[Ajay-p]

Maybe this is unrelated but I refuse to do facial ID, or any type of facial verification. I don't want my phone, or any device that I am using, to record or analyze my features. Maybe that is nit picking a little but I am uncomfortable with all of it.

[akira2501]

There are plenty of ways for anyone to get a picture of my face. In particular, the State has a copy of my photograph, and almost certainly full motion video of me in the DMV getting said license.

I just don't like the fact that my face becomes a password. I'm usually not in a position to _obscure_ my face, so I have no chances to decide if my face should act as a password in any given moment or not.

So, if you hold the phone up to my face, and I look at it, it just unlocks. That's the opposite of "security."

[TylerE]

anyone in a position to do that is in position to torture you the old fashioned way.

https://xkcd.com/538/

[bee_rider]

I don’t know if that is true, nabbing somebody’s phone at a protest and pointing it at them seems like the sort of thing a cop could get away with at a protest for example. It must be illegal, but in the hustle and bustle of the moment, might be hard to catch.

[AlexandrB]

It's not illegal[1] and is the number one reason I don't use biometrics to unlock my phone.

[1] https://www.phonearena.com/news/court-ruling-cops-can-force-...

[pjot]

If you’re talking about someone holding an iPhone to someone’s face, there’s a setting called “attention aware” that verifies your eyes are open and looking at the phone.

[gabeio]

Which is unfortunately causing people's alarms to not work and the current recommendation is to deactivate said feature.

https://www.bbc.com/news/articles/c0kl4glp547o (bbc news article about it)

[happyopossum]

Umm, no. That’s an article with random speculation from unnamed people on the internet.

Attention awareness does not stop alarms, and it requires your eyes to be open and looking at the phone.

[latexr]

If you’re in that kind of environment, press the lock button five times in a row (iPhone) to require a password to unlock on the next interaction.

[nmeagent]

Challenge: surreptitiously press your lock button five times while being accosted or outright assaulted by one or more police officers.

[latexr]

Or, you know, just do it beforehand?

[adolph]

Early in the iOS Face ID cycle I saw this play out with a parent and child where the parent would make a funny face each time the child held the phone up to the parent's face, defeating the biometric.

[akira2501]

I think xkcd has never been arrested by the police and had his belongings searched through illegally. There's more to be afraid of than state actors with the ability to kidnap and torture you without being held to account.

[will1am]

Really well said but I'm afraid of it actually

[throwaway14356]

could be worth it

[anigbrowl]

So what? Everyone who posts this xkcd meme is just vouching for the belief that torture works, when available evidence says otherwise; it's not effective on seriously committed people.

https://clcjbooks.rutgers.edu/books/why-torture-doesnt-work-...

[Renaud]

What do you object to exactly if the biometric data is on device only?

I’m not sure what is the privacy risk there. The apps that authenticate you don’t have access to biometric data.

The main risk I see is if that data was compromised and made available for something else, but I haven’t seen any breach of that that ended up being useful for anything?

Or maybe I missed something?

[Ajay-p]

I don't trust the device, the maker, the company behind the facial recognition technology, and you. If I give software access to analyzing my face it opens the door to overt and covert acts that further erode my privacy.

But really, I don't need a reason other than I'm uncomfortable with it. I worry about people who are comfortable with it..

[marcellus23]

If you don't trust the manufacturer, then it doesn't matter whether you turn Face ID off, those sensors are still pointing at your face. Do you physically keep the face ID sensors covered by tape or something? And how do you avoid other people's phones/cameras seeing you?

[warkdarrior]

And if you don't trust the manufacturer, how do you make sure you identified and covered or disabled all of the sensors on the device?

[vel0city]

And you don't trust the manufacturer with a scan of your face, but you put a significant amount of communications and positional data and logins through it.

[catlikesshrimp]

>And how do you avoid other people's phones/cameras seeing you?

You are missing the point.

>those sensors are still pointing at your face

some phones have a popup front camera. The camera is inside the phone. It is obscured and it would be alarming if it pop up on its own accord.

[overstay8930]

Do you avoid going out in public? Are you never going to step foot in an airport? What is your threat model here? Because it's pretty trivial for anyone to get a 3d scan of your face without you realizing it.

This just sounds like textbook paranoia to me (as in, the actual dictionary definition as an illogical fear that impedes your normal life), because there's nothing reasonable about thinking FaceID is compromised to the point that you have increased your personal safety by not using it.

[kxrm]

> illogical fear that impedes your normal life

I don't agree with the premise that disabling bio-metric security impedes a normal life. Nor has OP given me any reason to believe they are afraid of it in the situations you described.

Passwords and pass codes (when managed well) are perfectly normal security tools to use to ensure your privacy on a device you own.

[lovethevoid]

You can’t ensure your privacy on a “device you own” if you don’t trust the device manufacturers.

[phone8675309]

> Because it's pretty trivial for anyone to get a 3d scan of your face without you realizing it.

Maybe we should do something about this rather than being defeatist and giving up on privacy.

