[lonelyasacloud]

> Why would the camera be of consequence, though?

Insisting on approved camera avoids making it easier for bad actors to stealthily capture's a victim's biometrics and then use a third party "camera" to replay that information and unlock the victim's phone without them being present.

[macNchz]

Arguably if you anticipate someone targeting you who is capable of attacks this sophisticated, you are very far outside the norm and should probably have an entirely different relationship with your devices than most people.

[SuperShibe]

Couldn't an attacker just swap the sensor? This seems like something that higher law enforcement likely already did.

Also couldn't you avoid this problem entirely be just making the dot projector use an unique pattern for each unlock attempt?

[formerly_proven]

"Couldn't just", might be, probably not. Face-ID is a pretty complex and very highly integrated system. The dot pattern can't be changed, because each dot in the pattern (~100 dots or so) is actually a VCSEL laser. The large constellation (>30k dots) is created by a diffractive beamsplitter. The sensor is probably custom, so I'd wager the CMOS IR sensor is actually physically the thing that's paired to the Secure Enclave. I doubt there's just an unencrypted MIPI link running from some random 1/6" OmniVision sensor to the CPU.

[circuit10]

You could just install another camera alongside the existing one and still do that, so that’s not the reason

[SiempreViernes]

Pretty sure the state of the art is just sending a text with a zero click exploit, not mucking about with hardware.