Apple Patenting a Way To Collect Fingerprints, Photos of Thieves (appleinsider.com) 90
An anonymous reader quotes a report from Apple Insider: As published by the U.S. Patent and Trademark Office, Apple's invention covering "Biometric capture for unauthorized user identification" details the simple but brilliant -- and legally fuzzy -- idea of using an iPhone or iPad's Touch ID module, camera and other sensors to capture and store information about a potential thief. Apple's patent is also governed by device triggers, though different constraints might be applied to unauthorized user data aggregation. For example, in one embodiment a single failed authentication triggers the immediate capture of fingerprint data and a picture of the user. In other cases, the device might be configured to evaluate the factors that ultimately trigger biometric capture based on a set of defaults defined by internal security protocols or the user. Interestingly, the patent application mentions machine learning as a potential solution for deciding when to capture biometric data and how to manage it. Other data can augment the biometric information, for example time stamps, device location, speed, air pressure, audio data and more, all collected and logged as background operations. The deemed unauthorized user's data is then either stored locally on the device or sent to a remote server for further evaluation.
Legally Fuzzy? (Score:2)
TFA doesn't say why this would be legally fuzzy.
Re: (Score:3)
TFA doesn't say why this would be legally fuzzy.
I don't see what's legally fuzzy about this either. Since when did privacy rights of thieves trump owner's rights to recover their property?
Privacy (Score:2)
A burglar in someone else's house has no expectation of privacy. A thief using someone else's property has no expectation of privacy.
Re: Privacy (Score:4, Interesting)
Is that a legal opinion or a "common sense" one?
I don't have a clue what the law is on this matter and am genuinely interested.
Re: (Score:3)
IANAL but I don't think you need to even get to the "right to privacy" legal theory. It's your device, and you can give it permission to capture and store biometric data and upload it to the cloud. If somebody picks up and uses your device, any information they give it, biometric or otherwise, becomes your information provided it isn't trademarked or copyrighted, and even if they somehow manage to do those things for their biometric data and likeness of their face, capturing it for your own personal use (su
Re: (Score:1)
Not even close to the same thing. In one case the person is holding the phone in question in the other case... I don't know? You are stalking them?
Re: (Score:2)
Re: Privacy (Score:1)
It can get fuzzy. Generally, from EU laws, the thief has rights to their own data. For example: I steal your phone, I wipe it and put my data in there, and that data belongs to me and cannot be disclosed to the original owner. Sharing of such data tends to require law enforcement requests. Same if someone is dumb enough to hack an online account and enter their personal details.
Re: (Score:2)
Guests in someone else's home do not have an expectation of privacy. I'd say a burglar certainly doesn't.
https://www.law.cornell.edu/su... [cornell.edu]
Not to much of a stretch extending that to a thief using someone else's computer/phone/etc...
Re: (Score:2)
And a thief who hurts himself breaking into your house shouldn't be able to sue you for damages but he can. In general taking a picture isn't an issue (although that might depend on what else is in the picture) but recording their voices would be.
Re: (Score:1)
So what of the good samaritan who finds the device and accidentally brushes the fingerprint reader in his efforts to return it to its rightful owner. Has said do-gooder accidentally given up his rights of privacy and biometric security in so doing? Will apple share this data with all the LEO's without said nonuser's permission?
Re: (Score:2)
You have to bring the lock screen up and then carefully hold your finger on the button while it scans. A simple accidental brushing of the scanner wouldn't suffice.
Re: (Score:1)
This could be abused to collect fingerprints from non-theives by allowing them access to the device. It could get legally fuzzy where children are involved.
Re: (Score:2)
The FBI's dream come true — collect the fingerprints of every citizen.
You know it will happen.
Re: (Score:2)
The FBI's dream come true — collect the fingerprints of every citizen.
You know it will happen.
or at least a thumb print.
Re: (Score:1)
Well...There won't be an official web API for *me* to get *your* fingerprint data.
I believe that hackers will find that API though.
Re: (Score:3)
Because the software doesn't know who is a thief and who is a legitimate user. It only track authentication errors.
It is probably legal but Apple has to be careful before implementing it especially if it is on by default.
For example, imagine you are drunk, you try to unlock your phone and fail (because you are drunk). The phone takes a picture of you and sends it to where you don't want drunk pictures of you to end up. If it is the default behavior, I think you can claim some invasion of privacy.
chain of custody (Score:2)
Apple may have to come very clean about how this works or it may not hold up in court.
Re: (Score:2)
Apple may have to come very clean about how this works or it may not hold up in court.
