Overclockers Australia Forums

OCAU News - Wiki - QuickLinks - Pix - Sponsors  

Go Back   Overclockers Australia Forums > Other Topics > Mobile Phones & Devices > Apple iOS (OS & Devices)

Notices

Reply
 
Thread Tools
Old 13th September 2017, 10:38 PM   #136
connico
Member
 
connico's Avatar
 
Join Date: Jan 2004
Location: Sydney
Posts: 2,570
Default

Quote:
Originally Posted by elvis View Post
Either way, it doesn't mitigate the issues with FaceID away. I personally will avoid it.
Do you reckon face is worst than retina?
__________________
www.shoepolish.net.au
connico is offline   Reply With Quote
Old 13th September 2017, 10:51 PM   #137
elvis
Old school old fool
 
elvis's Avatar
 
Join Date: Jun 2001
Location: Brisbane
Posts: 29,716
Default

Quote:
Originally Posted by connico View Post
Do you reckon face is worst than retina?
I am not an expert in this field, but from the little I understand the retina scanning uses different wavelength light (IR as well as visible light) to get a better picture of the eyeball, and from there can better detect forged images. There were notable attacks on early retina scanning where people could use a particular type of photo (often one taken with an IR camera) and some wet contact lenses and fool the scanner. But again, that's been improved since, and it appears better these days.

There's SFA data on FaceID other than marketing hype, so I'm not sure how it works. It concerns me that Apple are sticking with the line "one in a million faces", almost as if their lawyers told them to. Crypto and security needs better numbers than "one in a million", even if that sounds pretty good to a layperson.

Again, it's too early to tell. The onus is on Apple to prove the tech is solid, not on us as consumers to believe their marketing. At this point I'm happy to let others guinea pig the product. Either it works, and everyone's happy, or it fails, and it's not me who suffers the loss. As with the first paragraph, other tech similar to this was in the wild for a while before people successfully beat it. I know the Apple fans are confident that this has been brewing inside Apple R&D for over a year now, but I need data, not blind faith. This is science, not religion.

Last edited by elvis; 13th September 2017 at 11:05 PM.
elvis is offline   Reply With Quote
Old 13th September 2017, 11:56 PM   #138
Hater
Member
 
Hater's Avatar
 
Join Date: Nov 2012
Location: Scotland
Posts: 1,335
Default

One in a million faces?

So there's 7 more just in New South Wales.
__________________
Quote:
Originally Posted by elvis View Post
Quote me in 2026, and if I'm wrong, I'll buy you a nice steak dinner.
Hater is offline   Reply With Quote
Old 14th September 2017, 12:59 AM   #139
Shado
Member
 
Shado's Avatar
 
Join Date: Jun 2001
Location: Brisbane, QLD, Australia
Posts: 3,561
Default

Quote:
Originally Posted by elvis View Post
I think I want to wait for the security researchers to have a go at this "active attention" thing before I trust it. Right now there's a lot of marketing words being thrown around, and not much solid data. Fairly standard for an Apple product launch, but regardless, I need a bit more data from someone who's not Apple on how reliable and safe this is. Impartial analysis means more to me than marketdroid BS.
That's fair. Honestly though Apple have the best track record here, I'd be surprised if they stuff it up that badly. Can't argue with wait and see though.

Quote:
I think this is different. People generally buy expensive toys because of what it means to them, and what joy it brings them in their private life. With phones, more and more I see people buying them *to be seen in public*. The "status symbol" element of these is concerning, especially with kids and teens.
I think you're projecting a small subset onto the rest. I'd say it's exactly the same with cars etc. Teens have no business having an $1,800 phone unless they work and earn it themselves, and parents that give it to them deserve a smack for raising spoiled brats.

Quote:
Your comment about them being purchased "in preference to essentials" has already been parodied today:
http://www.betootaadvocate.com/human...d-1829-iphone/
It's a bit silly though (I guess that's why it's a parody), because the phone makes virtually f all difference to affording a house, particularly if you were in Sydney. Sure, that and all the evenings out add up, but just the phone alone, is not really going to make or break. People's expectations on the other hand are unrealistic, but that's a discussion for another thread...

Quote:
Amusing, sure. But I'm certain everyone reading this knows of at least one person who has already purchased an expensive electronic device, and then complained publicly about money issues in other areas of their lives. I work with dozens of them, in fact. The need for instant gratification is a growing affliction.
Ah. I do not. The comments I got from co-workers today were 'I'm reconsidering given the price' and 'No way I can afford that'. From people that haven't ever complained about a lack of money before. I find the whole thing hard to understand because I do not think like that and have never ever had money issues.

