>The iPhone's Touch ID fingerprint sensor is great for quickly unlocking your device, but it's also been used by law enforcement to circumvent legal restrictions on demanding a passcode.
>Reverting to passcode access only currently requires a restart via long pressing the sleep button and swiping power off the screen, which is neither discreet nor fast enough if you're being accosted in the street by someone in a position of authority who wants access to your device.
>But in iOS 11, disabling Touch ID can be done within seconds with one finger or thumb. All it will take is five quick clicks on the sleep button, and the phone will require the passcode to access data on the device.
>Does this new revelation compromise the security of Secure Enclave data? No. The data stored within the SE remains encrypted with keys unique to each individual iPhone.
>Does this apply to newer devices? No. This only allows decryption of the firmware for GSM-only iPhone 5S, and then only for iOS 10.3.3.
>Can an attacker modify the SE firmware on a stolen (or “borrowed”) phone? No, the firmware is also signed by Apple, and the attacker would need to be able to forge the signature to get the phone to install the hacked firmware. Plus, it should not be possible to upgrade firmware on a locked phone.
A non-story about Apple security, as usual.
Parker Bell
It's not. Cops are allowed to basically kidnap you and throw you into a dungeon, what makes you think they're any less allowed to move your thumb than they are to move your entire body? They already take fingerprints as well.
Brayden Thomas
So now it's gonna be >kill Jamal/manjaro >grab his thumb >apply to sensor
Nathan Johnson
all the SEP firmware keys allows people to do is research further into the firmware itself.
iOS rootfs/kernels were encrypted the same way, and people have been able to retrieve keys and decrypt them since the beginning. this doesn't compromise iOS security.
when Apple released iOS 10, they just removed the encryption from the rootfs/kernel because it did *nothing*
SEP FW keys =/= vulnerable SEP.
Cooper Myers
In the land of free, if cops do not respect your rights you're free. It's a law made to prevent police abuse (in my country there is no such thing, and there is almost no difference between a thug and a cop).
Dominic Diaz
They are not allowed to put your thumb on your phone. They can not do what they want.
Are they allowed to pirate your phone without judge allowance?
Isaac Parker
>They are not allowed to put your thumb on your phone. They absolutely are.
>They can not do what they want. Okay? I'm not saying that they can, just this particular thing. Under the right circumstances obviously.
Jordan Diaz
...
Ethan Gutierrez
>They absolutely are. Which country?
Adam Ramirez
>They can not do what they want. lul
Connor Rivera
According to current law, fingerprints are physical evidence (and can be used without your consent) but you can't be made to incriminate yourself by telling them your PIN.
Zachary Murphy
Vault7 is nothing but old vulnerabilities that were patched years ago.
Unless you're stuck on a seven-year-old iPhone 4, you're fine.
Austin Anderson
What's police abuse
Dylan Edwards
>and can be used without your consent So they are allowed to put thumb of people by force on their phone? (I am not a citizen of the land of free, and in my country they are not allowed to do that).
Anthony Watson
I'm talking about the law, not about what the monkeys (because cops are monkeys) actually do. By the way an illegal proof is illegal,
Thomas Price
They're allowed to do that, yeah. Just like if you left a key lying around to be taken as evidence vs hiding a key and them having to ask where it is (where you don't have tell).
Jason Ortiz
Interesting. That's why I never put a pin to protect my phone.
Ian Russell
wouldn't it be faster and more discrete to have it set so if you scan a dfferent finger than the one registered as outhorized it automagically goes to passcode only?
Ian Hernandez
Unlike biometrics, cops can't legally compel or coerce you into giving up a passcode. It's actually the best way to defend yourself against them.
Bentley Adams
So like, if anyone picks up your phone and taps it? Yeah, I can't see that getting annoying really fast.
Tyler Campbell
Which fappening leak did you like the most guys ;^)?
>I don't get this "sodomy is okay" meme. You seem quite concerned with what gay men are doing in the bedroom.
Jacob Lewis
If you have to reach back to a 2014 celebrity phishing campaign (before limited login attempts and widespread 2FA were in place) to find a problem with Apple's security, then I feel pretty good about using their products.
William Hernandez
I'm concerned they're taking over our government and major corporations.
In the old days we would publicly whip and hang these filthy degenerates or just stone them right away.
Carter Baker
when has tim cook ever interjected his homosexuality as part of his job?
Ryder Sullivan
this, it's not like it happened anymore after that ;^)
That's a belated second dump from the same 2014 hacks.
Jose Gomez
No you dumbfuck, you register a different finger that triggers the cop mode when scanned, while still having your normal fingers unlocking your phone.
Adrian Cooper
America obviously, but most likely most other countries.
Carter Foster
Apple uses HSMs sorry bud Android can't compete. They don't even try.
