• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Senator Sends Letter to Cook Regarding Touch ID Privacy Concerns


    Senator Al Franken (D-MN) recently sent a letter to Appleís CEO, Tim Cook, expressing concern over the new Touch ID fingerprint sensor built into the iPhone 5S, which went on sale earlier today. In the letter (PDF), the Senator who is also the Chairman of the Senate Judiciary Subcommittee on Privacy, Technology and the Law, says he is an iPhone owner and is concerned about the use of fingerprints to unlock the device. He mentions the following in his letter regarding the matter:

    It's clear to me that Apple has worked hard to secure this technology and implement it responsibly. The iPhone 5S reportedly stores fingerprint data locally "on the chip" and in an encrypted format. It also blocks third-party apps from accessing Touch ID. Yet important questions remain about how this technology works, Apple's future plans for this technology, and the legal protections that Apple will afford it. I should add that regardless of how carefully Apple implements fingerprint technology, this decision will surely pave the way for its peers and smaller competitors to adopt biometric technology, with varying protections for privacy.
    In his letter, Franken goes on to ask twelve separate questions of Cook, four of which include the following:

    • If it's possible to convert locally-stored fingerprint data into a format that can be used by third parties.
    • If it's possible to extract and obtain fingerprint data from an iPhone 5s either remotely or with physical access to the device.
    • What diagnostic information the iPhone 5s sends to Apple about the Touch ID system.
    • Whether Apple considers fingerprint data to be the "subscriber information" or "electronic communication transactional records", the "contents" of communications, customer or subscriber records, or a "subscriber number or identity" as defined in the Stored Communications Act, or a "tangible thing" as defined in the USA PATRIOT Act.

    The other group of questions relates to when and if Apple could be required to disclose fingerprint information to US Government law enforcement agencies. Apple for its part has posted an extensive knowledge base article about the security benefits of the Touch ID system, though it only discloses broad details about how the iPhone 5S stores fingerprint data, but nevertheless, it may answer some of the questions that Senator Franken had asked:

    Touch ID does not store any images of your fingerprint. It stores only a mathematical representation of your fingerprint. It isn't possible for your actual fingerprint image to be reverse-engineered from this mathematical representation. iPhone 5s also includes a new advanced security architecture called the Secure Enclave within the A7 chip, which was developed to protect passcode and fingerprint data. Fingerprint data is encrypted and protected with a key available only to the Secure Enclave. Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The Secure Enclave is walled off from the rest of A7 and as well as the rest of iOS. Therefore, your fingerprint data is never accessed by iOS or other apps, never stored on Apple servers, and never backed up to iCloud or anywhere else. Only Touch ID uses it and it can't be used to match against other fingerprint databases.
    The Senator gave Apple thirty days to answer the questions and although it isnít a subpoena (meaning Apple isnít required to respond), the company is likely to cooperate. This isnít the first time that Senator Franken has interacted with Apple either Ė in 2011, he asked both Apple and Google to require clear privacy policies for apps sold in their app stores. He also introduced a bill to help protect customer location data as well.

