|
|
|
|
|
|
by josecastillo
4666 days ago
|
|
|
I'm glad someone is talking about this. If you set a passcode, iOS encrypts your data with a key derived, in part, from your passcode and a per-device salt; Apple claims that even with access to the device, a nine digit passcode would take 2.5 years to brute force. [1] A fingerprint is only useful for authentication, not key derivation, which makes it effectively useless in protecting your secrets from a determined attacker. As it stands today, my data is encrypted with a key that isn't stored on my device. Unless Apple has developed some kind of fingerprint-based key derivation algorithm, that can't be the case for the hapless user who replaces his passcode with a fingerprint scan. I fear that the innovation announced today is going to make people and their data less safe, not more. [1]: http://images.apple.com/iphone/business/docs/iOS_Security_Oc... |
|
|
exactly