> Now companies are turning the security against users, lest they also be attackers.
This has always been the case, has it not? Modern security practices seem to operate under the assumption that the attacker can do almost anything the user can except sniff the password out of the user's head.
I think that's a reasonable model to work under. Building a platform that makes it a near-guarantee that the only way to unlock a computer is to be in the user's brain is a commendable security model, and the fact that Apple is executing it so seamlessly (i.e. with minimal user interaction) is honestly incredible. Gone are the days when you need to jump through hoops for security. It's democratized and available to everyone.
I would say that this is amazing for freedom. You could ask for little more than for every citizen to have state-of-the-art security.
---
Of course, vote with your wallet. If you don't like DRM content, don't get it. If you like the T2 chip and need a new laptop, get a Mac. No one is depriving you of choice, here.
They even go beyond the assumption of sniffing passwords from users head on the iPhone.
Thanks to the face/fingerprint reader, most people are incapable of divulging their pin/password to someone claiming to be the county password inspector.
While in an absolute/legal sense it’s less secure, for day to day use by most people it’s more secure as there is no password for someone to watch you enter, or socialy compel you to give them.
> Don't know about face id, but with finger ID you certainly need to know the pin number for all the cases that finger ID doesn't work.
This is the case with Face ID as well. I use my PIN more with Face ID than I did with Touch ID.
> More than that, it's easier for a security guard to point the phone at your face / push your thumb on the sensor than get you to reveal a passcode
It's fairly easy to discreetly disable, FWIW. Just "squeeze" your phone for two seconds (i.e. press the power button and either volume button) to disable Face ID. It also won't work if you're looking away or have your eyes closed.
This has always been the case, has it not? Modern security practices seem to operate under the assumption that the attacker can do almost anything the user can except sniff the password out of the user's head.
I think that's a reasonable model to work under. Building a platform that makes it a near-guarantee that the only way to unlock a computer is to be in the user's brain is a commendable security model, and the fact that Apple is executing it so seamlessly (i.e. with minimal user interaction) is honestly incredible. Gone are the days when you need to jump through hoops for security. It's democratized and available to everyone.
I would say that this is amazing for freedom. You could ask for little more than for every citizen to have state-of-the-art security.
---
Of course, vote with your wallet. If you don't like DRM content, don't get it. If you like the T2 chip and need a new laptop, get a Mac. No one is depriving you of choice, here.