face id

3D-printed heads let hackers – and cops – unlock your phone

Posted by | 3d printing, biometrics, face id, facial recognition, facial recognition software, Hack, Identification, iOS, iPhone, learning, Mobile, model, Prevention, privacy, Security, surveillance | No Comments

There’s a lot you can make with a 3D printer: from prosthetics, corneas, and firearms — even an Olympic-standard luge.

You can even 3D print a life-size replica of a human head — and not just for Hollywood. Forbes reporter Thomas Brewster commissioned a 3D printed model of his own head to test the face unlocking systems on a range of phones — four Android models and an iPhone X.

Bad news if you’re an Android user: only the iPhone X defended against the attack.

Gone, it seems, are the days of the trusty passcode, which many still find cumbersome, fiddly, and inconvenient — especially when you unlock your phone dozens of times a day. Phone makers are taking to the more convenient unlock methods. Even if Google’s latest Pixel 3 shunned facial recognition, many Android models — including popular Samsung devices — are relying more on your facial biometrics. In its latest models, Apple effectively killed its fingerprint-reading Touch ID in favor of its newer Face ID.

But that poses a problem for your data if a mere 3D-printed model can trick your phone into giving up your secrets. That makes life much easier for hackers, who have no rulebook to go from. But what about the police or the feds, who do?

It’s no secret that biometrics — your fingerprints and your face — aren’t protected under the Fifth Amendment. That means police can’t compel you to give up your passcode, but they can forcibly depress your fingerprint to unlock your phone, or hold it to your face while you’re looking at it. And the police know it — it happens more often than you might realize.

But there’s also little in the way of stopping police from 3D printing or replicating a set of biometrics to break into a phone.

“Legally, it’s no different from using fingerprints to unlock a device,” said Orin Kerr, professor at USC Gould School of Law, in an email. “The government needs to get the biometric unlocking information somehow,” by either the finger pattern shape or the head shape, he said.

Although a warrant “wouldn’t necessarily be a requirement” to get the biometric data, one would be needed to use the data to unlock a device, he said.

Jake Laperruque, senior counsel at the Project On Government Oversight, said it was doable but isn’t the most practical or cost-effective way for cops to get access to phone data.

“A situation where you couldn’t get the actual person but could use a 3D print model may exist,” he said. “I think the big threat is that a system where anyone — cops or criminals — can get into your phone by holding your face up to it is a system with serious security limits.”

The FBI alone has thousands of devices in its custody — even after admitting the number of encrypted devices is far lower than first reported. With the ubiquitous nature of surveillance, now even more powerful with high-resolution cameras and facial recognition software, it’s easier than ever for police to obtain our biometric data as we go about our everyday lives.

Those cheering on the “death of the password” might want to think again. They’re still the only thing that’s keeping your data safe from the law.

Powered by WPeMatico

Netflix’s hackathon produces a way to navigate its iOS app with ARKit and Face ID

Posted by | Apps, augmented reality, face id, hackathon, Mobile, Netflix | No Comments

Netflix’s internal hackathons have consistently produced fun and often silly hacks, from that “Netflixtendo” hack a few years ago that let you run Netflix on the original NES to the more recent “audiobook mode” that turned Netflix series into old-school radio shows by way of Audio Descriptions. This year’s hackathon doesn’t disappoint either, with new hacks that are both as goofy and interesting as in years past, including an AR and Face ID-powered hack that lets you navigate Netflix with just your eyes, another designed for “Sharknado” fans and more.

“Jump to Shark” lets viewers skip right to the good parts of the so-bad-it’s-good “Sharknado,” so they can watch the bloody action sequences with sharks, instead of having to sit through the movie’s actual plot. It’s pretty great, as the video shows.

The AR hack, Eye Nav, is fairly impressive, too.

The hack uses Apple’s ARKit and the technology that enables Face ID for tracking eye position and facial expressions. It tracks your eye position to move a pointer around the screen, then measures the time spent on the same area to trigger a “tap.”

If you want to dismiss a screen, you can just stick your tongue out.

While the resulting hack is definitely fun, there are also implications for accessibility use cases in the future.

The hack was produced in 24 hours, so it may not be stable enough for real-world use, but it’s definitely an interesting idea.

A third hack doesn’t involve Netflix, but rather the productivity software Slack, used by Netflix employees.

“LunchBot” connects co-workers who are too busy to go to lunch, by inviting them to eat lunch together — virtually, while in a Slack chat. The app also checks everyone’s calendars to make sure they’re free.

Other hacks this year included those for product improvements, enhancements to its internal tools and some that were just for fun. A few of these were showcased in its Hackday 2018 video, such as a map for locating studio production resources, an “easy login” system and a version of Animoji using Netflix characters.

But the larger goal of Netflix’s hackathon, as you can probably tell, isn’t necessarily about creating features that will later be productized (although, c’mon…Jump to Shark!), but they sometimes serve as inspiration for features further down the road, the company says.

Powered by WPeMatico

iOS 12 will let users register another person to their Face ID

Posted by | Apple, face id, hardware, iOS 12, iPhone, Mobile, privacy, Security, TC | No Comments

From advancements in AR to Memojis to group FaceTime, there is plenty to be excited about with iOS 12. But one of the more practical updates to Apple’s mobile operating system, coming this fall, went unmentioned during the keynote at WWDC.

According to 9to5Mac, iOS 12 will allow for two different faces to be registered to Face ID.

Up until now, Face ID has only allowed a single appearance to be registered to the iPhone X. 9to5Mac first noticed the update when combing through the iOS 12 beta, where one can find new settings for Face ID that allow users to “Set Up an Alternative Appearance.”

Here’s what the description says:

In addition to continuously learning how you look, Face ID can recognize an alternative appearance.

While that’s about as unclear as a description might be, 9to5Mac tested and confirmed the update, with the following caveat. Users who choose to register two faces to Face ID will not be able to remove that face without starting over from scratch with their own FaceID registration. In other words, if you choose to reset the alternate appearance, you’ll also have to clear out all existing data around your own face, too.

That small inconvenience aside, the ability to add a second face to Face ID makes total sense. Couples often pass their phones back and forth as a matter of practicality, and parents often let their children use their phones to play games and check out apps.

Plus, this may hint at Face ID on the next generation of iPads, which tend to be shared amongst multiple users more often than phones.

Powered by WPeMatico

Senator Franken asks Apple for privacy guarantees around Face ID data

Posted by | face id, facial recognition, Gadgets, Government, iPhone X, Mobile, TC | No Comments

 A friendly letter from Senator Al Franken (D-MN) to Apple requests that the latter provide a few more details on the tech behind its Face ID system, which allows users to unlock their iPhone X using facial recognition. It’s very far from a nastygram; the Senator pretty clearly just wants to cover a bit more ground than Apple had time for in its presentation yesterday. Read More

Powered by WPeMatico

iPhone X’s Face ID raises security and privacy questions

Posted by | Apple Pay, artificial intelligence, authentication, biometrics, cupertino, face id, facial biometrics, Fingerprint, iOS, iPhone, iphone 5s, iPhone X, Mobile, privacy, Security, smartphones, TC, Touch ID | No Comments

 Offering to gate the smorgasbord of personal content that lives on a mobile device behind a face biometric inevitably raises lots of security questions, even as always on face-scanning tech being housed in a smartphone raises privacy concerns… Read More

Powered by WPeMatico