[dylan604]

I don't want to upset or scare you, but if you've ever been in a picture that someone else has posted online to any social platform, your face has already been tagged, recognized, and a very thick file exists about you and everything you do, like, know, associate, etc.

[phkahler]

>> but if you've ever been in a picture that someone else has posted online to any social platform, your face has already been tagged, recognized, and

And that is a completely different issue. The OP just wants to prevent that type of thing when they can.

If I walked up to several individuals (maybe even you) on the street with a camera and tried to take a close-up, a lot of them would object. I don't think "why not let me take it, it's already online someplace" would be a convincing reason to allow it.

[eminent101]

> If I walked up to several individuals (maybe even you) on the street with a camera and tried to take a close-up, a lot of them would object. I don't think "why not let me take it, it's already online someplace" would be a convincing reason to allow it.

In many jurisdictions including where I live in, taking pictures at public places is allowed by law whether or not some other human happens to be in the frame of my picture. It is called "incidental inclusion".

Others can request me to exclude them from my picture but they can only request, they cannot force me to do so. Of course, if someone asked, I am going to be nice to them and try and exclude them from the picture. Others could also try and move a bit this way or that way so that they don't get included in my picture. We live in a society and we can work it out.

In reality though, nobody makes such a request because most people know the law and they know that if they are out there in the public, they could become part of other pictures by incidental inclusion.

[mrguyorama]

"Incidental inclusion" does not cover walking right up to someone and putting a camera in their face. Like, "incidental" is literally in the term.

[catlikesshrimp]

> on the street with a camera and tried to take a close-up.

I might break your phone. How difficult would it be to sue me and for what purpose?

[fragmede]

With how small cameras are these days, you can buy a pinhole camera and tuck it into your shirt and record everything without anyone being the wiser. Face as biometrics doesn't really work. Mother's and daughters and twins have similar enough face shapes to fool FaceID.

[MrDrMcCoy]

Theoretically, those kinds of images lack the necessary detail to qualify as biometric data. If they somehow do, then the whole category becomes invalid for that purpose.

I personally oppose all forms of biometrics for security, as it can neither be invalidated, nor is it safe from physical coercion. I also oppose biometric use for "tracking attention" because it's none of anybody's business but mine.

[fragmede]

tracking attention when you're driving is everyone's business. I'd rather you have a camera in your car making sure you're looking at the road, than have to drive next to someone who is on their cellphone and is trusting the self driving feature of their car.

[MrDrMcCoy]

There's a difference between tracking attention locally for driving as you suggest, and doing so for advertising and mobile device security, which is what the conversation was previously about.

While I consider your example valid in a vacuum, it poses a substantial privacy and financial risk in the real world. If a car that tracks attention also phones home, your insurance carrier may raise your rates or cancel your plan for occasional glances away (sneezes, children, etc), regardless of an actual problem on the road. Such measures ought to only exist locally within a car, but I have absolutely no faith that it will be implemented that way given the current data shared along those lines.

[jobs_throwaway]

Or walked through any major city. There's cameras ~everywhere.

[EncomLab]

Or driven anywhere there are (fucking) Flock cameras...

[happyopossum]

> If I give software access to analyzing my face

I have the legal right to ‘analyze your face’ if you are out in public. Why do you believe that there’s something special about a highly secured, on device FaceID capture that makes it more dangerous than a guy with a camera across the street?

[gretch]

If you don’t trust them, then your act of not giving “software access” does nothing.

[jzb]

Some folks may find collecting biometric data inherently creepy. I mean, yeah, there's also "what might happen when* it's leaked" but ... I just don't like it. It feels maximally invasive.

* These days, I'd assume when, not if.

[kjs3]

You can change a password, you can't change your face. Agreed that we have yet to see the mass-hack based on biometric data that generates the ohshit moment, but from a risk perspective 'it hasn't happened yet' is cold comfort.

[exe34]

> you can't change your face

if you get involved with the wrong/right sort of people, they might do it for you

[catlikesshrimp]

I would rather change my password. Easier, faster, less painful. And it doesn't affect how others perceive me.

[giantrobot]

The biometric data is not your password. It's used to unlock a session token. Getting that session token requires a "what you know" password. There's lots of events that invalidate that session token not the least of which on phones is multiple presses on the lock button (on iOS at least).

[domador]

Yet in many cases it is. I've come across various systems where there is no "what you know" password only a "what you look like" password.

[kjs3]

Yup. I guess if you don't do much of this "it's not a password" sounds like "there's no risk".

[domador]

My own main objection is to biometric data being used as a password, since it is a publicly-viewable, likely-duplicatable password that can never be changed. My second objection is to the possibility of physical injury to me by someone that really wants to steal my credentials.

[dfxm12]

it is a publicly-viewable, likely-duplicatable password that can never be changed.

Is this true? I mean, you can't really show an iPhone a photo of your face to unlock it, can you? Or are you thinking of a different attack vector?

My second objection is to the possibility of physical injury to me by someone that really wants to steal my credentials.