I doubt it is intended to hold up in court. More likely the idea is to provide the phone's owner (perhaps in conjunction with the police) with information about who took their phone, so that they then know where to look to find more solid evidence.
Re: (Score:2)
Well it's interesting since the iDevices don't store a fingerprint. They store a hash of the results of a fingerprint sensor. It's not like they can reconstruct a real fingerprint and send it to the FBI. For it to be useful in a forensic sense it the perp would have to put her finger on an 'Apple fingerprint hash device' whose internals were open enough to satisfy a well heeled defense team and Apple use the device to say this person was or was not the person who fingered the phone at a certain time. S
Re: chain of custody (Score:2)
Probably isn't intended for individual thefts. Instead it'd be an interesting way to associate a single individual with a large number of thefts.
Also if that individual has his own iPhone, they can compare the hashes and tell the FBI who has likely been pickpocketing folks at the such and such venue. Then they can just trail him and catch him in the act, or use it as probable cause to do a search of the location the phone is currently in.
It could also be interesting to assume the "thief" is acting in good f
Re: (Score:1)
This is *really* fuzzy. This means there's a private company gathering fingerprint data without the consent of the people whose fingerprints they're gathering.
Imagine this: you friend gives you his iPhone to hold for a second while he does something, and your finger is read by the Touch ID system. This means Apple now has your biometric data without your consent and your options to make sure it's deleted and/or not misused are very limited.
The adoption of this type of system would mean a lot of legal troubl
Re: (Score:1)
This is *really* fuzzy. This means there's a private company gathering fingerprint data without the consent of the people whose fingerprints they're gathering.
When you place you finger on the fingerprint scanner its consent.
Imagine this: you friend gives you his iPhone to hold for a second while he does something, and your finger is read by the Touch ID system.
You realize the Touch ID system is a special button at the bottom of the device? Not the touch screen? Someone holding the phone with a finger over the Touch ID is pretty far fetched.
The touch ID sensor is also the "home" button. Putting you finger on it is all but assured during normal operation of the device.
Re: (Score:2)
During normal operation of the device, it's not scanning fingerprints. It's only when it's locked.
Re: (Score:1)
TFA doesn't say why this would be legally fuzzy.
Your 14 year old daughter tries to answer a text while changing out of her bathing suite at the pool, because her fingers are prune-ey the phone doesn't recognise her finger print so it snaps a photo of her and uploads it to your family iCloud account so you can identify the "thief" and because she was in a state of undress at the time you're now guilty of having kiddy porn on your iCloud account.
Re: (Score:2)
I didn't find that in TFA.
Re: (Score:1)
10Kva? 10,000 VoltAmps eh? Quite shocking if the voltage is high enough. Somehow I think that starting with a 3.3V battery you are going to struggle to get 10Kva for more than a very short time.... Which is likely not to actually "kill" anything but the phone...
It's amps, not volts that kill you BTW, and you are going to need to apply a LOT of energy to some hapless thief's thumb to kill them. So if you crank up the voltage to say 10K Volts AC and can deliver 1 amp for a millisecond, you can shock them
Re: (Score:2)
You can get a decent jolt with just a 3.3v battery and a transformer (like the kind found in radios, camera flash, etc.) It won't kill you, but if you aren't expecting it and are already in a tense state (like one might be while escaping after robbing somebody) it'll probably make you panic for a bit and make you drop what you're doing.
Re: (Score:2)
Now you've cracked the glass screen.
Oh. Wait.
Re: (Score:2)
Re: (Score:2)
https://www.youtube.com/watch?... [youtube.com]
Why do I feel like (Score:5, Insightful)
this will just be used to collect biometric data of anyone who touches the phone and then be coupled later with other data to mine for ad scum and other equally vile and nefarious purposes?
I think it's interesting that Tim Cook comes out as some big privacy advocate but iDevices have unique advertiser ids and they're doing shit like this. It's more like who-can-be-most-evil-first race to the bottom of totalitarian turn key nightmare waiting to happen.
Re:Why do I feel like (Score:5, Informative)
Oh, you mean the unique Advertising Identifier that's in every iOS device? Yes, that one that you can reset at any time?
https://support.apple.com/en-a... [apple.com]
Re: (Score:1)
Run a script to spam resets. Try and overrun their history field. Best case scenario crashes the database.
Re: (Score:3)
Is there an app to reset it every 5 seconds?
