Apple’s iPhone 5S with biometric identification: Big Brother’s dream?

“The latest series of Apple’s iPhone will not only continue to cultivate numerous apps that track your location through GPS and transmit data directly back to corporations and government, but contain a fingerprint sensor that stores your fingerprint in order to purchase apps and unlock the phone for use,” Anthony Gucciardi writes for Storyleak.

“And that’s really just the beginning. As millions will most likely continue through the Apple food chain and purchase this phone, the NSA and bloated federal government at large will be beyond ecstatic,” Gucciardi writes. “Because after all, it’s a real dream come true for the Big Daddy government spy state. No longer will you actually need to be arrested to gather your fingerprints — we’re talking about millions nationwide willingly submitting their biometrics to a database that most certainly is accessible by Apple and big government.”

Gucciardi writes, “But don’t worry, the same company that has given away all of your chats and personal data through the NSA’s top secret PRISM program says that you’re perfectly safe… Of course Apple claims that the fingerprint scans will be ‘local’ on your hardware, but of course the NSA and FBI would not let such a precious database go to waste.”

Read more in the full article here.

MacDailyNews Note: According to Apple, “All fingerprint information is encrypted and stored within the secure enclave in our new A7 chip. Here it is locked away from everything else, accessible only by the Touch ID sensor. It’s never available to other software and it’s never stored on Apple servers or backed up to iCloud.”

[Thanks to MacDailyNews Reader “CognativeDisonance” for the heads up.]

84 Comments

    1. Agreed. And so what? What are they going to do even they do collect this data? Frame you? Sorry, but the data saved is not the same thing as an actual print. It’s worthless to anything other the Touch ID sensor.

      The government, has a photo of my face, my signature, they have my social security number, my blood type, my finger prints, and I’m pretty sure they can get a hold of my DNA even WITHOUT Apple’s help.

      I’m much more concerned about REAL privacy issues.

  1. It doesn’t take a conspiracy theorist to believe the NSA will attempt to gain access to this info. You’d have to have ignored decades (and especially the past 4 months!) of news to believe otherwise. The only question is how much Apple will resist subverting the privacy it supposedly has, remembering that the government can apply a LOT of pressure when it wants to.
    Of course, getting an individual’s fingerprints isn’t hard, unless they wear gloves all the time (in which case, steal the gloves *grin*). But, collecting a bunch in one shot would be a lot more convenient than targeting an individual.
    Personally, it doesn’t affect me, since to become an attorney you do a background check, so all ten of my prints are on file somewhere. Nevertheless, you don’t have to be crazy to think that the government could eventually get access to that info if it wants to.

    1. It’s not access to the fingerprint that bothers me. It’s the idea that all online activity could now (in theory — but the NSA has been turning theory into constitutional-trampling reality at an astonishing pace), be keyed directly to a verifiable unique identity.

      They can already read the email in your anonymously-named Gmail account, examine your browsing history, and read a transcript of your phone calls. But now they’ll be able to know that it was in fact you using the device.

      1. Do you really think the NSA waits until your email, etc. gets to your iPhone to read it?

        Touch ID has nothing to do with what the NSA will or will not be able to collect. This information does nothing to help it access accounts, get phone records, etc. It gets that data directly from the company: Google, Verizon, Yahoo, Apple, Microsoft, etc. etc.

        Touch ID is to prevent people from being able to physically access your iPhone and to allow higher levels of security than a four digit code. Period.

      2. Only if you choose to activate the touch sensor and program it your fingerprint, which is an option not a requirement of iPhone 5s use.

        If you’re that concerned about the possibility of your actions online being positively linked to you, don’t exercise that option. Obviously.

            1. No thanks isn’t a guarantee the sensor isn’t still storing data. As I said before mics and cameras can be enabled involuntarily by an interested remote party. Also, it is obnoxious that it is on the home button, again, a very vital function to the operation of the phone. As for a 5c or 4s, I already have a 4s. Buying a 5c doesn’t change the fact that apple already has plans to ram this crap down consumers throats in future iPads, phones, and likely macs.

            2. Not to mention the 5c is overpriced, butt ugly, and made of retro 3G/3GS tacky plastic crap. No thanks. If that is how apple treats customers who don’t want to comply with their invasive privacy violating fingerprint scanner, then android may actually be worth switching to.

  2. Apple’s RF sensor reads the sub dermal ridges of the finger, which although unique to that individual, will not have exactly the same pattern as a conventional fingerprint of the surface of the finger. Therefore it wouldn’t be possible to recreate an image of your conventional fingerprint from the data sampled.

    Obviously a rational explanation will not cut any ice with the tin-hat conspiracy mob or the rabid Apple haters.

    1. So we have one nutter going on about notebooks and Motorola smartphone have had this tech for years while other loons are saying that this tech is exclusively condemning its users to Govt surveillance. These conspiracy theorists and tech analysts, or is it paid Samsung apologists, really should get their stories straight.

    2. Your print itself is not needed. The data created from your print is what is desired.

      The data they went through a lot of trouble to try and protect within the CPU itself because they know that once someone has that data your thumb print is useless for securing anything.

