11 comments

[ 2.9 ms ] story [ 39.6 ms ] thread
Keep in mind also that the giving of fingerprints is considered non-testimonial. You can be forced to give up your fingerprints, but in a criminal prosecution you cannot be forced to answer questions such as, "what is your password?" The heightened security thought to be obtained by cloaking a phone with a fingerprint is thus easily removed.
I hope that soon a 'duress fingerprint' option is implemented; the simplest way is that you enroll one finger to be your duress finger. When you scan that one, the phone will require a password to unlock it (even if rebooted)
"Please extend your right index finger"

Cop presses your finger to phone.

So keep your right index finger as the duress finger if you are high risk, or just use the duress finger as soon as you see police. Not 100% effective, but nothing is.
This is from the "I'll just stun them with a triple spin kick" school of activist fantasy.
Sigh. I clicked, hoping to learn something. But in the fourth paragraph I read:

The researchers did not test their approach with real phones

That's when I stopped.

What, nobody at NYU or Michigan State could afford to buy some "real phones" to check out their theories???

What fucking bullshit!!!

Yeah, exactly. "Did not test with real phones" is journalist code for "does not actually work in reality, but why throw away a perfectly good headline?"
1. Fingerprint scanners have always had security issues.

2. They replicated nothing.

3. Why nyt?

I think the Master Print technique is an novel approach to biometric cracking — closer to the statistical techniques used to defeat passwords, right?
Honestly, if it weren't for the finger print sensor I'd still be passwordless. I can't imagine I'm alone on that.