Quote:
Actually no, biometrics requires a digital representation of a part of you. That's the worry. Ultimately your fingerprint, iris scan, face scan, or whatever other thing is transmitted as a representative string of data to unlock a private key and grant access via PKI. The difference being that I can change a password if it gets compromised, but I can't easily change the string that the system sends as a representation of my fingerprint / face scan / whatever. And this is where the hacks will be when they eventually happen (because all things are eventually compromised, such is the nature of software - we're just betting on the compromises taking longer to arrive than we use this current technology for).
The biometrics aren't used remotely however, so it's actually a combination of those biometrics + passwords that you can change, that give access to anything. So yeah, someone steals your phone, and they have your fingerprint to a quality that can fool touchID (not easy, but I'll give you not impossible). Then they can get access to anything within, for about 24 hours, provided you haven't restarted / updated since you last entered your pin. Of course in the mean time you can change all the passwords and credit card numbers contained within, so the attack needs to be relatively sophisticated and fairly swift. I've just never even heard of it happening in real life outside of law enforcement.

Quote:
As above, I'd like to see some independent analysis of all of this before I trust it. Same goes for anything in the field of computer or information security. The word of the person who sells it isn't good enough on its own merit. Thus far, security "experts" are mostly in agreement that biometrics are handy for multi-factor authentication, but shouldn't be relied on as a primary source of authentication nor authorisation (the first two "A"s in the "Triple A security model").
I guarantee as soon as it's released thousands of experts will be trying to break it, only a portion of those will keep any vulnerabilities secret, and probably only then if they are really complex to find otherwise they would rather release it for the kudos before someone else does inevitably.

If you're protecting against corporate espionage or state actors, I'd be sure biometrics is not enough. But if you're trying to stop some random from lifting your phone and draining your bank account in a few hours, Apple would have to f this up pretty royally to make that a real risk. While I don't *trust* them to not oversell their products, I trust them to not be completely incompetent when billions of dollars are at stake. That's based on track record, not some sort of blind faith.

Quote:
One in a million faces?

So there's 7 more just in New South Wales.
So when someone steals your phone, they just have to, on average, show it to 500,000 people at arms length and see if it unlocks.... TouchID was apparently 1 in 50,000. It's a little more complex to break than it sounds given the complexity of a 'try' and the fact that you get locked out of it after a few failures - as Apple did on stage when presenting the damn feature (edited out of the replays) - thus my concern is that they're actually selling a product which is more secure than I want it to be.

Quote:
There's SFA data on FaceID other than marketing hype, so I'm not sure how it works. It concerns me that Apple are sticking with the line "one in a million faces", almost as if their lawyers told them to. Crypto and security needs better numbers than "one in a million", even if that sounds pretty good to a layperson.
There's a fair amount in the presentation, though I'm sure not the detail you want, it uses multiple cameras so it requires the face to be 3 dimensional, a photo won't work. One in a million is terrible if you can just have a million guesses and guesses are cheap (eg, a pin without or even with rate limiting), but given it locks you out after a few incorrect guesses, and the cost of a guess is high, it's not that straight forward. I'm sure the NSA will be ontop of it in no time, but I don't think your average phone thief is going to have way to break it like you can brute force most software.

I think there's a certain level of paranoia, where it doesn't matter how good it is, you should still never rely on it. But I honestly don't think 99.5% of people NEED to be that paranoid. The kind of identity theft or other things you're much more likely to face in life you have probably never thought about. Letting other people be guinea pigs is fair, after all, it would be a heap of money to spend to find out it wasn't reliable.

Quote:
not much solid data
The only solid data I have on it so far, is that the guy demoing how easy it was to use on stage, had it not let him into his own phone locked him out to
require a passcode to unlock. So, so far, on all the data I have, it's too slow and unreliable at letting someone who SHOULD be able to unlock it, unlock it. Small sample size though, hopefully people will get real review units before launch, or I guess we can all wait longer for the guinea pigs to report back.
Shado is offline   Reply With Quote
Old 14th September 2017, 6:48 AM   #140
MR CHILLED Thread Starter
D'oh!
 
MR CHILLED's Avatar
 
Join Date: Jan 2002
Location: Canadia
Posts: 126,200
Default

How Aus prices compare to other countries...

http://www.news.com.au/technology/ga...938b05084b5fdc
__________________
Malcolm Turnbull on the Libs.."we are not run by factions, nor are we run by big business or by deals in back rooms"
MR CHILLED is offline   Reply With Quote
Old 14th September 2017, 7:39 AM   #141
Sphinx2000
Member
 
Sphinx2000's Avatar
 
Join Date: Sep 2001
Location: Brisbane
Posts: 4,915
Default

Quote:
Originally Posted by thecondor View Post
So.....

