Now that we have to consider the iPhones to be backdoored by the NSA, I wonder whether I really want to give them my fingerprint together with the rest of my data. I'm also not so sure whether a fingerprint can't still be easily faked (like it was possible on that Mythbusters episode for example).
Personally, I think I'd rather stay with my passcode.
Did you btw know that you can turn off "simple passcode" and then use a purely numeric longer passcode? In that case the iPhone will still show the big easy-to-hit numeric keyboard allowing you to type in the arbitrary length numeric code.
Yes. It's not as safe as a long alphanumeric password, but this gets annoying SO quickly, I'd rather type in my 8 digits.
For those who want to believe it, I doubt there is any amount of information that could ever be released to convince them that the NSA isn't spying on people anymore.
I'm not snarking at all. I'm observing that comments about the NSA are entirely apropos given the current climate we live in. Yes, you're right, at this point, it would take something extremely radical to convince us that the NSA isn't spying on us anymore. Therefore, we should expect comments about the NSA and spying to become a part of the common dialog regarding technology and personal information. Asking them to go away is just asking people to stick their head in the sand and ignore it.
The comments will go away when the issue goes away. The issue isn't going to go away. Therefore, don't expect the comments to, either. Welcome to the world we now live in.
But you are accomplishing absolutely nothing here. Being annoying and ineffective doesn't help your cause. Do you know that Jesus loves you and he wants to save your soul?
You might as we'll be discussing religion or politics here. This is not the place. I heard your warning the first ten times.
We're talking about it, aren't we? We haven't forgotten this issue, distracted like children by the latest shiny toy. Even in the face of the things that traditionally kill news stories, we're talking about it.
Change starts by making enough people aware of and angry about the issue that the politicians can't afford to support these programs any more. If we're just distracted the next time $TECH_TOY or $NATURAL_DISASTER comes along, then nothing at all will change.
I don't particularly care if people find my anger at the NSA's systemic intrusion of our privacy annoying. I care more about that particular issue than I do what a random person on the internet whom I've never met might think of me. I care more about keeping you talking about the issue than I do about you liking me.
No, we aren't talking about anything. The original comment speculates that the NSA has a backdoor into every iPhone, and uses that as the foundation for a comment about whether it's a good idea to store a copy of your fingerprint locally on the device.
There is no new information about the NSA there. Just more speculation.
If you are in Europe then you may have better enforced laws protecting you. If you are in Africa your government might not have the expertise and resources to spy on you. If you are in China, well...
Ok, I kinda misunderstood the GP's point, but even then, as Europeans our governments still have gone some lengths in protecting Europeans' privacy.
For instance, something in the safe-harbor blabla says citizen data handled by public angencies in Europe is not allowed to go through US nor, obviously, to be stored in the US. This rule is not new: in my previous job we had to ditch gmail and gapps in order to comply, and it was f*ing painful.
Oh brother. We care about legitimate privacy issues but now you are suggesting that becoming the equivalent of the Westboro Baptist Church on these matters will somehow be effective.
It won't.
The adolescent libertarian smell combined with semi-hysterical, semi-supported outrage on this issue is rapidly beginning to stink.
Sigh. I'm not advocating in any way for being obnoxious douchecanoes for the sake of desperately screaming for airtime. I'm saying that this is an important issue related to the topic of discussion, and that I'm not going to let the fact that talking about it annoys some people dissuade me from talking about it.
We know that the NSA has their hooks into US hardware and software vendors. At this point, it's difficult to trust the promises that US-based companies make about security and privacy because we know that they're being compelled to lie. That's an extremely important variable in the discussion of a new piece of internet-connected hardware that collects biometrics. Dismissing discussion of it as "annoying" is juvenile and myopic.
Talking about privacy implications of a new device in a discussion about said new device is now the equivalent of picketing the funerals of soldiers because you don't like gay people?
I am a fan of hyperbole, but at least keep it coherent... At the very least, cheald is on topic while they are notoriously not.