Andrew Rogers
lolllll
Luis Sanders
Android users aren't very smart that's why they want a cellphone to be a linux desktop.
Juan Reed
You never give your fingerprint to Apple, you idiot. Fingerprints are stored locally only, and encrypted with a different and random key for each device.
Lucas Ward
Because you monitored the code loaded into the iphone? I love how slaves always defend their masters.
Adam Kelly
>ARM64 Pornstar JUST
Jason James
if they can take keys to your house, open it and search it they can take key to your phone, unlock it and search it
Easton Cruz
You're a very fit lad, Jeff.
Oliver Price
If you only use pattern or codes and don't use fingerprint you wouldn't have this problem.
Ethan Barnes
Go back to bed, Dr. Stallman.
Easton Scott
No, it's violence. And it would be illegal in my country, and they won't be able to provide anything they found to a judge. Because an illegal proof is illegal in my country and can not be provided to a judge.
Jackson Taylor
He's been pushing his gay agenda hard since steve jobs died from aids.
Anyway don't you see my point, gays don't belong in human society, they belong in landfills or hanging from trees.
Connor King
How many code audits have you taken part of? You don't just use open source software because someone else told you it was fine, right?
Ethan Reyes
Theres so much shit I dont like apple for but this is one of the things I really respect thwm for: their respect for privacy
Camden Cox
with a search warrant
Charles Morales
Steve was pushing more for it than Tim though. Or are you too young to remember the rainbow colored macs?
Joseph Torres
So why hasn't the government just passed a law that makes it a requirement to hand over your passcode? Seems like a no brainer to me.
Chase Clark
Because it would be used against them.
Leo Baker
I think you are too young to remember when the Apple II was known for its color graphics.
John Gonzalez
how so? You change your passcode and they can charge you with trying to hinder a police investigation
Julian King
Watch out or you will become a gay too.
Cooper Taylor
That's not the same thing filthy slave.
Anthony Hill
Ha yes, with a search warrant.
Jackson Campbell
>how so? you do realize there are people in the government? and these people have their own lives? and not many of them want all their local cops to see all their cp? just some food for thought
Brandon Brown
When you download and run a precompiled binary of open-source software, you are (naively) assuming that there was no tampering with the published source code prior to compiling.
You are also assuming that nothing else further down the chain (like the compiler, OS, firmware, or hardware) has been similarly compromised.
Unless you fully audit, compile, and install everything yourself from top to bottom (or know someone you can personally trust to do these things), there is no absolute way to know.
Gabriel Lee
You do realize that they can take your fingerprints right? They can't force you to reveal a passcode but they absolutely can force you to place your finger on the home button.
Asher Butler
look at the uk with the snoopers charter. Only the general public are getting their ip records collected. Politicians are excempt, probably so they can keep their cp secret like you said. Make it a rule us and a different rule for them.
Mason Butler
> >They are not allowed to put your thumb on your phone. They can not do what they want.
Tell that to the courts, who have found that applying a thumbprint is not an invasion of privacy.
In the US, some instances of refusing to provide passcodes have been considered contempt of court, but that is after a warrant is obtained and never before, per fourth amendment.
Robert Johnson
Still not the same things. I trust more people that want to improve my life than those who want to milk my money.
Slaves will always defend their masters.
Liam Diaz
Because the constitution still exists. They already did that in England.
Asher Brooks
> I trust more people that want to improve my life If you are not paying for it, you're not the customer; you're the product being sold.
Nolan Sanchez
did what? Pretend to protect personal privacy or outright unashamedly invade it under the guise of catching terrorists and people buying kitchen knives without a license?
Luke James
This is pretty fucking useless since they'll just hack your iclouds.
Speaking of anyone got the latest 2017 leaks? I heard the iPhone 7 had a vulnerability that let hackers gain access to icloud back-ups and used that to het more delicious pics of emma watson.
Jaxson Stewart
>in the bedroom.
Yeah I wish, fags are all homeless and are doing each other in alleyways and parking lots here. Shit is disgusting. Also, I know you are trying to be le try hard edgy by not caring about the well being of others, but most people don't want to ignore others mental illness and want to see them get help. Shocking I know.
Joshua Jackson
>did what? ...
>So why hasn't the government just passed a law that makes it a requirement to hand over your passcode?
Mason Long
When you work for nothing, what incentive is there for you to secure your software?
OpenSSL had Heartbleed for years before it was patched. Bash had Shellshock. Transmission and HandBrake had their websites compromised and their binaries replaced with hacked versions (and in Transmission's case it happened TWICE in two years).
Apple has a vital interest in having the best consumer security and privacy, to keep their trust and set itself apart from competitors who are happy to collect user data for its real customers (advertisers).
Anthony Wright
Yes, so why is it that everyone goes on about the cops being allowed to access your iphone with a thumbprint and yet everyone goes on about how a "cop" button to revert back to a passcode is get out clause, when they could either just force a new law in to request passcode unlocks or have already? Why is everyone suddenly so excited about ditching a thumb print unlock?