Iphone x 256Gb - $ 1829
Apple airpods - $ 229
Wireless charging pad - $ 100
Case - $ 40
Total - 2,198

Apple take my money, what a bargain
Holy..! I think a new VR gaming PC would be a better a choice of that kind of expenditure.
Sphinx2000 is offline   Reply With Quote
Old 14th September 2017, 8:03 AM   #142
elvis
Old school old fool
 
elvis's Avatar
 
Join Date: Jun 2001
Location: Brisbane
Posts: 29,716
Default

Quote:
Originally Posted by Shado View Post
Honestly though Apple have the best track record here
I'm not sure how you quantify "best track record". Apple do well in some areas of security, and have screwed up others. They're no different to any other vendor in this regard, and anyone saying anything different is merely demonstrating bias.

Quote:
Originally Posted by Shado View Post
I think you're projecting a small subset onto the rest.
I don't. The phone as a status symbol phenomena is well documented across many demographics. Teens are the worst - ask any high school principal. But worryingly, more recently, adults aren't much better, with many not maturing past their teenage years due to the impacts of social media, celebrity worship, and obsessions with status.

Quote:
Originally Posted by Shado View Post
It's a bit silly though (I guess that's why it's a parody), because the phone makes virtually f all difference to affording a house, particularly if you were in Sydney. Sure, that and all the evenings out add up, but just the phone alone, is not really going to make or break.
The article is a humorous demonstration of the "instant gratification" problem people have. The phone in isolation is not the problem, but rather people upgrading year on year with no need, simply because the beat of Apple's marketing drum told them to. Ditto for every other fashion item they own (because again, phones are status/fashion items far more than practical devices - arguably nobody *needs* a $1800 phone, when they can do the same tasks on cheaper models).

I'm actually a bit surprised I have to explain that.

Quote:
Originally Posted by Shado View Post
on average, show it to 500,000 people at arms length and see if it unlocks.
Humans are pretty terrible at understanding statistics. "On average" rolling a dice will result in "3.5", but I've got as likely a chance of getting a 1 as a 6 on the first roll. If Apple's measurement of FaceID is "one in a million", that is as likely to be the first person as the millionth, and more to the point "a million" is a very small number. (Also probably a lot more likely for relatives, family member, or people of similar facial markers via similar genetics/race).

In security, you want to see chances of one-in-trillions or more, not millions, and especially when the sample set (faces) are less random than you'd think when you hang out with people who look similar to you (as we all tend to do, as is human nature).

Last edited by elvis; 14th September 2017 at 7:07 PM. Reason: Typo, thanks Shado for the heads up. :)
elvis is offline   Reply With Quote
Old 14th September 2017, 8:27 AM   #143
patto
Member
 
Join Date: Feb 2002
Posts: 7,004
Default

Quote:
Originally Posted by Shado View Post
But if you're trying to stop some random from lifting your phone and draining your bank account in a few hours, Apple would have to f this up pretty royally to make that a real risk.
It doesn't matter what security access your phone has. If that is a risk then you have a big security risk there.
patto is offline   Reply With Quote
Old 14th September 2017, 11:48 AM   #144
DarkYendor
Member
 
DarkYendor's Avatar
 
Join Date: Feb 2008
Location: Perth
Posts: 3,013
Default

Quote:
Originally Posted by elvis View Post
That's twice now where I've objectively criticised a certain technology, and you've inferred that it means I'll only interact with one other particular technology. This is called a "false dichotomy".
I'm just following what you're saying.

At a regular store, you have the options of cash, Card(chip+pin), Card(paywave/payapss), NFC via a Phone.

You've said you don't use paywave.
You're saying NFC is too insecure because it makes you a target for thieves.
Cash is less secure than both of the above.
Only remaining option is Card with chip+pin (presumably you've drilled holes in the internal antenna to disable paywave).
__________________
RIG: | i5 2500k @4.5 | Asus P8P67 Pro | 2x GTX460 SLI | 16GB DDR3 | 2x 240GB SSD | 2x Dell U2311H |
C&C: | LianLi PC-A71B | Swiftech MCP655 | Swiftech MCR320-QP, MCR240-QP | Heatkiller 3.0 |
SERVER: | i3 3220 | 16GB DDR3 | 16TB RAID-F | BACKUP SERVER: | Intel D945GCLF2 | 2GB DDR2 | 2TB RAID-1 |
Successful OCAU trades
DarkYendor is offline   Reply With Quote
Old 14th September 2017, 12:11 PM   #145
DVDHack
Member
 
Join Date: Feb 2002
Location: Melbourne
Posts: 277
Default

Quote:
Originally Posted by elvis View Post
I'm not sure how you quantify "best track record". Apple do well in some areas of security, and have screwed up others. They're no different to any other vendor in this regard, and anyone saying anything different is merely demonstrating bias.


