Hacker News new | ask | show | jobs
by dkonofalski 3208 days ago
The alternative was passcodes and Apple's research suggested that people disabled passcodes rather than use anything secure. TouchID was determined to be far more secure than no passcode and having both TouchID and a passcode is secure enough for most users. You can't add devices without both (along with an Apple ID password) and, at that point, you have physical access to the device which negates most security features anyways.
1 comments
grzm 3208 days ago
Interesting and pragmatic. Do you have a reference for this? I'd be interested in reading more.
link
M4v3R 3208 days ago
Here's the whitepaper about iOS security: https://www.apple.com/business/docs/iOS_Security_Guide.pdf
link
dkonofalski 3208 days ago
There is a reference for this as Apple published a security white-paper about it prior to the release of TouchID. Unfortunately, I'm not at a point where I can search for it. If I find the time today, I will update this post with a link.
link
grzm 3208 days ago
Cheers. I'd appreciate it.

Edit to add: I came across this one:

https://www.apple.com/business/docs/iOS_Security_Guide.pdf

It was linked from an article in 2014[1], though this PDF document is dated March 2017.

[1]: http://www.biometricupdate.com/201402/apple-publishes-whitep...

link
dkonofalski 3208 days ago
Yeah, that's the updated one. Prior to the release of TouchID, something similar was released.
link