Security Medium 1 — No, FaceID isn’t Broken, but it Does Have Limits
A snazzy demo to the press had headlines all over the press screaming about how FaceID had been broken. But as is so often the case with stories like this, the devil is very much in the detail.
What the hackers really found was that it’s bloody difficult to trick FaceID — it takes a lot of time and effort, and even after you put all that investment in, your spoof only works in very carefully controlled circumstances.
Donald Burr is a wonderful human being; he’s what Steve calls “good people”. Out of plain old the goodness of his heart, he has been letting me mooch off of his server for the IRC chat we enjoy during the live show. I love that I get this free ride, but when something goes wrong, I have no way of fixing it myself and we have to bother Donald. If he’s not just sitting by his computer at 5pm on a Sunday night with nothing better to do, then we’re kind of stuck.
Whenever there’s an Apple announcement, the NosillaCastaways gather in the live chat room (even though I don’t broadcast during them). When we all trouped into the chat room this week, Donald’s IRC server’s voicebot had stopped functioning. That meant Steve, as the only admin other than Donald, had to give each person voice as they came in. Even I couldn’t chat without his permission, and you can just guess how well that went off. Then towards the end of the announcement, the server simply threw all of us out of the chat room.
This week was Thanksgiving in the US so I’m going to start out by telling you a story I call “A Thanksgiving Day Miracle”. After that, George from Tulsa joins us to give a review of the Asus Chromebook Flip. He mentions this in his review, but I specifically asked for help this week because I was hanging out with my family instead of working on the podcast most of the week. I also urged George to go long, so he included a bunch of other awesome information. It’s in the style only George can deliver of course. I was going to give you my impressions of the iPad Pro after a few weeks of use (after the gushing had worn off) but I think I’ll hold off on that for a week because Bart joined me in an out of band Security Lite episode to talk about the Dell certificate fiasco. It’s really interesting and really important that we get the knowledge out there about what happened, who should be worried, how worried they should be and most importantly to hear how to fix this very serious problem.