stlcardinals
Senior member
What if they disable the radios? The remote wipe isn't going to work.
-
We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.
iPhone 5S fingerprint sensor already bypassed.
Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
What if they disable the radios? The remote wipe isn't going to work.
Red Storm
Lifer
And what will they do with it? My stuff is in the cloud, not on my phone. The phone can access my cloud data, but not if they disable the radios...
smackababy
Lifer
If they disable the radio, what is the point of stealing an iPhone? It basically is worthless at that point. Once it is connected to some network, it will be wiped. They get a bit extra time with it maybe? What would even be the point?
jiffylube1024
Diamond Member
If they disable the radios, then presumably they'll wipe the phone - that's the whole point of stealing one, right? But then they won't be able to activate the phone as long as you had Find My iPhone lock enabled before it was stolen. They'll just be stuck at the "please log in to your iTunes account" after they wipe the device and try to set it up as a new phone. That was the double-whammy improvement they introduced with iOS 7.
stlcardinals
Senior member
All of your stuff is in the cloud eh... Do you use the Mail app, Notes app, Contacts app? Not everything on the phone is stored in the cloud.
Seems pretty secure to me - it requires higher res devices than are currently required for most consumer-grade finger readers.
Also, I think it's important to note the practicality aspect. My phone is currently WAYYY more secure than it was before, because the nuisance of entering a code every time I use my phone was so great that I never turned it on. Now I have a > 10 alphanumeric passcode required and I almost never have to enter it because all I have to do is wait about one second for my phone to unlock. It is actually EASIER to unlock my phone now than before (when I used to have to slide to unlock) and yet it is significantly more secure.
If you put a dedicated effort into stealing my phone because you want the data on it, not much is going to stop you, but it certainly would be easier to watch me type a 4-digit code than to get my current passcode or fingerprint, because people with 4-digit passcodes and no fingerprint reader are typing their passcode extremely often.
On the other hand, a casual thief trying to score an iphone is at least going to be thwarted from doing anything once they do. And for me that is a much bigger concern since drive-by phone theft is increasingly common here.
Also, I think it's important to note the practicality aspect. My phone is currently WAYYY more secure than it was before, because the nuisance of entering a code every time I use my phone was so great that I never turned it on. Now I have a > 10 alphanumeric passcode required and I almost never have to enter it because all I have to do is wait about one second for my phone to unlock. It is actually EASIER to unlock my phone now than before (when I used to have to slide to unlock) and yet it is significantly more secure.
If you put a dedicated effort into stealing my phone because you want the data on it, not much is going to stop you, but it certainly would be easier to watch me type a 4-digit code than to get my current passcode or fingerprint, because people with 4-digit passcodes and no fingerprint reader are typing their passcode extremely often.
On the other hand, a casual thief trying to score an iphone is at least going to be thwarted from doing anything once they do. And for me that is a much bigger concern since drive-by phone theft is increasingly common here.
Red Storm
Lifer
So they're going to steal it and disable the radio and that's it? Does disabling the radios generate money? No, they steal to sell or keep and use. Both of those require an internet connection. Even if they were to wipe my Android device, the security app will still be there.
Eug
Lifer
Why I Hacked Apple’s TouchID, And Still Think It Is Awesome.
By now, the news is out —TouchID was hacked. In truth, none of us really expected otherwise. Fingerprint biometrics use a security credential that gets left behind everywhere you go on everything you touch.
The fact that fingerprints can be lifted is not really up for debate— CSI technicians have been doing it for decades. The big question with TouchID was whether or not Apple could implement a design that would resist attacks using lifted fingerprints, or whether they would join the long line of manufacturers who had tried but failed to implement a completely secure solution.
Does this mean TouchID is flawed and that it should be avoided? The answer to that isn’t as simple as you might think. Yes, TouchID has flaws, and yes, it’s possible to exploit those flaws and unlock an iPhone. But, the reality is these flaws are not something that the average consumer should worry about. Why? Because exploiting them was anything but trivial.
---
Practically, an attack is still a little bit in the realm of a John le Carré novel. It is certainly not something your average street thief would be able to do, and even then, they would have to get lucky. Don’t forget you only get five attempts before TouchID rejects all fingerprints requiring a PIN code to unlock it. However, let’s be clear, TouchID is unlikely to withstand a targeted attack. A dedicated attacker with time and resources to observe his victim and collect data, is probably not going to see TouchID as much of a challenge. Luckily this isn’t a threat that many of us face.
TouchID is not a “strong” security control. It is a “convenient” security control. Today just over 50 percent of users have a PIN on their smartphones at all, and the number one reason people give for not using the PIN is that it’s inconvenient. TouchID is strong enough to protect users from casual or opportunistic attackers (with one concern I will cover later on) and it is substantially better than nothing.
---
Fingerprint security will help protect you against the three biggest threats facing smartphone users today:
Fingerprint security will protect your data from a street thief that grabs your phone.
Fingerprint security will protect you in the event you drop/forget/misplace your phone.
Fingerprint security could protect you against phishing attacks (if Apple allows it)
By now, the news is out —TouchID was hacked. In truth, none of us really expected otherwise. Fingerprint biometrics use a security credential that gets left behind everywhere you go on everything you touch.
The fact that fingerprints can be lifted is not really up for debate— CSI technicians have been doing it for decades. The big question with TouchID was whether or not Apple could implement a design that would resist attacks using lifted fingerprints, or whether they would join the long line of manufacturers who had tried but failed to implement a completely secure solution.
Does this mean TouchID is flawed and that it should be avoided? The answer to that isn’t as simple as you might think. Yes, TouchID has flaws, and yes, it’s possible to exploit those flaws and unlock an iPhone. But, the reality is these flaws are not something that the average consumer should worry about. Why? Because exploiting them was anything but trivial.
---
Practically, an attack is still a little bit in the realm of a John le Carré novel. It is certainly not something your average street thief would be able to do, and even then, they would have to get lucky. Don’t forget you only get five attempts before TouchID rejects all fingerprints requiring a PIN code to unlock it. However, let’s be clear, TouchID is unlikely to withstand a targeted attack. A dedicated attacker with time and resources to observe his victim and collect data, is probably not going to see TouchID as much of a challenge. Luckily this isn’t a threat that many of us face.
TouchID is not a “strong” security control. It is a “convenient” security control. Today just over 50 percent of users have a PIN on their smartphones at all, and the number one reason people give for not using the PIN is that it’s inconvenient. TouchID is strong enough to protect users from casual or opportunistic attackers (with one concern I will cover later on) and it is substantially better than nothing.
---
Fingerprint security will help protect you against the three biggest threats facing smartphone users today:
Fingerprint security will protect your data from a street thief that grabs your phone.
Fingerprint security will protect you in the event you drop/forget/misplace your phone.
Fingerprint security could protect you against phishing attacks (if Apple allows it)
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 25K
-
-
-
