It does, but at the moment the post was put online, there is nothing official, except the name. Hence "this is iphone X" looks like a placeholder for a future event.
I have a suspicion that removing the home button and relying on swipe-interactions might be a step back in usability for the non-tech savvy people who have made up a large share of iPhone users.
The presenter claims that once you've tried it for the first time you will realize that it was the best way. I agree with you and think that it's quite an assumption. Sure the homebutton may of created problems when it needed repair etc, but I really love having actual hardware buttons on a phone.
I had to disable double-tap for multitasking (and bunch of other gestures) on my family iPads because they caused a lot of issues with older users. I wonder if there's going to be an accessibility feature to make it more friendly to people who have issues differentiating between "swipe up", "swipe up from bottom", "swipe up from bottom and pause" and other overloaded gestures.
Under accessibility iOS already has a floating menu button, that a lot of people, especially outside the US, enable. It actually works very well, and I wouldn't be surprised if we start seeing iPhones sold with it enabled.
It was discussed at length at the time on different podcasts such as ATP and The Talk Show, and I recall it was the case mostly in Asia.
It had to do with the perception of the physical button's flimsiness and unreliability. And was coupled with the far different experience in regards to Apple Repair centers (sometimes not even provided by Apple itself) which made the whole experience an ordeal. So, to preserve the value of the phone, they preferred the software button instead.
Others chimed in to say that, other than having to deal with repositioning the button from times to times because it obscures something below, it was actually a step up in usability as it offers more options (there is a whole user configurable menu there).
Why they continue to do it after the 7's fake hardware button? Probably because of the latter cause.
I don't think you'll see this be the default experience across Apple devices for quite some time. I don't think even the iPad Pro will have this edge-to-edge screen for at least a couple years – the home button is not dead.
It reminds me of Motorola's option to remove Android's black button bar and rely instead of swiping gestures over the fingerprint reader [1]. I tried it and, to their credit, it works very well. But it felt unnatural and my muscle memory didn't adjust quickly, so I disabled it.
In my experience, it works like a dream. The combined fingerprint reader / home / back / app list button on MG5+ is great. I think it took a few minutes to fully internalize it. Also "make a twisting motion to start camera" is incredibly handy. I don't use the "shake for flashlight", as I fear it will misfire and empty my battery.
Maybe I should give it a second chance, but I agree that the other gestures are great. You should try the flashlight one, I have it activated in my MG5+ and has never misfired, since you need a pretty vigourous shake to activate it.
The average user loves their social media, texting, and googling. They will spend a few minutes figuring out how to get back to their world of online drama, and Reddit.
I wouldn't be surprised if Apple is using monkeys to test phones in the development stages--of ease of use especially? "Just throw the devise into the cage, and call me when the monkey is on the Apple home page, or reached FB!"
They want to give the average consumer a devise that a average person can buy things on, and yack on, excuse me send text messages, interlaced with emojis.
might be a step back in usability for the non-tech savvy people who have made up a large share of iPhone users
"non-tech savvy"? I write software for the damned things, and my first thought was, "oh, great, more obscure swipe gestures to try and memorize." As an added bonus, the control center is now a swipe from the top, not the bottom like it's been for the last, what, five versions?
That actually makes intuitive sense, now that there's a notch there dividing the clock—notifications are associated with time, so that's easy to remember—and the battery/wi-fi indicators, which are associated with the control center.
Jarring if you're used to swiping from the bottom, but it does make sense at least.
For what it's worth, I really miss the gesture bar on the Palm Pre (and other Palm) phones.
It had a little button there too, but swapping the swipe up for this works fine imo. I think this is a great move forward, but will wait until I have to use it every day to decide.
Question regarding these new guestures: Are these a iPhone X only thing or they now supported on all IOS11 devices? I think from a hardware point of view it should be possible to let iphone 6/7/8 users to chose whether they now want to use the button or the guestures for this functionality.
This made me curious, so I picked up my iPhone 7 Plus and tried it. Of course I got the control center because it's not an X, but it feels completely natural. I'll be perfectly happy when that gesture replaces the home button.
In fact, this actually improves the lock screen quite a bit now - no more accidentally missing my notifications because the home button that woke up my phone also unlocked it and took me away from the screen.
I agree! I don't know how many times Ive seen a notification that caught my eye and before I could recognize what app it was from or what it pertained to I'd already auth'd and missed it.
Indeed; one of the things that struck me about iOS devices versus anything else nowadays is the discoverability that the home button provides. The device is sitting on the table, and there is a single button to press. With a home button, it's obvious what to do.
That said, maybe the X branding is akin to 'Pro' and is not intended for the less tech-savvy
They just showed a full screen video and the black bar was blocking part of the video. This looks really bad while demoing with views animated in real time.
Content doesn't go missing that's why.
When you are watching a video that part of the screen is not used on Android. The area would be a black bar at the top/side and Android doesn't put anything in that part of the screen(middle) when in an app or homescreen
I think the original rumors said they were trying to make the cameras work beyond the glass/display but winded up not quite getting it to work, so they winded up with the notch this time.
The bar is as low as today's iPhone home button. I have a strong feeling you will hardly ever reach it by accident, considering scrolling from a point that low is unnatural and uncomfortable.
Also, there is always a big obvious bar down there.
Of course it's easy. But it's a severe threat model. Targeted physical attacks aren't really on the list of concerns for most people. And if you are worried about it, you shouldn't be using touch or voice unlock either.
Presumable the IR sensor will know that your photo or replica is not body temperature. That said, maybe heating up your fake with a hair dryer will work?
Why the downvote? All of these system have been proved easy to trick. Do you really think depth perception is a real hurdle? 3d printers do exist. It is based on IR detection of projected points, so you might even be able to fake it with a specially prepared photo (for example with holes for the ir points) and an ir source behind it.
