Wired is running a story of hackers claiming to have broken Face ID on the new iPhone X.
When Apple released the iPhone X on November 3, it touched off an immediate race among hackers around the world to be the first to fool the company's futuristic new form of authentication. A week later, hackers on the actual other side of the world claim to have successfully duplicated someone's face to unlock his iPhone X—with what looks like a simpler technique than some security researchers believed possible.
On Friday, Vietnamese security firm Bkav released a blog post and video showing that—by all appearances—they'd cracked Face ID with a composite mask of 3-D-printed plastic, silicone, makeup, and simple paper cutouts, which in combination tricked an iPhone X into unlocking.
On a similar note Apple has repeatedly fought working with governments to unlock phones, if the police have a dead or detained criminal what is to stop them from just pointing the phone at their face and getting all the juicy data bits inside? Does Face ID *help* police/governments?
(Score: 4, Interesting) by quacking duck on Tuesday November 14 2017, @05:09PM
Apple was up front about how FaceID isn't good enough to distinguish between identical twins. No one with a clue ever claimed it to be a 100% bullet proof authorization system.
That said, it's also far superior to the latest Samsung Galaxy S8's version, which was famously cracked on day zero with a mere photograph. Samsung still hadn't fixed this flaw when the Note 8 was released six months later [businessinsider.com].
Insofar as the older TouchID required physically forcing a suspect to touch the scanner, and now with FaceID they can just point it at their face, sure, the police/government now have an easier time. On the other hand, quickly pressing the standby button 5 times disables FaceID (and TouchID on older phones), requiring the passcode to re-enable it.
Anyone thinking about harping on Apple have far more legitimate targets. Like that infamous 1+1+1=12 bug in iOS 11's default calculator app, which was known back in the v11.0 betas and still hasn't been fixed.