Re: Why do I feel like (Score:3, Insightful)
Re:Why do I feel like (Score:5, Insightful)
Voice prints, logs, text, images, remote mic on, gps, facial recognition and now fingerprints. Ready in a nice gov spy app from any local contractor.
Parallel construction will never be more easy to get unexpected fingerprints from any user on any cell phone connected.
It will all be sold as security for the consumer, the national security part been hidden deep in the fine print again.
- Why do you keep so many of my biometrics? (Score:3)
Re: (Score:2)
It might be illegal in the EU, due to data protection laws. The police have specific exemptions for collecting evidence, but Apple doesn't.
Re: (Score:3)
It's scary. National governments aren't allowed to collect data on us and spy on us (legally at least, we all know they do illegally behind our backs), but private corporations are allowed to collect data on us and spy on us all they want.
At some point there will have to be some major consumer rights movement to protect from this. The data collected on us doesn't just exist on the websites of whoever collects it, but also in the Russian hackers cloud storage, and everyone they sell their information to.
ok. which one of you kids messed with my phone? (Score:3)
Old Software (Score:1)
So, since those little utilities of the 90s and 00s that used your web cam to snap a picture whenever someone logged in and/or every X minutes of computer usage weren't designed for cell phones, Apple is allowed to patent the same thing but on a mobile device.
That's not a brilliant idea (Score:3)
How is this deserving of a patent? It's blindingly obvious to use the sensors available on a device to do their job? And activating the sensors has been done before, like activating a camera remotely [smh.com.au] or the feature built-in to phones now to get the GPS remotely. As soon as I heard about them adding fingerprint sensors to phones I immediately about how useful it would be to get the fingerprints of thieves.
Well, the police aren't doing it. (Score:1)
My dad's house just got robed a few weeks ago, some idiot stole some electronics and vandalized the place, the police told him there wasn't time or manpower to look for fingerprints. My dad found a good set around a door frame and photographed it himself, they told him they were not interested in pursuing the case because there were murders and drug cases much more important.
The FBI said if there wasn't anything stollen more than $50k, they wouldn't do anything.
He's a retired ex-vietnam vet now with a vende
Re: (Score:2)
Actually, I can presume anything I want about anyone I want. I just can't act on it. That's when the evidence has to be presented to a court (usually via law enforcement authorities, but that's not a hard and fast rule). The court can then issue warrants, if they believe the evidence constitutes sufficient justification for further investigation or arrest.
I have security cameras on the front of my house. They snap pictures of everything that passes in front of them. Should a burglary of my house or the nei
A perfect example of something unpatentable. (Score:2)
Given the idea (which is old) 'wouldn't it be nice to be able to find people who steal phones' - the idea of 'let's use all the sensors in the phone to do so' is what occurs to anyone with the tiniest modicum of a clue in under a second.
http://wiki.openmoko.org/wiki/... [openmoko.org]
http://wiki.maemo.org/User:Mar... [maemo.org]
'What's working
Geolocation info
Network info
Take screenshot
List of running programs '
Are just
Anyone taping off their phone cameras already? (Score:2)
There have been several articles on /. about high-profile people taping off [slashdot.org] their laptop cameras [slashdot.org] as they're afraid of it being switched on without them knowing, recording whatever they're doing.
Laptop cameras have an LED to indicate they're active - some may be circumvented and switched on without triggering that indicator, sure, but not all and it's not that easy. Mobile phone cameras don't even have such an LED, there is no way to see when I look at my phone whether a camera is active or not. A camera, as
Re: (Score:2)
#whatcouldpossiblygowrong (Score:2)
WTF fingerprint reader design flaw? (Score:1)
I thought most fingerprint readers were by design not supposed to reveal a whole fingerprint image, only representative data for matching purposes (whorl/junction info). For legal purposes, don't they need to capture the true fingerprint image though, for later unimpeded matching? Otherwise the only way to match thief to data would be to have an iDevice ID machine at a police station for the perp to swipe prints with to see if the data matches. Unless Apple is offering to pregenerate their data from FBI fin
Hell, no! (Score:1)
Toxic devices (Score:1)
It's super-nice of Apple (Score:2)
Good (Score:2)
I don't think that such a feature would have a great impact on how many stolen iPhones are recovered; however, it may reduce the number of stolen ones.
wrong finger (Score:1)
Cerberus for Android (Score:2)
Cerberus (and probably others) has had the ability to take a photo on failed auth for at least a few years, and if I remember correctly, it's configurable as to how many auth attempts it takes before it snaps a photo.
Have you been messing with siri again? (Score:1)
Oh the jokes could just roll on and on with this one.