You could be right, but it seems to me there is a lot of data going into that thing, if it is designed to not just check the data for matches, but also self-consistency across inputs it could be a pretty high bar... I imagine it does depth, IR temp checking (nose colder than face, etc.), image, and maybe even a couple ms of time monitoring to make sure the face is pliable and maybe even has realistic deformability.
Just a guess from the types of sensors and the custom ASIC that was designed to integrate them... at 600 billion operations per second it certainly seems like it would be capable of real-time integration and validation of all those things.
I wonder if the ir camera could be used for other purposes. If it can actually read the temperature, that's a neat trick. Probably can't though (see prices of flir lepton), I'd guess it is a b/w camera sensitive in the 700-800 nm range.
But still, with the dot projector, and that kind of processing power, they should be able to detect 3d gestures, similar to leap motion.
Can't speak for anyone else, but you are making the tiresome and fundamental mistake of arguing about a security system without actually considering economics, usage, and threat scenarios, which are key things that define security.
>All of these system have been proved easy to trick.
By what standard, and in comparison to what? Even ignoring that implementations vary dramatically and importantly in inherent hardness [1], even what you're describing is already significant effort. In terms of security categorization, what you're describing ("3d prints", "specially prepared photo", whatever) all fall into the fundamental form of a targeted physical attack. But once we're into targeted physical attacks everything becomes much harder. Passcode? We live in a world where cameras are everywhere already and becoming more ubiquitous still, along with drones. Even simple shoulder surfing is a thing, but when you're out in public and need to unlock your phone how certain are you really that there is not a single camera, anywhere, pointed in your direction? Even if it's not directly down at the screen merely seeing your finger/thumb movements may be enough. How much work are users in general actually willing to go through to unlock something they use constantly for often very short bursts of immediately desired information? Because if your system isn't actually something people will use and has a good work/value tradeoff, it's worthless. It's not the people who are wrong, it's the system.
This is why threat scenarios are vital in security evaluations, always. In general, there is a big topological difference between scalable attacks and targeted attacks, and with remote vs physical presence requirements. Coming up with convoluted attacks and scenarios quite literally misses the entire point. You need to consider what a system is trying to do, how well it does it, what it is trying to defend under what circumstances, the value therein, the audience targets, etc etc. You didn't do any of that, and on HN people really should know better.
FWIW, I do have significant concerns about Face ID, both in terms of implementation in practice, and in terms of how amenable it is to some real practical security practices I'd like to see like coercion code/variable unlock for example. But my list of concerns do not include anything that relates to a targeted physical attack unless it proves trivially scalable in the real world, as that's outside the core scope.
----
1. Seriously, it's immensely irritating how many tech people think ideas, theory and so forth have much of any value whatsoever vs real world implementations, or think they can always talk broad categories rather then specific implementations.
If a common thief needs to go through the trouble of buying a 3d printer, etc., then I don't think it's as big a deal.
Sure, when it comes to more organized crime or the government they'd be more capable. But at that point if you really want to protect your data then I don't think an iPhone is where you want to be putting that data in the first place..
Probably right, depends on how much value you can extract from the phone. Just to resell it, probably not. Use the apple wallet from some rich guy, maybe. Getting nude photos of some celeb off a phone you stole is worth a 3d printer easily.
Windows says hello. I imagine in an non-fixed setting like an mobile phone, trying to peek at your phone while not drawing attention to it (meeting or otherwise) will probably be somewhat of a challenge
Well everyone will need to wait for real-world tests to be sure, but I'd be quite surprised if they've got it good enough to work when someone is wearing a hat and sunglasses and yet still be secure enough to have a very low false-positive rate.
They generate a depth-map of the face with a pattern projector and IR-camera. Facial bone structure will be unaffected by superficial changes. I suspect things that obscure large portions of the face, like large glasses or a sudden thick beard will give it some difficulties.
That's what the marketing material says. I'd like to wait for some real world tests to determine if this works anywhere near as well as they say it does. My intuition says not, but I'd like to be surprised.
Windows Hello was one of the first things I disabled on my surface. When I was working with someone, it annoyed the shit out of me to have to turn the laptop real quick to log back in, etc. Sometimes I just wanna activate it without looking, and it had to "wait" a couple seconds to realize I wasn't looking and wanted to just spend .3 microseconds to throw my PIN in.
Much easier to just 100% of the time splat out 4 numbers.
I find I type my PIN faster than Windows Hello works, more often than not, and yeah it is easier to surreptitiously punch a pin under a table than bring your phone to face distance.
Unsure about the downvotes, do you really buy Apples 1 in a million numbers here? Really? This tech has proven to be unreliable before and is nothing more than security theater and for a minor convenience
It probably uses an IR light source to illuminate your face invisibly. Trouble on stage may have been from stage lighting drowning out the IR, though that parts just speculation. I didn't watch
Right, but I was saying it probably uses an IR _source_ to illuminate your face in the dark. Then again, humans probably just emit enough IR without it.
I unlock my phone in my pocket with Touch ID all the time - ready to go and on the home screen by the time I've flipped it around in my hand. Feels like a straight downgrade in usability.
also, some engineer at apple had to continuously grow a beard to test this
I think speed of the facial recognition will make or break this. If it takes less than 500ms of me staring at it to unlock it could feel fluid enough. Any longer and it'll be annoying every time.
You can notice sub-200ms lag, but for when you aren't specifically watching for lag or firing a series of rapid events one-after-another, sub-200ms seems to be roughly the point where it "feels instantaneous."
That's absolutely not true. I can tell the difference between 60 hz (16ms) and my 144 hz monitor. I can tell when my 144 hz monitor is accidentally running at a lower refresh rate, including 120, 100, 75, and 60.
