Follow The Safe Mac on Twitter to stay advised of the latest Mac security news!
Posted on September 23rd, 2013 at 11:59 AM EST
There’s been a lot of fuss about Touch ID – the fingerprint reading system in Apple’s new iPhone 5s – since its release. For that matter, the furor actually started long before release, when the fingerprint reader was nothing but a rumor. It seems like almost every security expert has been making the most of every opportunity to take a potshot at Touch ID. One would get the idea that Touch ID was going to cause the Armageddon. The reality, though, is far less scary than people would like you to believe.
Fears expressed have been widely varied. There are claims that a fingerprint reader may not be much more secure than a 4-digit passcode. Concerns that a fingerprint cannot be changed, and is left behind on everything you touch, so it shouldn’t be used for security purposes. Theories that it will be backdoored by the NSA, giving them digital copies of your fingerprints. Fears that a fingerprint reader may take away your legal right to “plead the fifth.” Following up on all this is the news that a group has successfully fooled Touch ID by using a harvested fingerprint to build a low-tech fake finger.
In some cases, this is simple groundless hand-wringing. Apple has responses for many of these concerns in a technical note on their support site. When it comes to the rest, they’re simply missing the big picture. Where most people seem to be going wrong is to assume that it is a problem that Touch ID security is not perfect. That’s a seriously flawed assumption, though.
Okay, I hear you now… shouldn’t security be as perfect as possible? Isn’t it a problem if a security measure can be defeated? Well, yes and no. The truth is, there’s no such thing as perfect security. There’s always a way to circumvent security. The goal is to minimize those opportunities, making it more costly to get access than that access is worth.
In the case of Touch ID, that goal is met. As Rich Mogull has pointed out, this is all about making security transparently easy to use, so that people actually use it. Suppose someone steals your iPhone. If it’s not secured in any way – as is the case for most phones these days – that thief will be free to make malicious use of whatever data you’ve got on your phone. There’s absolutely no barrier to entry. A simple 4-digit passcode is far from an insurmountable barrier, but with one in place, it’s usually not worth the thief’s time and effort to get access. He’s got your phone, to be wiped clean and either used himself or sold for cash, and that’s really all he was interested in.
Now consider the Touch ID. People don’t use even a 4-digit passcode because it’s inconvenient. If even Yahoo’s CEO Marissa Mayer doesn’t use a passcode on her phone, what hope do we have that anyone other than the most paranoid are using one? But what if you could use a method that’s more secure than a 4-digit passcode and takes no time to enter, removing that “inconvenience factor?” My guess is, most iPhone 5s owners will soon be using Touch ID, and when most of those people probably have never used security on their phones before, that’s a good thing.
There’s an additional side to this story that I find laughably interesting. Have you heard the news story about how your user password on Mac OS X or Windows cannot actually protect your data? No? That’s because there never has been one, to my knowledge. Yet, given physical access and the right preparation, I could be digging through the documents on your Mac within minutes, without ever needing to know your user account password. This is absolutely trivial to do; much easier than on an iPhone, in fact. Why isn’t that news, when the Touch ID, which is far more secure, is creating paranoid headlines around the world? I suspect this has to do with the fact that there are a lot more people out there right now who are interested in bringing Apple down a peg or two than there were more than a decade ago, when Mac OS X debuted.
In the end, there’s really only one way to keep your data safe, and it does not involve locking screens or user passwords or anything similar. Strong encryption is the only way to keep prying eyes out of your data, and even then only with a well-constructed password that is not written down anywhere, and used on a system that is free of malware. If you have sensitive data, it either shouldn’t be on your iPhone to begin with or it should be encrypted. If you put unencrypted data on your iPhone, or any other electronic device, it will be vulnerable to being stolen by someone with sufficient skills and motivation, no matter what you use to lock the screen.