    Source: Apple (Support), Franken (Press Release) (Letter PDF)
    This article was originally published in forum thread: Senator Sends Letter to Cook Regarding Touch ID Privacy Concerns started by Akshay Masand View original post
    Comments 37 Comments
    1. hogcia's Avatar
      hogcia -
      Apple said it received 4,000 to 5,000 requests for customer data from the NSA during the six months ending in May of this year. The requests involved 9,000 to 10,000 customer accounts or devices. Secured my ***, I don't trust Apple when it comes security.
    1. javiert30's Avatar
      javiert30 -
      I had some of the questions presented by him already on my mind...
    1. Ambi_Valence's Avatar
      Ambi_Valence -
      Quote Originally Posted by hogcia View Post
      Apple said it received 4,000 to 5,000 requests for customer data from the NSA during the six months ending in May of this year. The requests involved 9,000 to 10,000 customer accounts or devices. Secured my ***, I don't trust Apple when it comes security.
      So in your mind;
      Apple have received = Apple have capitulated?
    1. JeremiahSantos's Avatar
      JeremiahSantos -
      the concerns the senator has aroused upon the security causes over the Apple services are of well worth to be mentioned and processed .. i am in support
    1. Ambi_Valence's Avatar
      Ambi_Valence -
      Quote Originally Posted by JeremiahSantos View Post
      the concerns the senator has aroused upon the security causes over the Apple services are of well worth to be mentioned and processed .. i am in support
      Just remember, Apple are late to the party with mobile devices incorporating fingerprint sensors. Hell my 4 year old, (I think), HP laptop has it. Did that idiot send them a letter?
    1. JeremiahSantos's Avatar
      JeremiahSantos -
      the concerns the senator has aroused upon the security causes over the Apple services are of well worth to be mentioned and processed .. i am in support
    1. kalpesh78's Avatar
      kalpesh78 -
      Frankly i don't trust anybody. I don't think i want a phone with bio-metric fingerprint scanners. A password you can change if hacked... how do you change a fingerprint? and trust me. someone in the world will figure a way out to get people's fingerprints.
    1. Christophxr's Avatar
      Christophxr -
      Frankly, Al Franken is badass.
    1. hogcia's Avatar
      hogcia -
      Quote Originally Posted by kalpesh78 View Post
      and trust me. someone in the world will figure a way out to get people's fingerprints.
      Ya, it's called "duct tape".
    1. SergeantMAC's Avatar
      SergeantMAC -
      Quote Originally Posted by hogcia View Post
      Ya, it's called "duct tape".
      Haha.
    1. holyshnikes's Avatar
      holyshnikes -
      I get some people are concerned about fingerprint data and such. But I think Apple has gone through great lengths to protect the sensitive information. But let's be honest, if someone DOES happen to get hold of your phone, and DOES know how to hack into it, and DOES know how to decode the fingerprint information (that apparently can't be mathematically reversed), what are they going to do with it? It's not like they can take your fingerprint to the bank for a withdraw. I think it's easier for someone to dig through your trash and find your social security number than it is to do this. And they can do more with your social security number than your fingerprint.
    1. raxal's Avatar
      raxal -
      I am keeping my Iphone 5, no fingerprint crap scanner installed here. Now with iOS 7 intalled , my Iphone 5 look like a crap! Apple went back with this new iOS7 thing.
    1. tridley68's Avatar
      tridley68 -
      Quote Originally Posted by SergeantMAC View Post
      Haha.
      Our country is in the crapper and this jerk is worried about a phone just proves where his head is in apples I cloud
    1. smittyjf's Avatar
      smittyjf -
      I think what you will see is someone trying different ways to fake a fingerprint (like in the movie National Treasure) and see if it works. then we will have "fingerprintgate" and all hell will break loose
    1. Carvensno's Avatar
      Carvensno -
      Well i can see how people may be concerned and such. But for myself? I am not worried about it! I was in the Army, so they have my prints already and then had been cleared for TSA for transporting HAZMAT when i was truck driving.
    1. Lohand's Avatar
      Lohand -
      Quote Originally Posted by Christophxr View Post
      Frankly, Al Franken is badass.
      Totally Agree! Drawing a Map of the US free-hand is also badassery! Sayin...
    1. tallnatt's Avatar
      tallnatt -
      Rtfm!!
    1. budsalinger's Avatar
      budsalinger -
      Quote Originally Posted by tridley68 View Post
      Our country is in the crapper and this jerk is worried about a phone just proves where his head is in apples I cloud
      No. He is concerned with his reputation of being concerned about our privacy and personal security.
    1. HeliPilot's Avatar
      HeliPilot -
      Seems the only people that should worry are criminals and politicians. Just sayin'
    1. Rayraysfunhouse's Avatar
      Rayraysfunhouse -
      I don't see why people are so worried about their fingerprint anyways. My fingerprints are in the national database anyways since I'm military and if anyone has a concealed and carry license there fingerprints have had to be submitted also. What exactly could they do with a damn fingerprint. It's just people finding stupid reasons to try to say apple is crossing the line.