200 ms is like a full react/response time for a human to take action in response to input, our actual sense of time is much finer than what our nervous system can make our muscles do.
Is that because of the faster refresh rate, or because none of those divide evenly into 144 and thus you're getting weird frame stretching?
Curious as I just got back into gaming after several years and everyone seems to love 144fps now, wondering if I should upgrade. I have a 1080Ti, so I could presumably render that
Ah, I was just wondering if running a 144hz monitor at 60hz was like watching a 24fps movie at 30fps... if that makes sense? But the monitor can just switch its actual refresh rate.
Good monitor reviews include a test of the delay. 3 frames delay (<100 ms at 60hz) is absolutely atrocious and easily detected by players in games.
But of course, that's not the problem. It's ok that the phone doesn't unlock with out me noticing the delay. It just can't be so long that I start doubting whether it works.
Yes. You'd feel quite drunk even controlling the mouse pointer with 100ms lag. This was/is actually a problem with some LCDs (VA in particular) that cached a frame or two in order to "anticipate" future changes so that they could adjust the voltage and make the image transition faster.
This overdrive is probably also the cause of burn-in-effects that seems to be especially common in VA panels.
FaceID with lag compensation! As soon as it sees a face it starts to unlock based on a fast prediction, then if the authoritative secure side of the chip says "No, authentication actually failed" it rolls back the clock and relocks itself!
200ms is five frames/changes per second, and is definitely very noticeable. You may be thinking of a figure closer to about 12ms or so, which is the approximate threshold of perception for audio lag.
First off, as the person above said, you can start the unlocking process long before it's even facing with with touch-id, as you're taking it out of your pocket. With this, this "timer" starts only when it's fully out and facing you.
Next up, in this, it has to be facing you perfectly. You can't unlock it sneakily under the table, you can't do it while someone else is looking at your phone, etc.
Lastly, you still need to manually swipe to actually open the phone, so it's not like you're not using your finger either. If at least you could unlock it without using your hands that would be something.
At the end of the day, I still want to see properly reviews of what the actual successrate is too. It's not all about speed, if it fails 5% of the time, that's extremely annoying.
Something that "pop" yes. A border flash, a hint at the bottom that means "you can swipe now". The [un]lock icon can stay but it's to high focus to be a good UI.
To be honest, with the full glass, I expected something like.. a full screen fingerprint scanner (have no idea if it's feasible at all). I thing TouchID is the best biometric input for casual operation.
Sorry, I read your first response as the screen being dimmer, not the wallpaper. I was complaining that you wouldn't be able to read notifications if the screen was dimmed but that wasn't what you said. My bad!
That matches what they did to touch ID in iOS 10: unlocking no longer actually took you to the home screen, just left you on the lock screen with your phone unlocked for... some... reason. There is a setting to change it, maybe there will be one for this as well.
Oh yeah, I forgot that I had to change that setting. I definitely hope it's the same with Face ID - I don't use home screen notifications for anything.
One of the reasons was that on newer phones (the 6S and the 7) Touch ID was so fast that it was hard to even see the lock screen. If you use the home button to wake up the phone then you would be authenticated and the screen would go away before you had a chance to see anything.
Their solution was to split it into two different steps.
You have the same issue with Face ID. If the "lock screen" went away as soon as you look at your phone you could never actually look at the notifications there.
Clearly they had to do something. Does this work well? I guess we'll find out when the reviews come out.
No, the issue is different. With FaceID, if there was no swipe, your phone would unlock all the time for no reason at all. For example while driving, or while having it flat on your desk and hovering near it, and so on.
I am very skeptical about FaceID. I actually love TouchID, can hardly imagine anything better, but Apple has surprised us before.
Indeed especially when driving that millions of us shouldn't be doing but do anyway. Touch ID made it so easy to unlock ... can't imagine Face ID being a better in this scenario.
But the reason you unlock it is to look at the information on your phone, so it's not like you are using touch id without looking at your phone after that, no?
I keep "loaning" my finger to family members all the time, when I'm driving, watching TV, and they want to borrow my phone.
Not really sure Apple thought through this from every angle...
Oh boy, that's going to be awful fun for parents. Let the kid play with a game; they call your name while pointing the forward camera at you and you've just Face ID'ed some in-app purchase.
That's an interesting corner case. My phone has a setting that lets me turn off touch ID for App Store purchases (so I would have to use my passcode) so I guess you'd just have to use that if your kid kept tricking you and you couldn't stop them.
TouchID is great, but if I've been sweating or have some moisture on my hands for another reason (say I'm cooking and want to check the recipe) it fails horribly.
It looks like they made a point in one of their promo ads that it also works at an angle and with weird lighting/obstructions (the video of the swimmer looking down at her phone that was flat against the edge of the pool).
This happens often to me when I used my phone as a sat nav, the phone was attached to the dash but would sometimes go to sleep if the battery went to 20%. I'd open it up again by just tapping the home.
But then you have to adjust your grip, at least for me when I unlock my iphone I am using a different grip then when I try to click an icon on a homescreen, so if I would use face ID - it will save me some time for adjusting grip, at least that's what I imagine, of course nobody have tries face ID yet.
So what I'm talking about is: I place my thumb on the home button and three fingers on the back of the phone, while grabbing it in my pocket. The fingers are initially pointed down, in the same direction of the phone. As I drag it out of my pocket, I click the home button and flip the phone around, so now my fingers are horizontal across the phone (standard phone-holding position basically). It's almost always unlocked by the time I can see anything on the screen.
This requires you to always orient the screen "inwards" (towards your leg).
