On Touch ID

A room within a room
A door behind a door
Touch, where do you lead?
I need something more
Paul Williams, "Touch"

Naturally, Touch ID was defeated (By the CCC, yay Germany!) only in a matter of hours after the iPhone 5S was available. And people are all over it. Bottom line: This end-user product doesn’t provide military-grade security. No shit.

See!? Using biometric for security doesn’t make sense!

Duh, of course it’s hackable, but it’s better than nothing, and pin codes are a pain in the ass!

But it’s so easy!

Only if you’re the FBI!

Or a private eye!

Dude, nobody’s saying it’s perfect, but it’s better than a pin code nobody is using!

A level of security that is annoying and therefore not used is weaker than weak security, got it? Apparently not:

For those who continue to use Touch ID, Graham suggested a simple step for minimizing the success of Starbug’s attack: use only pinky or ring fingers to unlock your device.

No offense, but somebody’s in need of a reality check here.

Spending quite some time in university libraries, I see people leaving their laptops unattended, user accounts logged in and sure as hell with all their passwords (pardon: the one password) readily available in Chrome’s preferences.

Considering that, I can’t believe we’re having a discussion about somebody going to the lengths of obtaining and forging your finger print. I can’t remember where I‘ve read it, but: If you’re facing that, you have way more to worry about than your phone’s contents.