Single point of failure 🎃 is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

If every decent software engineer knows that faces and fingerprints cannot be passwords because they're neither secret nor can you change them, then why does Apple, which is supposed to be a top-notch tech company, release features like that

@Gargron I don't know, maybe because Apple isn't just decent software engineers, but some security people as well, trying to deliver actual solutions instead of mostly meaningless maxims. I'd seriously expect Apple blows everything else out of the water even with just fingerprints.

Single point of failure 🎃 @Gargron

@pony Cops can just put it to your face after arrest and browse your phone without a warrant. Doesn't sound like a good system to me.

· Web · 0 · 0

@Gargron So let's deliver system that by default will ask for a password that you'd need to type every single time you want to unlock the phone (without being seen), must be reasonably strong, that is long and complex, and if you ever manage to forget it, all that was on the phone is lost forever. That sounds like an amazing system.

@Gargron Unlike using simple fast biometrics to unlock the phone and only use stronger authentication where really needed, like, say, private messenger app.

@gargron @pony in the US anyway, you can be coerced into providing a fingerprint to unlock a touch phone because legally your rights against self incrimination apply to knowledge you may choose to espouse, and your fingerprint isn't knowledge

so, we're already there even without face scanning 😒