I don't understand why having the fingerprint sensor in the back of the phone (Nexus, Pixel and some other android devices) never took off that much. Ever since I got it on my Nexus 5x I absolutely loved it (Pixel now, same thing). It's incredibly intuitive, works both right and left handed, doesn't take up screen space, and they've just added a "scrolling" feature to open your notifications by swiping it. Seems like a no-brainer, I can't see any fault in it, and yet very few phones have it.
That's what is meant. You can auth with Apple Pay before you need to for up to a minute (maybe two?) and save yourself the time. It's the equivalent of having your cc out of your wallet and in your hand before you need it.
Apologies but what do you need to do to preauth? Is this just the quick-double-pressing to open the Applet Pay wallet in advance? Do you still have to put your finger on it when making the actual payment?
Double press to bring up the wallet, then leave your finger on until the fingerprint changes to a phone with the message "Hold Near Reader to Pay". Then you don't need to leave your finger on when making the payment. Handy when you have to reach over a counter to "Tap" or need the payment to go through quickly (going through a payment barrier such as on the London underground). I assume FaceID will work the same.
It's having to look away from the primary activity of getting through the barrier that is the problem. Not sure how this will go down at 8am at Waterloo.
No different from now. Plenty of people have eyes down watching videos or reading while walking towards the barriers on both sides. Annoys the bejeezus out of me every single day.
My 6 worked so infrequently that i stopped bothering. At least with my 7 it works about half the time on the first attempt or two. I've put my prints in many times, I've even recorded my thumb from all sorts of angles as multiple fingers. Still no joy.
Blisters are another deal breaker. As a new golfer I've been feeling this. I imagine people who work with their hands all day (e.g. construction) may have a similar issue.
Actually, the message ("Your passcode is required to enable Face ID") was identical to the message when too many failed Touch ID attempts are made, not when a phone is rebooted ("Touch ID requires your passcode when iPhone restarts").
That article doesn't say anything about an infrared dot map of the face - just that "the infrared camera is first used to light up your eyes".
Additionally, https://en.wikipedia.org/wiki/Iris_recognition says "Iris recognition uses video camera technology with subtle near infrared illumination to acquire images of the detail-rich, intricate structures of the iris which are visible externally" which doesn't involve any kind of infrared dot map.
>Let’s be clear about how Windows Hello works on the Lumia 950. It doesn’t use facial recognition, but instead relies on the front camera and a nearfield IR diode so that the camera can clearly see your iris. When you enable Windows Hello for the first time, your iris is scanned and a cryptographic hash is generated and stored securely on the phone. When you attempt to unlock the device using Windows Hello, a new hash is generated and compared with the original, and if the two match, access is granted.
>Facial recognition on the other hand, as used in some new notebooks designed for Windows 10 and Intel’s RealSense F200 camera, uses three different methods to recognize your face: infrared, a standard camera, and a 3D camera. This technology requires more space inside the device and as such isn’t suitable for use in phones, but unlike iris scanning works at a distance.
You didn't get downvoted for mentioning a feature already implemented elsewhere, you were downvoted by trying to claim a device did something it clearly didn't.
The corollary to "tak[ing] good ideas that were never implemented properly and do it properly", clearly, is taking good ideas that were implemented properly and completely fucking them up.
Would you say that Google never implemented maps correctly?
If not then what the GP said doesn't apply.
Of course we could talk about the fact that Google was demanding all sorts of user data from Apple and wanted the ability to display ads on top of the maps… But people never talk about that. And Apple replace the head of the division that messed it up.
I've never really had an issue with it. The data is much better than a few years ago. I don't use Google maps (I'm happy with Apple and its integration).
I've heard (anecdotally on podcasts) they're roughly even.
The one thing I've heard in the past is it really depends on where you live. Google had better data in rural areas or other countries (they've been at it for what, almost 15 years?) so Apple Maps may not be an option for some.
In the US? I'm not sure there is a big difference for streets.
(Pretty sure Apple has slightly fewer points of interest like businesses, but it's rare I run into that).
Samsung also has facial recognition on the S8. You can bypass it by printing out a photo of the owner's face. But I would expect Apple's implementation to be more secure and more reliable than previous poor implementations, otherwise they wouldn't be doing it.
>The Galaxy S8 provides various levels of biometric authentication, with the highest level of authentication from the iris scanner and fingerprint reader. In addition, the Galaxy S8 provides users with multiple options to unlock their phones through both biometric security options, and convenient options such as swipe and facial recognition. It is important to reiterate that facial recognition, while convenient, can only be used for opening your Galaxy S8 and currently cannot be used to authenticate access to Samsung Pay or Secure Folder.
Not exactly a vote of confidence from the manufacturer, is it?
This is not the first time Android has had face recognition to unlock phones. I remember the first time they tried, it was trivially easy to snap a picture of your colleague and open his phone.
That's a beta version and I can't guarantee it was true of the release version, but since all they were working with was the normal front facing camera I doubt they were able to make this secure.
I alo had a lumia 950. It does not have face recognition, it has an iris scanner. An infrared light lights up your eyes and then the camera makes an IR picture where it analyzes your iris pattern. The reason it didn't work well is that your eyes had to be open (no squinting, like in bright light), close enough to capture a precise image and in exactly the right spot for the zoomed in camera. I eventually learned a gesture that unlocked it semi-reliably, but it was basically holding the phone right up to my face in the exact right spot.
Now that I see how apple is doing face id I think it will work more reliably ... eventually. I doubt they'll get it right on the first try because this is the kind of feature that has to bake in the real world (like apple maps). Still, they may surprise us like they did with the equally hard touch id feature.
You always have the password as backup to unlock. If your appearance were to suddenly change remarkably, such as via plastic surgery or a horrific accident, you would set your new face after unlocking with the password.