      I’m not big on the NSA conspiracy theories personally. I find it more odd that people were surprised to discover the NSA was collecting data on everyone even if it is wrong.

      1. I find it odd that people think NSA wastes its time, money, effort spying on the average American. I believe the statement ‘Ain’t nobody got time for that’ fits here perfectly. Collecting data is one thing, actually USING any of that data is another.

  3. Yet another misleading article regarding Apple’s approach to this.

    The iPhone 5S doesn’t have a fingerprint reader. You couldn’t use the data from it to print out what someone’s fingerprint looked like. You couldn’t use the data from it to match it to a set of prints found on a glass, gun or scanned prints of an individual already in a conventional fingerprint database.

    The sensor on the iPhone 5S uses a set of different criteria to identify a match to the person who configured it (or another set up user of the device). This criteria goes beyond the fingerprint itself and below the skin surface.

    You can’t lift the prints off something or print out the prints from a database, or apparently even cut off the finger of someone and use it to unlock an iPhone.

    Of course, the feature is optional for the truly paranoid, but really I have yet to hear a valid argument for concern however wildly speculated.

    Oh, and Apple says the data isn’t being sent to their servers or anywhere else. This will be verified shortly after the iPhone 5S ships and people can test it and see what data is and is not being transferred from the device. Considering how easy this is to track, it would be unbelievably idiotic to claim you’re not sending data if in fact you are. Especially from a company like Apple which people tend to pay attention to.

    The bottom line is that people who aren’t using PINs today or are using simple, easy to guess PINs, are likely to find themselves being far more secure than before.

    Add this to another feature of iOS 7, that is that you can’t restore an iOS 7 device with Find My iPhone enabled, and need to get past both the device lock and enter your Apple ID to turn off Find my iPhone as well as restore, and you’ve got a pretty damn “fool-proof-ish” device when it comes to security.

    Fool-proof-ish, as in some will always find a way to be foolish.

    1. That is one excellent example of why fingerprint scanning is NEVER EVER used alone in security. It is merely a second added level of MULTI-FACTOR AUTHORIZATION. To use it as the SOLE method of authorization is IDIOTIC in the extreme and should never be allowed by Apple. They’ve committed a MASSIVE BLUNDER here by allowing it to be the only authorization method.

      IOW: FAIL Job Apple!

      And yes, anti-Apple trolls. This is what serious Apple fanbois do: They nail Apple for stupid blunders, as required. You’ll be hearing Apple being called out for this terrible decision from around the security community until the fix it and FORCE real multi-factorial authorization. Tough boohoo LUSERS that it’s ‘inconvenient’. It’s security. Deal with it.

      And so on. I’m practicing my FAIL rant skills.

        1. I like that!

          It’s really up to individuals regarding how much they need and want to protect their data. Hopefully, with time, people will become aware of the importance of multi-factor authentication. But so far I am severely disappointed that even security pundits like Steve Gibson accept the use of fingerprints-only authentication on the iPhone 5S. And that’s after his work specifically teaching me the concepts of multi-factor authentication.

          IOW: ‘Clunkity clunk’ is the sound of human progress.

      1. According to you, one-point authentication through a passcode is just as idiotic. The only saving grace would be replacing one weak authentication method with another which, however, being convenient, is far more likely to be employed than the other, increasing the prevalence of locked screens from only 50% to essentially 100%.

        1. Well, I get fast and loose with the word ‘idiotic’.

          But you have summarized what I am hearing from many people at this point. Leo Laporte said much the same yesterday on ‘Security Now’ at TWiT.tv.

          As someone who studies and writes about computer security, however, I find this swap out of passwords for fingerprint scanning to be profoundly disappointing. It is a severe FAILure of opportunity to actually improve security. All we get out of the addition of the fingerprint scanner on the iPhone 5S is ‘convenience’, which is NOT the point of security. It’s an entirely non sequitur subject. It is a capitulation to the “LUSERS” and their laziness. That’s pathetic and dangerous.

          But ‘you can’t stop stupid’ and ‘the LUSER Factor is forever’, as I constantly remind myself. I never enjoy feeding my cynicism.

      2. My iPhone ≠ NSA Headquarters. I find it perfectly acceptable to use this as a sole method of authorization. Exactly why wouldn’t it be? And if Steve Gibson doesn’t have a problem with it…. (Security Now!).

  4. Here is how it will shake out:
    An iPhone will be requested for data harvesting during discovery or a found iPhone will likewise be harvested for identity data during an investigation.

    Until someone in Washington b-slaps the NSA, FBI, DHS and others we are going to be subject to the ever expanding police state. This will be exploited like every other tool of technology.

    Don’t you feel better?

    1. But if indeed user’s fingerprint data WAS actually leaked out of the user’s full control and privacy rights, you’ll hear my screaming the usual bloody murder routine.

      IOW: F*CK you NSA for destroying citizen trust in its own government. It’s time to clean house in the USA.

      For review, the 4th Amendment to the US Constitution:
      The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

      And as Benjamin Franklin clearly stated:
      They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.

Add Your Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.