You called discussing the NSA spying on everyone, subverting the American system as well as the faith in the constitution similar to evangelising that Jesus loves you?
Wow - that has to be hands down the absolute most ignorant, ridiculous and bullshit comment I have ever read on HN.
This is The Best place to be talking about the National Security Agency Technologically spying on everyone, building in parallel infra and forcing the biggest tech companies in the world via court gags and threats to providing them with access to encrypted user data.
Your comment is mind-boggling, to me, how you could even think this is not the place!
He did no such thing. Making a passing reference to the NSA whenever remotely possible is not discussion, let alone action. Perhaps we could leave such talk to the submissions that are actually about the NSA? Believe it or not, many of us are already familliar with the topic; as we are of Jesus.
I don't think that this was a passing reference - a passing reference would have been him saying "I wonder if the NSA can read my text messages on this phone" when texting is an expected feature on any modern phone.
Fingerprint scanners are not yet prevalent in modern smartphones, and fingerprints are one of the primary ways that law enforcement can trace / track individuals. If the NSA, which has already been shown to have backdoors into Apple's systems, was able to access fingerprint data on a massive scale, this would be a massive affront to privacy for millions of users around the world.
pilif's comment was absolutely relevant to discussion of the iPhone 5S launch, as one of the phone's primary new features has the potential to be a massive security and privacy breach given information we've recently learned regarding Apple's close relationship with the NSA.
>But you are accomplishing absolutely nothing here. Being annoying and ineffective doesn't help your cause. Do you know that Jesus loves you and he wants to save your soul?
To quote him. Please explain how he "did no such thing"
He's talking about this submission, not this site. There are dozens and dozens of other submissions where NSA discussion is more on-topic, and anybody here is free to submit their own article on the topic for discussion. That way, people that want to discuss the NSA at that moment can do so, and people that want to talk about something else can do so, too.
To put it another way: the problem is not the topic. It's the tactic of derailing every other topic that people want to talk about just because you think something else is too important to be ignored. That tactic, as well-intended as it might be, has a history of driving good users away from once-good fora precisely because it's so annoying to not be able to talk about anything else.
How is it not on-topic to discuss NSA surveillance in a discussion about one of the world's most popular internet-connected devices collecting biometric data under the control of a large American corporation?
It is becoming crystal clear that people really do not understand how important this issue is, the degree to which it permeates this industry and how farked we are if we cannot begin to understand the foundational position we require in order to change it.
Thank you for your succinct statement, I have very little faith we will get through this any time soon given the reaction I see on HN, Reddit and other sites where the most seemingly qualified among us to do anything cannot even comprehend how pernicious this problem is.
With all due respect, howling "snark" is at least as annoying and creating at least as much noise. Think about that for a while. There are up and down arrows for expressing your discontent. Everything else--including this--is noise, not signal.
And yet, the OP's comment is the top-voted comment in the thread, which would indicate the the democratic consensus of the HN readership is that this is worth talking about.
Well now you are backtracking into a semi-legitimate interpretation of your comment as not snarky. If you didn't mean to snark you could have just originally said
"We should expect comments about the NSA and spying to become a part of the common dialog regarding technology and personal information. Asking them to go away is just asking people to stick their head in the sand and ignore it."
That is a useful comment that would further the discussion. So I will now respond to that, since I don't want to debate what snark means.
I don't mind useful or constructive comments about technology and the NSA, but most of the comments I see are very reactionary and misinformed and painfully naiive. They are similar to all the old comments on stories about Microsoft where people would say things like "Micro$oft is obviously evil" and such.
So if a comment is interesting and useful, and happens to be about the NSA, then great. I haven't seen many of those.
I chose brevity, and can see how it would be interpreted as snark. I wasn't aiming for that, but it was a simple question that deserved a simple answer, IMO.
> I don't mind useful or constructive comments about technology and the NSA, but most of the comments I see are very reactionary and misinformed and painfully naiive.