Based on their phrasing, I'm assuming the "adaptive" aspect means that slow changes, such as gaining or losing weight, will progressively train the existing face - without it ever failing to recognize you because you passed some weight threshold. Same would go for growing a mustache or beard. As to whether you can shave off a 5-year beard and have it still recognize you without manual intervention, that would depend on how much the algorithm cares about your chin and lip regions vs. the rest of your face. Based on the demo, the hair on top of your head is 100% ignored.
Apple claims that the odds of a random person's finger unlocking your iPhone with Touch ID is 1 in 50,000, and the odds of a random person's face unlocking Face ID is 1 in 1,000,000.
I wonder what the odds are of someone unlocking your phone with a picture of your face? I've heard lots of biometrics companies say that their system is immune to such simple hacks in the past, only to immediately fall to such simple hacks in testing.
That's interesting. I would think that identical twins would be very hard to distinguish... and those certainly have an almost 1:350 odds. Of course you're likely to know them, but still I'm not sure banks would be happy with that for FIDO.
I think the number is if you choose another human at random, how likely is it that they'll be able to unlock your phone. Having a twin doesn't change that number much, since they're only one person out of 7+ billion. Of course, your threat model may be different from "pick a random human from anywhere on the planet."
The twin's mother is inside the phone telling it what to do? Or the person you replied to is talking about technology finding it difficult to distinguish, and not a close family member?
My point is that twins are only difficult to distinguish for people who do not know them. For family and friends it's easy, which means that there are substantial differences even for faces of twins.
The face detection technology will be able to recognize those differences as good or better than the twins' family and friends. If it does not now, it will eventually.
If you want to teach Face ID to reject masks, you need to make some masks. Similarly, if it needs to be taught to reject a twin, you need dozens of twins. And if it starts labelling people incorrectly as their twins, is it worth it?
Perhaps they can sidestep this by offering a specific twin learning feature.
Twins are just examples of two people with very similar faces. If Apple are able to train Face ID to distinguish between 6 billion different faces they will also be able to distinguish faces of twins.
I wonder if it works with scarves and hats covering everything but your eyes. It seems like an obvious oversight, but it's a Californian company that launched a maps app without any transit support...
How about a big helmet? I imagine snowboarders/alpine skiers/motorcyclist will have to take off the helmet to unlock. As someone who goes snowboarding in the winter, it sounds really annoying to not only have to remove a glove, but also the helmet, to unlock the phone (or unlock with a passcode, which is still a downgrade from using the fingerprint).
After spending a week in London this spring, my (already high) appreciation of my Apple Watch went way up. Paying for my tube rides using my watch - even through sleeves and jackets - was really like magic. Don't think I could live there without one...
It's funny how the acceptable level of comfort changes. Having an oyster card in your pocket wasn't a huge issue before. It's slightly less convenient, but not really life changing.
I mean, I know you're joking, but it's not really the case. Before Touch ID, you had to either leave your phone always unlocked, or have a pass code/word. Those options are still available, there's just two additional ways now with Touch/Face ID, so they haven't gotten less usable for non-humans, just more usable for humans.
You know, it really depends how fast it is. You need attentiveness to use your phone, so requiring attentiveness to unlock it doesn't seem unreasonable, provided it happens in less time than it takes to move your thumb to the glass.
No, this is not true. I can log in and activate functions of my phone right now without looking at it.
If I have to look at my phone, there is a problem. If the phone merely needs to see my face, maybe it's less of one. The iPhone is already slow enough I find myself waiting on it, I don't want it to be any slower.
Im on a Nexus 5x, but I do the same thing, and had the same thought when I saw this in the keynote. I have my phone unlocked before I'm looking at it probably ~80% of the time.
I'm concerned that Face ID will suck more than Touch ID, too.
I do the pocket-unlock you describe often. At the same time, Touch ID has its own limitations. For instance, it doesn't work if you try to unlock after recently holding a cold beer (or have even slightly damp hands for any other reason).
My guess is Apple isn't worried about being consistent. They will provide the best solution according to the tech available at the time and the other constraints of the product.
You should look at the specs and how FaceID works. It's so much more than just a camera.
The iPhone X is currently the only device to support face detection. All other iPads, iPhones, and MacBook Pro range use TouchID. It was years before it was ever added to the Mac, it'll likely be years before FaceID arrives as well.
This is, of course, a threat model issue. If you're Assange/Snowden, you might want to shy away from Face ID, but you probably didn't have Touch ID on anyway.
FaceID shows the difference between Apple and other smartphone manufacturers. Apple doesn't release features until they are absolutely sure they can engineer them to work perfectly.
Of course I don't. But the presentation gives enough information to be able to assume it is secure. Some other manufacturers' solutions can be tricked with photos. Since Apple mentioned dot projector, you can assume they are tracking the 3D model of your face which by itself should be much more secure. And it works with Apple Pay, the banks wouldn't allow it if it wasn't equivalent to Touch ID.
So windows Hello, which also uses 3D models, has been available for years.
As to banks, I'm fairly sure (although I have no inside knowledge) that the banks won't have been allowed to review this technology in advance of the release, so they have no real assurance here.
You can of course assume it's secure and as usuable as TouchID, but I'm guessing the devil will be in the detail on this one.
Yes…they mentioned the tests they put it through. Different hairstyles, facial hair, etc. and it worked; they tried pictures and masks and made sure it didn't.
...and all I wonder is why they are skipping number 9? Are the negative connotations some culture? iPhone NEIN?
With Windows 9, there was at least the explanation that software might confuse it with Windows 9x (which I didn't buy, since there is view api returning the version as a string, and Windows shims GetVersion if you don't declare compatibility anyway).
