Tuesday, September 10, 2013

Fingerprint Panic!

So, it sounds like the shiniest new iPhone will have a fingerprint scanner for security.  Bruce Schneier, naturally, has some interesting and relevant technical considerations which he voices, in particular, about what happens if Apple decides to store fingerprint data in the cloud.  But it seems like there should be a secure way to do this: nobody is realistically going to actually store an image of the fingerprint, not even on the phone itself.  Instead, they'll store a hash of some set of metrics derived from the fingerprint.  If you add salt to the hash, and the salt is stored on the phone, then you still need an unlocked physical device for the hash to be useful at all; the cloud-stored version is useless, just like a salted password file.

On the other end of the spectrum, there's this:



Allow me to suggest, for the paranoid, a few practical steps to be taken here to foil The Man:

  1. Don't buy an iPhone.  Problem solved.
  2. If you absolutely must play Angry Birds, turn off the fingerprint reader and use a passcode.  Better yet, use a non-numeric passcode.
  3. If you don't believe that turning off the fingerprint scanner will foil the NSA's backdoor into your phone, try using a Sharpie to color over the fingerprint scanner window.
With respect to the network effects: what do you care if someone chooses convenience over privacy?  People do it all the time, with their Safeway club card, their credit card, their choice to go through the scanner instead of get a pat-down at the airport, etc.  Privacy is a very personal decision.  Some people crave it, and it's their constitutional right which I support staunchly.  But lamenting the "network" or "societal" effects of other people choosing security, convenience, fame, or money over privacy makes you little different than a church pastor denouncing the gay lifestyle because of the effect it will have on children.  Society as a whole is constantly making decisions about their personal trade offs of privacy versus convenience, and you can always go Galt and peace out to a cabin in the woods if the unwashed masses refuse to hear your speech.  You might want to give up tweeting if you go that route though: you give up far more privacy in practical terms through Twitter, Google, and Facebook than you would from a fingerprint scanner on your phone.

No comments:

Post a Comment