Perhaps our energy would be better spent pointing out why these comments are naiive and misinformed, rather than discussing whether they're worth saying at all, then?
The security and related technological implications of the device seem relevant to any potential user and completely on topic to me. Agree it's unfortunate that battery life, form factor etc are overshadowed by recent revelations, and regrettable that Apple chose such a tasteless feature in the circumstances.
Comments about the virtue of weight and thinness never go away, are they helpful? Comments about the importance of good UI design never go away, are they helpful? Comments about IT security never go away, are they helpful? Comments about performance never go away, are they helpful? Comments about the importance of battery life never go away, are they helpful? Comments about privacy never go away, are they helpful?
The answer to all of the above, if we assume that talking about a product is 'helpful' to begin with, is "Yes." Privacy is simply something that people are going to consider and discuss from now on. There is no reason we should treat it differently from the other things we consider.
Most of those topics are not sidelined by "everything they tell us is a lie and should be replaced by uninformed speculation." If we're discussing the importance of battery life, a comment such as "How do we know they aren't lying? Maybe the new iPhone doesn't even have a battery and requires you to turn a hand crank." is not helpful.
You know what I like? Talking about tech stuff on tech sites. You know what I don't like? Random NSA comments on anything that has to do with some device which operates on electricity.
Now you're making a suggestion that somehow people simply "want to believe it," as if we're wandering around with tinfoil hats muttering on street corners.
At this point, the overwhelming evidence is that we are being spied upon at a scale never seen before in history. Legal checks and balances such as search warrants are consider inconveniences to be routed around with border confiscations.
I would begin to believe things are changing when I see officials on both sides of the Canada-US border going to jail--yes, jail--for things like spying on their ex-spouses or for routing around search warrants.
But they are! And this is a very important issue to be dealt with. I'm very disappointed by all the companies and all governments involved, and I earn money writing iOS and cloud-applications. And I understand it's bad for business, but the issue is too important to be ignored.
The new iPhone will have an option to store your fingerprint. This has EVERYTHING to do with the NSA. It is highly relevant. How can you be so blind and not see it?
Sarcastic or not, it's an important point. You are giving up a significant attribute of your identity to the protection of a US technology company. Whether that bothers you (or not) depends on how much you value your privacy.
If they don't already have your fingerprints on file, which depending on where you live happens as a kid in case you go missing, get a drivers license, etc.
If the NSA wants to target you specifically, you're fucked no matter what unless you move to a cave. No point in being needlessly worried. I'm more worried about this causing someone to cut off my finger while stealing my phone than I am the NSA coming after me.
You know what? Neither are derisive comments that imply the NSA is not, in fact, violating our privacy. You'd have to be out of your goddamned mind to actually think they've stopped.
> For those who want to believe it, I doubt there is any amount of information that could ever be released to convince them that the NSA isn't spying on people anymore.
The NSA is a spy agency, of course they are spying on people. Unless the NSA ceases to exist it will spy on people. They are not actively trying to claim otherwise (only that they try really hard to only spy on people who are in someway connected to someone who is not an American or has been designated dangerous).
Please stop using snark. Use snide, sarcastic, or cynical instead. Snark is a word that's better off being forgotten in some dictionary of colloquial terms.
"Snark" means "snide remark" and is absolutely not an HNism. Hell, I think I learned it from my mother (who no doubt used it at me). Despite heavy use, the word retains clear meaning, even as used by stanleydrew above in his otherwise foolish comment.
MORE snark? I think a case could be made that the comment you responded to was snarky, but just barely. The comment several levels up that was the first labeled as snarky is one I just can't see being such.
We take for gospel that the NSA is spying on everyone in the world via every hardware device that has been created in the USA because of a few powerpoint slides. Interesting.
Wow. Sounds like somebody isn't paying enough attention.
> In one case, after the government learned that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped, someone familiar with the request told The Times.