More on topic, this looks nice, I think people will not be disappointed like they were with the MBPs. Can't wait to try it in a store (and probably can't afford it either...). Edit: no touch ID?? Might have spoken too quickly...
During WWDC 1998, Steve Jobs announced Mac OS X (as a change from the original Rhapsody strategy) while Mac OS 8.1 was still current. There is precedent by Apple to announce version X before version 9 is released.
I do hope Apple have got this facial recognition stuff right, but personally I'm skeptical that it'll be better than TouchID.
For me, from reading previously leaks, this feels like a compromise where design (we want a phone that's all screen) wins out over usuability (TouchID is great for usuable security)
I turned off the stream because I needed to get back to work. Did they say anything about security for FaceID? Such as where the data about your face is stored. Or what about just holding up a photo of someone?
It’s stored in the secure enclave locally on the device.
They said it can’t be fooled by photographs and they tested it with “Hollywood mask makers”. It’s “one in a million”.
They did mention that they tested against photos, and worked with hollywood makeup artists to make masks to test the phone as well. The number they mention for the odds that someone elses face will match yours is 1 in 1,000,000. They also said that touch id has a 1 in 50,000 chance, so it is 20x more secure.(I say that a bit tongue in cheek) I would like to know how they crunched these numbers though.
No, it didn't. The screen said "Enter PIN to enable Face ID." The phone had been rebooted, and a password is required first. Same as TouchID. He failed, FaceID did not.
I approve of Face ID more than Windows Hello, but I'm not convinced that neural networks are ready for security prime-time. Have we solved adversarial attacks yet? Were any of the masks they used in training painted with adversarial patterns?
(The tech is cool, though. Actually amazing, that it fits on a phone.)
1,795 comments
[ 3.9 ms ] story [ 491 ms ] thread> So what does a decade of iPhone innovation look like?
> Developing… Please refresh for updates.
Obviously the "hype" for a new iphone is still up & running since there is a thread for not yet officially announced device...
Doesn't Apple announcing it at their "Special Event" count as an officially announced device?
"Please refresh for updates"
Besides there is a new thread ( https://news.ycombinator.com/item?id=15229902 ) for the same subject - nothing offcially started, yet several threads for it.
Anyway, it will be fun to see if this one will hit 1000+ comments :)
It had to do with the perception of the physical button's flimsiness and unreliability. And was coupled with the far different experience in regards to Apple Repair centers (sometimes not even provided by Apple itself) which made the whole experience an ordeal. So, to preserve the value of the phone, they preferred the software button instead.
Others chimed in to say that, other than having to deal with repositioning the button from times to times because it obscures something below, it was actually a step up in usability as it offers more options (there is a whole user configurable menu there).
Why they continue to do it after the 7's fake hardware button? Probably because of the latter cause.
[1] https://motorola-global-portal.custhelp.com/app/answers/inde...
Touch button (without actually pressing it down)=back
Long touch button (still without pressing it)=recent apps
Physical press of button=home
I have it set up to wake&unlock with a touch instead of a press, so the only time I have to press the button is to go the homescreen.
The average user loves their social media, texting, and googling. They will spend a few minutes figuring out how to get back to their world of online drama, and Reddit.
I wouldn't be surprised if Apple is using monkeys to test phones in the development stages--of ease of use especially? "Just throw the devise into the cage, and call me when the monkey is on the Apple home page, or reached FB!"
They want to give the average consumer a devise that a average person can buy things on, and yack on, excuse me send text messages, interlaced with emojis.
"non-tech savvy"? I write software for the damned things, and my first thought was, "oh, great, more obscure swipe gestures to try and memorize." As an added bonus, the control center is now a swipe from the top, not the bottom like it's been for the last, what, five versions?
Jarring if you're used to swiping from the bottom, but it does make sense at least.
It had a little button there too, but swapping the swipe up for this works fine imo. I think this is a great move forward, but will wait until I have to use it every day to decide.
In fact, this actually improves the lock screen quite a bit now - no more accidentally missing my notifications because the home button that woke up my phone also unlocked it and took me away from the screen.
That said, maybe the X branding is akin to 'Pro' and is not intended for the less tech-savvy
I probably have to swipe carefully from the very bottom or stay away from the bottom?
Also, there is always a big obvious bar down there.
Now it has 32 upvotes in the last 30 seconds...
38 now.
41...
44. These are less than 30 second intervals.
48
55
Local police? No fucking way. Random phone thief? Don't make me laugh.
And people seem to actively "forget" that this is a learning model, getting better with every unlock. Just like TouchID, but better.
It sounds like this in some ways is a step forward from touch id in that regard, but we'll have to see.
But still, with the dot projector, and that kind of processing power, they should be able to detect 3d gestures, similar to leap motion.
>All of these system have been proved easy to trick.
By what standard, and in comparison to what? Even ignoring that implementations vary dramatically and importantly in inherent hardness [1], even what you're describing is already significant effort. In terms of security categorization, what you're describing ("3d prints", "specially prepared photo", whatever) all fall into the fundamental form of a targeted physical attack. But once we're into targeted physical attacks everything becomes much harder. Passcode? We live in a world where cameras are everywhere already and becoming more ubiquitous still, along with drones. Even simple shoulder surfing is a thing, but when you're out in public and need to unlock your phone how certain are you really that there is not a single camera, anywhere, pointed in your direction? Even if it's not directly down at the screen merely seeing your finger/thumb movements may be enough. How much work are users in general actually willing to go through to unlock something they use constantly for often very short bursts of immediately desired information? Because if your system isn't actually something people will use and has a good work/value tradeoff, it's worthless. It's not the people who are wrong, it's the system.