This possibility exists even if your creds are something you know. It also exists if your creds are something you have, and you happen to have them on your person.

[domador]

> This possibility exists even if your creds are something you know. It also exists if your creds are something you have, and you happen to have them on your person.

I can hand over my credentials or secrets to a thief without injury to myself, but I can't safely hand myself over, or a piece of me.

[jerbear4328]

> Is this true? I mean, you can't really show an iPhone a photo of your face to unlock it, can you? Or are you thinking of a different attack vector?

If you have the information that the iPhone wants to see, it is possible to create a synthetic face matching that data and hold it up in front of the phone.[1] You could also probably open up the phone and hotwire the sensors to give the hardened processor holding your Face ID data the readings it wants.

Both of these things are super difficult to do, and much further out of reach of your average thief than simply printing out a picture of the person's face, but the point remains that it is theoretically possible.

[1] Bkav Corporation has made masks that can fool Face ID for about $150: https://www.pcmag.com/news/researchers-claim-they-can-dupe-i... https://www.bkav.com/top-new/-/view-content/65202/bkav-s-new...

[Zambyte]

For what it's worth, you can be beaten with a wrench until you cough up a password also. Obviously there is a difference, but it's worth considering and understanding that.

[domador]

Or I can cough up my password long before that, but if they need my biometrics, then they'll have to hold on to me personally... or a piece of me.

[shmeeed]

You are not alone.

And the day some manufacturer's database with 1.8 billion sets of facial data is going to get hacked and exposed, I'll feel pretty smug about it.

[ryaneager]

Except for the fact that Face ID is completely on device in the secure enclave and not even Apple can access the data stored there soooooo…..

[MrDrMcCoy]

Storing the biometric data securely in the digital enclave only covers half the problem. The other half is in the form of falsifying said biometrics to gain access to a device, or physically forcing the actual person to unlock it against their will. With keys that are only stored in my mind, I have the ability to consciously decide that access should or should not be granted.

[elzbardico]

Studies have shown that amongst human subjects there's a really strong correlation between an economic agent having a gun pointed by someone else at their heads and conciously making choices that posit a positive utility increase for the ones holding the gun.

[MrDrMcCoy]

Maybe so, but it's still their choice in that instance. Some data is with dying to protect.

[driverdan]

So long as Apple can change the software on the device they can get access to the Face ID data, or someone who forces them to do it can.

[shmeeed]

That's sure cool for Face ID. Now all that's missing is the same level of faith in all the rest.

[dwighttk]

Who has ~1.8 billion centrally stored faces?

[HnUser12]

Indian government does. Fortunately not face scans. But pictures, retinal scan and fingerprints.

[vundercind]

Some retailers are probably not far off.

[dylan604]

Facebook

[BoorishBears]

Does that mean you're ok with Face ID?

[1oooqooq]

most govt implementing face identification is NOT on device.

all the on-device stuff was just to ease the tech literati who probably is still 12 years away from being impacted by the actual tech doing the damage, since those are for the poor and foreigners first

[frizlab]

I don’t know for other brands but for FaceID the biometric data literally never leave the device…

[Electricniko]

"Scan complete. Smug look on face detected."

[throwaway14356]

12.4% antisemite - DANGER

[wanderingstan]

The problem is that the face is critical to “normal” interactions. Thus the ChatGPT demo of using the camera to determine if you are speaking to it (or to someone else) to choose whether to respond.

If talking with AI becomes more mainstream, face detection will (at first) make the experience better.

[mamcx]

http://mercadolibre.com force this and I hate it so much.

[agtech_andy]

If you think this way, you should be covering up the camera lenses on all of your devices. It is happening everywhere already.

[Ajay-p]

Like Mark Zuckerburg, I do..

https://www.theguardian.com/technology/2016/jun/22/mark-zuck...

[fsflover]

I just use hardware kill switches on my phone and laptop.

[kypro]

If it's on device and the output is hashed I don't see much of a problem with it. I guess the question would be whether you can trust big tech companies / governments not to have some backdoor to the raw data and what your concern would be if they did have that data.

Here in the UK face ID is pretty common place so I must admit my phone having this data is probably the least of my concerns. For example, one guy I know can't buy his own groceries anymore because he stole some food products from one of our major supermarkets, and since all major supermarkets in the UK have linked facial id systems he's now effectively banned from all supermarkets lmao.

[paulddraper]

What about fingerprint?

[aadhavans]

Not OP, but I think the same concerns are present here as well. If anything, I would argue that they're magnified, since fingerprints are unique.

IMO, the issues surrounding biometrics stem from the fact that they define you, in a way that nothing else - not a name, not an address - can.

[1oooqooq]

congrats, grandpa you will not be able to buy a sim card in half the world, and soon in the usa.

[micahdeath]

Now you can buy esim cards.

[1oooqooq]

why do you think the process will be any different. esim only have the plastic cost for the issuer.

try to buy an africel (usaid sponsored telecom in Africa) without showing up in person for a face scan.

you're all to sheltered and will have no idea what hit you in the near future