Originally Posted by Gigatel
What shortcomings? That it can be circumvented with quite a bit of effort? The android fanbase is trying to pass it off as incredibly insecure, I'm just asking why, but you keep deflecting, acting like you're a biometrics expert telling me to "research it," as if that's something you've already done. The arrogance of you folks is quite astounding really.
For someone to pull of this trick, they'd have to have a quality fingerprint and work through all those steps. But they'd have to do it within 48 hours before the phone deletes it's biometric information. They'd have to do it without the phone being turned off or the battery dying, or the phone deletes its biometric information. They'd also have to do it before the user remotely wipes the phone.
So again, can you explain how this is not secure?
The first portion of that video was him programming his fingerprint scanner.
Once it was set, all he had to do was get a piece of tape, apply it to the sensor to pick up the previous print, and then put the tape back on for the scanner to pick up. Not a lot of effort by any means, and works more often than you might expect. Push your finger against a piece of glass; you can see the fingerprint it leaves behind really easily.
Furthermore, articles about biometrics getting circumvented show up on this site from time-to-time, no one is being arrogant, and Android has nothing to do with this. Fingerprint scanners are just not good replacements for stuff that needs to be truly secured.
One of the biggest problems with biometrics is that if it's stolen once, it can't be changed. From that point forward, your "password" has been obtained for anything that uses that particular type of biometrics.Edited by SectorNine50 - 9/22/13 at 8:08pm