Christopher Nelson
Read the fucking thread, idiot. Thumbprints are physical evidence like physical keys. Your right to remain silent does not prevent the police from using them. You cannot be compelled to divulge information that could incriminate you. The cops can't make you enter or divulge your pin, but if they can get into your phone with another method (like going through your pockets and retrieving the note you have in your wallet with the pin on it) then they can unlock your phone.
>ditching thumb print unlock You didn't even read the fucking OP, you mongoloid. They're not ditching it. They're just adding a feature that lets you quickly deactivate it.
Cooper Scott
are they celebrating going against law and order? i would gladly let police check my device if that makes them capture some stupid terrorist or a pedo, desu
Thomas Nelson
Does this protect against the $500 password hacking thing? Because if not then I'm cancelling my iPhone 7 plus order and getting an lg v20 instead.
Implying the cops won't just detain you and send your phone to the FBI (who has cracked it before)
Jaxon Phillips
>only works if the password has been reset by the user in the last ten minutes A non-story about Apple security. Again. As always. How do people survive being so fucking gullible? Don't they feel shame for being the targeted audience of clickbait, and succumbing?
Noah Gray
Wait do people actually believe this bs? HAHAHA You are delusional if you think apple doesn't have a database with everyone's fingerprints lmfao
William Butler
AHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA
Liam Robinson
The FBI had to hire contractors to do it for them.
Brayden Miller
Yay so Antifa can lock their phones quickly now.
Jack Powell
They posted a video of it working. Chinks in repair shops already have it.
Ryder Perez
>using a thumbprint reader in the first place subhumans can't be *this* stupid. Can they?
Nolan Scott
Yes, it works, if the password was reset by the user in the last ten minutes. This was a bug in iOS versions previous to 11.
>what would be a good password >hmmmm >I know, a physical imprint map that I carry with me unshielded and leave impressions of on everything I come near!
blows my mind
Lucas Cook
Lol Applecucks are the worst kind of cucks. At least wincucks recognize they are part of a huge botnet and sometimes come here asking for tips to avoid a little bit of botnet. Apple fags actually believe whatever bullshit apple throws at them baka. Yes, they have your thumbprint sorted in their servers along with your name and all personal details you gave to them.
Benjamin Ross
Wasn't that phone an iPhone 5 running iOS 7 and needing a 3rd party to help them crack it?
Daniel Carter
>only the guilty are ever arrested
10/10 bait, made me mad enough to reply
Isaac Green
>>what would be a good password >>hmmmm >>I know, a physical imprint map that I carry with me unshielded and leave impressions of on everything I come near! > >blows my mind This is true but to be fair, the average person/criminal isn't going to be lifting fingerprints to get into someone else's phone.
Hudson Ramirez
This is true but to be fair, the average person/criminal isn't going to be interrogating you for your passcode to get into someone else's phone. Typically you would steal the phone when it is already unlocked.
Oliver King
>Typically you would steal the phone when it is already unlocked. You probably wouldn't be able to do that unless you snatched it right out of someone's hands. Those kinds of thefts happen, but they're less common than people getting their bag stolen or their car broken into.
Nolan Long
True Same analogy to a safe that has a key (they can compel you to hand over the key) versus a key that has a combination lock (they can't force you to tell them the combination because of muh right to remain silent)
Gabriel Kelly
probably but they can shoot you if you dont do what they want.
Christian Brown
>android has had this god knows how long ago and no one cared the lock icon on the bottom of the screen is a button, you know?
Austin Hill
> Apple has a vital interest in having the best consumer security and privacy, to keep their trust and set itself apart from competitors who are happy to collect user data for its real customers (advertisers).
This is precisely why I trust Apple more than Google.
Google is an advertisement company who has a vested interest in extracting as much information from you as possible, and once they have that information they could case less what happens to you. If anything they are more incentivized to work with governments, because the more they love Google for having and giving up all this information, the less likely they are to push for more strict privacy reforms.
Apple on the other hand have a vested interest in keeping their customers happy, because their entire business model revolves around ensuring that people keep coming back every year to buy the latest shiny gadget. People who feel insecure or exposed using your product won't buy it more than once, if at all. Even governments take 2nd place, because in the end, customers are what keeps you alive. The governments won't care two shits about your company tanking because no one trusts your products anymore, and they certainly won't help you out, they'll just shrug their shoulders and move onto the next best thing (Eg. Facebook, Google, etc). Hell, Apple already have experience with this. Back in the days before Steve Jobs, and Apple was close to bankruptcy, help from the US Govt was nowhere to be seen. Apple certainly haven't forgotten this, and never will.
Isaac Anderson
What makes you think apple doesn't sell user data?