This is why threat scenarios are vital in security evaluations, always. In general, there is a big topological difference between scalable attacks and targeted attacks, and with remote vs physical presence requirements. Coming up with convoluted attacks and scenarios quite literally misses the entire point. You need to consider what a system is trying to do, how well it does it, what it is trying to defend under what circumstances, the value therein, the audience targets, etc etc. You didn't do any of that, and on HN people really should know better.
FWIW, I do have significant concerns about Face ID, both in terms of implementation in practice, and in terms of how amenable it is to some real practical security practices I'd like to see like coercion code/variable unlock for example. But my list of concerns do not include anything that relates to a targeted physical attack unless it proves trivially scalable in the real world, as that's outside the core scope.
----
1. Seriously, it's immensely irritating how many tech people think ideas, theory and so forth have much of any value whatsoever vs real world implementations, or think they can always talk broad categories rather then specific implementations.
Someone running around with a perfect 3D model of your face isn't an every day occurrence, though.
Sure, when it comes to more organized crime or the government they'd be more capable. But at that point if you really want to protect your data then I don't think an iPhone is where you want to be putting that data in the first place..
Or I'm wrong.
Hats/sunglasses/rain/lighting all cause problems for mobile devices and face recognition.
It'll be interesting to see if/how Apple overcome those problems
Touch ID: 1:50,000
Face ID: 1:1,000,000
Much easier to just 100% of the time splat out 4 numbers.
Apple is using 3-D scan data as well as infrared reflectivity and for all we know temperature sensing. You can't compare the two.
Did you have something that's a closer comparison?
But the guy did have issues on stage...
also, some engineer at apple had to continuously grow a beard to test this
200 ms is like a full react/response time for a human to take action in response to input, our actual sense of time is much finer than what our nervous system can make our muscles do.
Curious as I just got back into gaming after several years and everyone seems to love 144fps now, wondering if I should upgrade. I have a 1080Ti, so I could presumably render that
Upgraded to a 165hz G-Sync panel recently and it was a revelation after running at a v-synced 60hz for years and years.
Order the 1080TI about a week later as the 970 I had wasn't cutting it at 1440p.
I actually find most modern games run at about 90-110fps with what I would consider "good settings".
Even if you turn settings way down 165 is really hard to maintain.
The question is could you tell the difference between your 144hz monitor and your 144hz monitor with the signal delayed 100ms.
But of course, that's not the problem. It's ok that the phone doesn't unlock with out me noticing the delay. It just can't be so long that I start doubting whether it works.
This overdrive is probably also the cause of burn-in-effects that seems to be especially common in VA panels.
e: But watching the keynote, it's definitely doesn't seem that fast...
First off, as the person above said, you can start the unlocking process long before it's even facing with with touch-id, as you're taking it out of your pocket. With this, this "timer" starts only when it's fully out and facing you.
Next up, in this, it has to be facing you perfectly. You can't unlock it sneakily under the table, you can't do it while someone else is looking at your phone, etc.
Lastly, you still need to manually swipe to actually open the phone, so it's not like you're not using your finger either. If at least you could unlock it without using your hands that would be something.
At the end of the day, I still want to see properly reviews of what the actual successrate is too. It's not all about speed, if it fails 5% of the time, that's extremely annoying.
TouchID is much faster.
- attention - faceid - swipe
And no cue to know if faceid worked before swiping. I couldn't see cues (maybe I missed them).
To be honest, with the full glass, I expected something like.. a full screen fingerprint scanner (have no idea if it's feasible at all). I thing TouchID is the best biometric input for casual operation.
Their solution was to split it into two different steps.
You have the same issue with Face ID. If the "lock screen" went away as soon as you look at your phone you could never actually look at the notifications there.
Clearly they had to do something. Does this work well? I guess we'll find out when the reviews come out.
I am very skeptical about FaceID. I actually love TouchID, can hardly imagine anything better, but Apple has surprised us before.
In the cooking use case you ought to be able to say "hey Siri, keep my phone unlocked", but she'd probably just search for that on Bing.
This requires you to always orient the screen "inwards" (towards your leg).
All these people posting about consistently unlocking it without looking seem like they're from a different universe.
My 6 worked so infrequently that i stopped bothering. At least with my 7 it works about half the time on the first attempt or two. I've put my prints in many times, I've even recorded my thumb from all sorts of angles as multiple fingers. Still no joy.
Wet hands also cause problems, but wet beyond sweaty.
For presentations like these you always have multiple devices standing by, ready to flip over to at a moment's notice.
Slower and more error prone. Environmental changes such as extreme lighting (being outside) or wearing sunglasses stopped it from working.
Windows Hello and compatible webcams work really well in a stable desktop environment mind. I've just rolled them out across my firm.
https://www.windowscentral.com/how-iris-scanner-lumia-950-an...
Amazing, -4 for mentioning this isn't a new feature. This is exactly how the kinect works, how windows hello enabled webcams work.
Additionally, https://en.wikipedia.org/wiki/Iris_recognition says "Iris recognition uses video camera technology with subtle near infrared illumination to acquire images of the detail-rich, intricate structures of the iris which are visible externally" which doesn't involve any kind of infrared dot map.
From https://www.petri.com/windows-10-tip-using-the-lumia-950-wit...:
>Let’s be clear about how Windows Hello works on the Lumia 950. It doesn’t use facial recognition, but instead relies on the front camera and a nearfield IR diode so that the camera can clearly see your iris. When you enable Windows Hello for the first time, your iris is scanned and a cryptographic hash is generated and stored securely on the phone. When you attempt to unlock the device using Windows Hello, a new hash is generated and compared with the original, and if the two match, access is granted.
>Facial recognition on the other hand, as used in some new notebooks designed for Windows 10 and Intel’s RealSense F200 camera, uses three different methods to recognize your face: infrared, a standard camera, and a 3D camera. This technology requires more space inside the device and as such isn’t suitable for use in phones, but unlike iris scanning works at a distance.
