Apple's FaceID falls foul of privacy farce, security pros just say no

Richi Jennings Your humble blogwatcher, dba RJA

Apple’s Face ID technology, introduced in the iPhone X keynote, is ruffling feathers among security and privacy wonks.

Will it keep the bad guys away from your secrets and selfies? Some security experts say no, preferring to trust authentication to a six-digit PIN.

Others fear that police or government might misuse the $1200 phone’s facial-recognition data, in some sort of misanthropic, big-brotherly, repressive, domestic-spying scenario. [You’re fired -Ed.]

In this week’s Security Blogwatch, we don the tinfoil headgear and open a can of iWorms.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Will it funk?

The price we pay

What’s the craic? Laura Sydell sides with privacy advocates—Face ID Inspires Privacy Worries:

A feature of Apple's new high end iPhone X called Face ID … has got privacy advocates nervous. … Critics are taking the feature seriously, in part because Apple is likely to make Face ID very appealing and simple to use. … The company says it has built the most secure and easy-to-use facial recognition technology on the market.

Privacy advocates are worried. Sen. Al Franken, D-Minn., wrote a letter to Apple CEO Tim Cook, voicing concerns such as whether the face recognition data could be taken out of the phone and used for other purposes. Apple says … the data will be stored locally in the phone.

A lot of customers were hustling in to Apple's store in downtown San Francisco this weekend. I asked a few shoppers their opinions [and] there was a sense that resistance is futile. Face ID is the future — and if it's convenient and fast, that will trump privacy.

What’s that? Too even-handed for you? Try this: Jake Laperruque worries it could be a powerful tool for mass spying:

Consumers are already questioning whether FaceID could be spoofed. [Or if] police would be able to more easily unlock phones without consent.

But FaceID should create fear about another form of government surveillance: mass scans to identify individuals based on face profiles. … Apple doesn't currently have access to the faceprint data. … But if the government attempted to force Apple to change its operating system … it could gain that access.

And that could theoretically make Apple an irresistible target for a new type of mass surveillance order. … Apple has a good record of fighting for user privacy, but there's only so much the company could do if its objections to an order were turned down by the courts.

Therefore, Apple should also update its Transparency Reports to include data on whether it receives orders to turn over facial recognition profiles, or to conduct facial recognition scans, leaving a so-called warrant canary to serve as an alarm bell.

But can you trust it to secure your phone? JV “@jvchamary” Chamary thinks you shouldn’t:

No authentication system is unbeatable, and new ones are especially vulnerable. A hacker group defeated Touch ID within weeks of its release, for example, and … Samsung's Galaxy S6 phone [has been] unlocked with fake fingerprints from an ordinary inkjet printer using special photo paper.

[So] Apple can't rest on its laurels. … Although Face ID has only just been announced, strategies that could potentially beat it already exist. [In] 2016 … a University of North Carolina team described how they collected pictures from social media to create animated 3D models in virtual reality, which were used to bypass face recognition. Some security researchers aim to unlock iPhone X by 3D-printing a head. … While such identity theft might sound like a scene from spy movies, those scenarios are certainly possible.

There's certainly no real evidence to prove it's more secure, regardless of what Phil Schiller implied. … "The chance that a random person in the population could look at your iPhone X and unlock it with their face is about one in a million." [But that's a] mathematical misdirection to hide a leap in logic. … It doesn't matter how many random people it takes to accidentally unlock your phone. The issue is whether a particular person -- a thief -- could deliberately access your device.

This strongly suggests that a PIN code or password is more secure than Face ID. … On the other hand, Face ID is easy to use.

Troy “@troyhunt” Hunt—an Australian—is missing some cultural context, mate:

Most surprising thing from my Face ID chats is people worried about police access. This is exclusively from US folks; is it really that bad?

I suspect the press coverage makes it sound like a broader problem than it really is. … The narrative needs context..

This just never makes news in Australia, but seems like a really big topic in the US.

The concern I keep hearing from folks in the US is that police are operating illegally (i.e. erasing evidence from devices).

But FrankMCA wonders what all the fuss is about:

So in other words, if you're a criminal, Apple's given you an easy way to make crimes harder to solve.

I'm sure that law enforcement officers constantly, day after day, demand innocent, law-abiding people to unlock their phones for no reason.

You're all so obsessed with your phone security, but are totally ok with a cop getting a search warrant and going thru your entire house?

So what are we supposed to think? Please be honest. Uncharacteristically, Bruce “@schneierblog” Schneier is no help whatsoever:

Honestly, I don't know what to think.

[I’m] not optimistic that it can't be hacked with fake faces. … I am not planning on enabling it just yet.

So Alex “@couldstrafe” Perekalin digs into the Security aspects (perhaps encouraged by the Russian government):

The True Depth camera … maps your face and takes special 3-D pictures that are used to authenticate you. Here’s how it works.

A flood illuminator is basically just a source of light used to brighten your face in low-light conditions so the camera can get a good picture. The dot projector projects 30,000 invisible infrared dots onto your face. Using those dots, the infrared camera captures your face.

The dots help outline features and create something like a 3-D map of your face. … From then on, whenever you attempt to use Face ID, the software will take a shotwith the IR camera, and if enough features match the 3-D map stored on the phone, you are considered a legitimate user.

Traditional facial recognition techniques … are quite insecure. Apple has implemented several features to ensure that Face ID … is more secure. … Face ID isn’t fooled by photos. … Apple claims that it has even tested Face ID against masks.

And here’s a slightly cynical-sounding York “@jbrownridge” Dweller‏:

Nobody would have predicted that citizens would voluntarily submit fingerprints, 3d facial maps, voice patterns in exchange for convenience.

Wait. Pause. Are we at risk of shooting the messenger? Andrea “@andrea_ciccone” Ciccone thinks so:

Mobile phones and web surfing are already tools for mass spying. A hammer could be used both for building and destroying, so where is the problem?

So what’s next? Ted “@Ted_Kirby” Kirby‏ knows:

iPhone 5s: Touch ID

iPhone X: FaceID

iPhone [next]: DNA sample but don't worry, we won't do anything bad with it. What are you hiding, anyway?

Meanwhile, AmiMoJo snarks it up—good ’n’ proper:

FaceID + ApplePay. … It's gonna be funny watching people try to hold the phone to the terminal and get their face in view at the same time.


The moral of the story? Never underestimate the the echo-chamber’s ability to find oh-so-hilarious privacy scares in your new technology.


You have been reading Security Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Hatemail may be directed to @RiCHi or sbw@richi.uk. Ask your doctor before reading. Your mileage may vary. E&OE.

Image source: janeb13 (cc0)

Read more articles about: SecurityIdentity & Access Management

More from Identity & Access Management