[liberationtech] iPhone5S Fingerprint and 5th amendment
Peat Bakke
peat at peat.org
Wed Sep 11 08:42:26 PDT 2013
Are there any reasons why fingerprint data couldn't be treated with the
same concern as passwords? That is, subject to a one-way hash before being
stored, transmitted in signed payloads, etc?
I'm not sure how securing this data would be different than passwords --
and given how much unique data can be generated from a fingerprint, it
should be significantly better than John Doe's 8 character password.
On Wed, Sep 11, 2013 at 6:40 AM, Rich Kulawiec <rsk at gsp.org> wrote:
> That's a valid concern.
>
> But I think you should probably be more concerned that it's only a matter
> of time until malware is released which grabs the fingerprint and quietly
> uploads it to someone's database. I'm sure they'll find uses for it,
> doubly so if it happens to unlock something other than a phone.
>
> Perhaps this has already happened.
>
> ---rsk
> --
> Liberationtech is a public list whose archives are searchable on Google.
> Violations of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu.
>
--
Peat Bakke
http://peat.org/
(503) 701-4135
@peat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130911/d1c75753/attachment.html>
More information about the liberationtech
mailing list