You didn't get downvoted for mentioning a feature already implemented elsewhere, you were downvoted by trying to claim a device did something it clearly didn't.
It's Apple's speciality to take good ideas that were never implemented properly and do it properly.
If not then what the GP said doesn't apply.
Of course we could talk about the fact that Google was demanding all sorts of user data from Apple and wanted the ability to display ads on top of the maps… But people never talk about that. And Apple replace the head of the division that messed it up.
Just Apple is mean.
I've heard (anecdotally on podcasts) they're roughly even.
The one thing I've heard in the past is it really depends on where you live. Google had better data in rural areas or other countries (they've been at it for what, almost 15 years?) so Apple Maps may not be an option for some.
In the US? I'm not sure there is a big difference for streets.
(Pretty sure Apple has slightly fewer points of interest like businesses, but it's rare I run into that).
And that said they have made decent improvements over the years.
Even if that idea was good.
Sure, many devices had fingerprint scanners before Touch ID, but the Apple implementation was pretty damn impressive compared to what came before.
Still, I can't help but feel that Face ID is a fudge they resorted to because they couldn't get Touch ID working through the screen reliably.
https://arstechnica.com/gadgets/2017/03/video-shows-galaxy-s...
Here's what Samsung has to say about the feature
>The Galaxy S8 provides various levels of biometric authentication, with the highest level of authentication from the iris scanner and fingerprint reader. In addition, the Galaxy S8 provides users with multiple options to unlock their phones through both biometric security options, and convenient options such as swipe and facial recognition. It is important to reiterate that facial recognition, while convenient, can only be used for opening your Galaxy S8 and currently cannot be used to authenticate access to Samsung Pay or Secure Folder.
Not exactly a vote of confidence from the manufacturer, is it?
https://techcrunch.com/2011/11/11/android-facial-unlock-phot...
That's a beta version and I can't guarantee it was true of the release version, but since all they were working with was the normal front facing camera I doubt they were able to make this secure.
Now that I see how apple is doing face id I think it will work more reliably ... eventually. I doubt they'll get it right on the first try because this is the kind of feature that has to bake in the real world (like apple maps). Still, they may surprise us like they did with the equally hard touch id feature.
I always thought chances of finding facial-doppelgangers are higher than fingerprint ones. Is that really wrong?
Based on their phrasing, I'm assuming the "adaptive" aspect means that slow changes, such as gaining or losing weight, will progressively train the existing face - without it ever failing to recognize you because you passed some weight threshold. Same would go for growing a mustache or beard. As to whether you can shave off a 5-year beard and have it still recognize you without manual intervention, that would depend on how much the algorithm cares about your chin and lip regions vs. the rest of your face. Based on the demo, the hair on top of your head is 100% ignored.
Banks are all about risk management not necessarily avoiding and and all risks.
But again if you can't trust your twin well then your phone is the last thing I would be worried about.
Ask their mom. (Hint: They're not.)
Perhaps they can sidestep this by offering a specific twin learning feature.
https://www.apple.com/iphone-x/
https://en.m.wikipedia.org/wiki/Niqāb
So much speciesism.
You know, it really depends how fast it is. You need attentiveness to use your phone, so requiring attentiveness to unlock it doesn't seem unreasonable, provided it happens in less time than it takes to move your thumb to the glass.
No, this is not true. I can log in and activate functions of my phone right now without looking at it.
If I have to look at my phone, there is a problem. If the phone merely needs to see my face, maybe it's less of one. The iPhone is already slow enough I find myself waiting on it, I don't want it to be any slower.
I do the pocket-unlock you describe often. At the same time, Touch ID has its own limitations. For instance, it doesn't work if you try to unlock after recently holding a cold beer (or have even slightly damp hands for any other reason).
Could have just made the laptop camera up to scratch for this like Surface books are.
I feel we're being sold a compromise and until they failed to get a Touch ID sensor below that screen this was plan B.
My point is more that why make a big deal about shipping dead tech to the laptop if this truly is what they consider the future and a better system.
The iPhone X is currently the only device to support face detection. All other iPads, iPhones, and MacBook Pro range use TouchID. It was years before it was ever added to the Mac, it'll likely be years before FaceID arrives as well.
I say if you're willing to undergo major reconstructive surgery just to read my emails, go ahead, you've earned it.
Could be a different thing when somebody uses a quality 3d printer to print image that is based on detailed laser scan.
* 9 is 6 flipped
* QED Microsoft + Apple are Satan.
As to banks, I'm fairly sure (although I have no inside knowledge) that the banks won't have been allowed to review this technology in advance of the release, so they have no real assurance here.
You can of course assume it's secure and as usuable as TouchID, but I'm guessing the devil will be in the detail on this one.
I can't get over the black bar at the top of iPhone X though. It looks like it has devil horns...
With Windows 9, there was at least the explanation that software might confuse it with Windows 9x (which I didn't buy, since there is view api returning the version as a string, and Windows shims GetVersion if you don't declare compatibility anyway).
More on topic, this looks nice, I think people will not be disappointed like they were with the MBPs. Can't wait to try it in a store (and probably can't afford it either...). Edit: no touch ID?? Might have spoken too quickly...
They may also be trying to indicate that they feel this iPhone is on a par with OSX for productivity or something.
For me, from reading previously leaks, this feels like a compromise where design (we want a phone that's all screen) wins out over usuability (TouchID is great for usuable security)
"Face data protected by A11 chip's secure enclave. On-device processing."
Looks like its using a dot projector for the depth sensing (similar to the xbox kinect).
(The tech is cool, though. Actually amazing, that it fits on a phone.)
https://arxiv.org/abs/1412.1897