Security Medium 1 — No, FaceID isn’t Broken, but it Does Have Limits
A snazzy demo to the press had headlines all over the press screaming about how FaceID had been broken. But as is so often the case with stories like this, the devil is very much in the detail.
What the hackers really found was that it’s bloody difficult to trick FaceID — it takes a lot of time and effort, and even after you put all that investment in, your spoof only works in very carefully controlled circumstances.
This is an episode packed with Tiny Tips and Dumb questions and listener reviews. Dr. Maryanne Garry is back in Chit Chat Across the Pond, and Steve posted a video of her recent talk, “The End of Facts” at Claremont Graduate University. I was on The Phileas Club with Patrick Beja at frenchspin.com/…. Sandy brings us a Tiny Tip on how to add a workout to Apple Health via iPhone. Terry Vogelaar reviews Duolingo for learning a new language like Esperanto. I’ve got a Tiny Tip on Reader view in Safari on iOS and macOS to make your web reading more pleasant and readable. I created a page on all my podcasting gear. . Steve Sheridan brings us a Tiny Tip on how to get apps that are cranky about Face ID to straighten up and fly right. I’ve got a redux of my post about how you should ask me to change things about the podcast and website, and how I might just do some of them. In Dumb Question Corner, Rally Barnard asks some great questions about the new HEIF/HEVC formats on iOS 11 and High Sierra.
This one might count as a nano-tip, but if you’ve got the problem this solves, it might be a mega tip for you.
One of the cool things about Face ID on iPhone X is that you don’t have to enable it for sites and apps that already used Touch ID. The API (Application Program Interface) just sees a biometric authenticator and doesn’t care if it’s your fingerprint or your face unlocking the phone.
However, Steve found that after bringing up the Starbucks app on his iPhone X, he could not open the app due to authentication issues with Face ID. When the Starbucks app requested his credentials, Face ID was activated as expected. The app would appear to accept Face ID for authentication, but then the app would freeze.
At first, Steve thought that the Starbucks app was not compatible with Face ID. It’s been really awesome how if you’re in line and you realize your balance is low, you could so quickly reload your card. There was no way Steve was going back to typing in his password every time he needed to reload his code.
This week when Apple announced Face ID on the iPhone X I think they raised a lot of questions about the security of this technology. In the Mac Geek Gab Facebook group, someone asked an interesting question. They asked whether Face ID would work if someone had one eye that focused straight ahead and the other eye at a different angle.