand up to targeted attacks? No. I'd wager very very few devices would. What it will do is make the user experience better, and that's the whole point. That's good for all of us.
So please, shut up about it.
So the iPhone has this fancy new fingerprint scanner. Everyone, predictably, has their panties all a-twist about it. "OMG THAT'S NOT REALLY SECURE WE HAVE TO CRACK IT TO PROVE iPHONE IS BAD," or something to that effect. This shit again? Really? Must be September!
To the surprise of no one, someone found a way to beat it. Of course it was beaten - anyone who knows even the slightest bit about biometrics knows that fingerprint security is pretty far down the "things you can use to secure a system" totem pole. It can be beaten. We know that. We've always known that. Big whoop, I watched "Sneakers" too. Just because you can beat it doesn't mean you don't need to put in a good bit of work. You're gonna need the print - easy enough - and you're gonna need the time to scan it, print it in high res, etc. You're going to need to want to do it.
Which brings me to my next point. It doesn't matter. Not one bit. In fact, it's still a fantastic feature, and one that I hope we see in the Android world soon. Do you know many people who bother with a screen lock? Of course you don't. It's a giant pain in the ass and even enthusiasts can't be bothered. I can't even imagine the supreme effort of will it would require to get even one of my family members to use it. They don't care and they never will.
Now, those same people who love using iPhones but can't be bothered with a lock screen have a way to lock their phone with zero effort. Is it going to stand up to a focused attack? Hell no. Will it keep their idiot friends, coworkers, or your average thief from accessing your personal data? Yup. And here's a secret - that's all it needs to do. Remember face unlock? Not exactly hard to fool, and it isn't going to really keep anyone out really wants in. I don't recall the Android community tripping over themselves to attack that, though. It wasn't even implemented well - no one uses it because the damned thing only works under basically perfect conditions. The fingerprint scanner is no different - it just works better. Unless there was an epidemic of phone thieves running around wearing other people's cut-off faces that I didn't hear about, there won't be a sudden increase in fingers being chopped off, either. Anyone with data that requires real security isn't going to be relying on a stupid thumbprint.
And let's not fool ourselves about security, my Android brethren. How many of you are running a custom ROM? I don't care if you're using a lock screen or not - your phone isn't the tiniest bit secure when anyone can boot into your bootloader and flash anything they want.
Look, I'm an Android guy. Touchwiz and Sense make me want to throw my phone out the window onto train tracks, where it will hopefully be peed upon by a luddite hobo before being atomized by a passing bullet train. As far as I'm concerned, stock Android and open source are where it's at. So I get it. I'm basically a fanboy for Android. But here's the thing, guys - we're not the underdog anymore. Android is huge. It's advanced as hell. It has better and more features than iOS in many ways. Jumping all over the latest iPhone to show how clever and superior we are only serves to make us look like assholes. It brings the whole level of the conversation down. Some people like their iPhones - pretty sure that doesn't make them iSheep. (note: Windows phone and Surface users, on the other hand, are fair game. I hate those guys.)
Maybe Apple oversold the fingerprint scanner a bit. There's a shocker - that's kind of their thing, man. It doesn't mean that from an engineering and user perspective they don't have a real winner on their hands. The iPhone just got a whole lot more secure in real-world conditions for their users, and that's awesome. Will it stand up to targeted attacks? No. I'd wager very very few devices would. What it will do is make the user experience better, and that's the whole point. That's good for all of us.
So please, shut up about it.
Posts
