@Gargron Because some 3 letter agencies wouldn't mind getting scans of everyones faces
@Gargron And since the apple-FBI thing I wouldn't be surprised if they wanted something that could be read even if the owner was uncooperative
@Gargron Combination of convenience and what is likely the best implementation you can have of biometrics. Cases in point: biometric data is locally stored on the device, not uploaded to a server. Biometric security can also be disabled in iOS 11 by hitting the sleep/wake button five times, falling back to the passcode screen.
@Gargron For consumers, good security is a huge pain in the ass for them. Better to have something less truly secure, but easier for them, while still having as much protection on it as possible to prevent abuse. (See also the new Cop Mode thing i mentioned in the previous toot.)
@Gargron I don't know, maybe because Apple isn't just decent software engineers, but some security people as well, trying to deliver actual solutions instead of mostly meaningless maxims. I'd seriously expect Apple blows everything else out of the water even with just fingerprints.
@Gargron So let's deliver system that by default will ask for a password that you'd need to type every single time you want to unlock the phone (without being seen), must be reasonably strong, that is long and complex, and if you ever manage to forget it, all that was on the phone is lost forever. That sounds like an amazing system.
@gargron mmmmmm I'm actually pretty happy with how TouchID is implemented from a security perspective. Your password is still required after any reboot or significant downtime, or for sensitive operations. It's not being used as a password, more as a proof of continued presence during inactivity.
Security is a usability/threat tradeoff and having TouchID enabled allows me to have a much longer password then would be practical normally. So overall it's a net positive.
@gargron Because Apple is not a top-notch tech company, and Apple is not your friend.
@Gargron Humans are phenomenally bad at password management and generation - the sweeping majority of passwords are recycled, an obvious personal reference, and not long enough. Hell, I'm a software engineer and most of my passwords are inadequate and I know it but I can't be arsed to make a decent one
A 3D face scanner is harder to spoof than a 4-digit pin, which can be shoulder surfed. A 3D model is harder to make. A photographic face recognizer is useless, however.