I don't. The phone as a status symbol phenomena is well documented across many demographics. Teens are the worst - ask any high school principal. But worryingly, more recently, adults aren't much better, with many not maturing past their teenage years due to the impacts of social media, celebrity worship, and obsessions with status.


The article is a humorous demonstration of the "instant gratification" problem people have. The phone in isolation is not the problem, but rather people upgrading year on year with no need, simply because the beat of Apple's marketing drum told them to. Ditto for every other fashion item they own (because again, phones are status/fashion items far more than practical devices - arguably nobody *needs* a $1800 phone, when they can do the same tasks on cheaper models).

I'm actually a bit surprised I have to explain that.


Humans are pretty terrible at understanding statistics. "On average" rolling a dice will result in "3.5", but I've got as likely a chance of getting a 1 as a 7 on the first roll. If Apple's measurement of FaceID is "one in a million", that is as likely to be the first person as the millionth, and more to the point "a million" is a very small number. (Also probably a lot more likely for relatives, family member, or people of similar facial markers via similar genetics/race).

In security, you want to see chances of one-in-trillions or more, not millions, and especially when the sample set (faces) are less random than you'd think when you hang out with people who look similar to you (as we all tend to do, as is human nature).
I'm not sure I can take statistics advice from someone who thinks a dice has 7 sides! The chances of rolling a 1 instead of a 7 are infinitely higher.
DVDHack is offline   Reply With Quote
Old 14th September 2017, 12:35 PM   #146
Slugoid
Member
 
Slugoid's Avatar
 
Join Date: Jun 2002
Location: Hong Kong SAR
Posts: 3,733
Default

Quote:
Originally Posted by DVDHack View Post
I'm not sure I can take statistics advice from someone who thinks a dice has 7 sides! The chances of rolling a 1 instead of a 7 are infinitely higher.
Dice could also be plural of, so you can roll a 7 if you roll the dice. But he did say "a dice" so that is indicates singularity. But then there are some dice out there with more than 6 sides

Anyway, I found this video interesting to answer some more questions about the new iPhones:

Slugoid is offline   Reply With Quote
Old 14th September 2017, 12:56 PM   #147
Matthew kane
Member
 
Join Date: Jan 2014
Location: Melbourne
Posts: 857
Default

Why are some people calling the X iphone 10 (assuming we going by roman numerals now which has never been the case for iphone models) ?
__________________
Intel i7 3960X @ 4.7GHZ - Noctua NH-D14 | 16GB OCZ Platinum Series DDR3 1600MHZ | Asus Rampage IV Extreme (4901 bios) | Zotac AMP! Edition GTX 980 Ti | PNY GTX 465 unlocked to 470 | Creative X-Fi Titanium Fatality Pro with LME47920's opamps | OCZ Vertex 3 240GB | OCZ Vertex Plus 120GB| 1TB WD Black, 2TB WD Green, 4 x 2TB Seagate LP | Enermax Revolution 85+ 1250watt | Antec P280 + Veris Elite | LG BD Rewriter
Matthew kane is offline   Reply With Quote
Old 14th September 2017, 1:04 PM   #148
thecondor
Member
 
thecondor's Avatar
 
Join Date: Jun 2011
Posts: 2,282
Default

Quote:
Originally Posted by Matthew kane View Post
Why are some people calling the X iphone 10 (assuming we going by roman numerals now which has never been the case for iphone models) ?
Cause it is the 10 year anniversary phone. Hence X.
thecondor is online now   Reply With Quote
Old 14th September 2017, 1:19 PM   #149
miicah
Member
 
Join Date: Jun 2010
Location: Brisbane, QLD
Posts: 4,380
Default

Any word of an iPhone SE update?
__________________
SFF Gaming>i5-4690|16GB Crucial DDR3|ASUS-H97I-PLUS mITX|EVGA GTX680|Crucial M550 M.2 256GB|Corsair RM450|Thermaltake Core V1|Edifier S550

CS:GO Videos | Motorcycle Videos
miicah is offline   Reply With Quote
Old 14th September 2017, 1:34 PM   #150
power
Member
 
power's Avatar
 
Join Date: Apr 2002
Location: brisbane
Posts: 50,479
Default

Quote:
Originally Posted by Matthew kane View Post
Why are some people calling the X iphone 10 (assuming we going by roman numerals now which has never been the case for iphone models) ?
because that's what Apple are calling it.
__________________
this is who we are.
power is offline   Reply With Quote
Reply

Bookmarks

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +10. The time now is 7:17 AM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
OCAU is not responsible for the content of individual messages posted by others.
Other content copyright Overclockers Australia.
OCAU is hosted by Micron21!