> At Microsoft, as The Guardian has reported, the N.S.A. worked with company officials to get pre-encryption access to Microsoft’s most popular services, including Outlook e-mail, Skype Internet phone calls and chats, and SkyDrive, the company’s cloud storage service.
Please do your duty as a human being and read more.
When the NSA themselves is calling Apple "Big Brother" and the consumers "Zombies" -- then its damn hard to not be pretty worried about their capabilities.
Yes. There is zero evidence of any type of NSA backdooring your iPhone nonsense. It would be great to read HN (where I thought we were more technically inclined than the rest of the net) for a day without unfounded nonsensical claims.
This isn't just some random tinfoilhat idea that came out of nowhere. Remember CarrierIQ on Android? The NSA is real, the tinfoil-hats have been validated whether you believe it or not. From the NSA's point of view, having everyone's fingerprint on file would be fantastic and we know they have the power to force Apple to cooperate.
In fact, I'm just assuming that's what will happen so now I'll be careful about borrowing anyone's iPhone. Everything about tech is going to be cross-examined with potential(read: definite future) data gathering usage by the NSA.
Yes, it is simply inconceivable that hard evidence of the activities of a spy agency might not be forthcoming...
We are dealing with the realm of speculation, but it is not speculation fueled by some sort of tinfoil hatted lunacy. With the role that smartphones fill in peoples' lives today, you are just going to have to come to grips with the fact that, going forward, some people are going to consider the privacy of new devices to be very relevant, and well worth discussing. Don't be surprised when people error on the side of caution.
You want to talk about battery life and color? Well I want to talk about display DPI and privacy. Learn to cope.
> In one case, after the government learned that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped, someone familiar with the request told The Times.
I know that you already dismiss the global surveillance from the NSA and other agencies because of your earlier comment "of a few powerpoint slides."
That leads me to believe that you're either part of an organization that's subverting the internet and assisting the NSA or you're willfully ignorant.
Fact is, your other comments point that you have not well-researched the situation.
Every week there's a new revelation of just how deep the surveillance really is-- not just "metadata" but ALL data is being collected. The NSA hacks into companies, pays off others for cooperation. Backdoors. Broken encryption. It's all there out in the open thanks to the documents that have been leaked.
You do harm to the liberty of others by dismissing these facts.
> because of your earlier comment "of a few powerpoint slides."
> It's all there out in the open thanks to the documents that have been leaked.
You dismiss his point that unsubstantiated documents is largely the source of all this speculation and then you remake a bunch of unsubstantiated claims, saying they are all proved by the aforementioned documents.
I think the point is that not everything people say is supported by the available documents, not that the documents aren't real. Moreover, not everything reported by the press is backed up by a document that we can go and read. Even your quote sites "someone familiar with the request", not a document leaked by Snowden.
That is to say: there are some things that we know and are verified (e.g. that there is a program, called PRISM, etc.) but other things where there's a lot of speculation, but less or no verification (e.g. that the iPhone is backdoored.)
Some of us like to distinguish between these things. Some of us don't. It doesn't help to call people names over it, though.
Backdooring iPhones does sound fantasical but that is not the only means your fingerprint data could conceivably make its way beyond your iPhone. I like that my fingerprint data is on precisely no computer anywhere. You don't have to be a massive conspiracy theory nut to feel slightly uneasy recording your fingerprint on anything.
So is the parent comment. A few PowerPoint slides doesn't warrant any ridiculous comments about the NSA backdooring your phone. It would be great if HN could stop with the NSA is everywhere-all-the-time-in-everything meme for a while, it would make reading the comments here much more relevant.
I guess if you want to constantly complain about the NSA spying on you, you are entitled. However, some of us have had enough of the complaining. After all, you're probably going to be doing it for the rest of your life. I'd rather not spend mine listening to it. So, can we clearly tag a thread as NSA rant, so those of us who don't want to hear it ad nauseam, we can skip the rehash.
This is the exact sort of attitude that has permitted us to get to the point where we even have to have a conversation about the government being engaged in massively intrusive spying programs. "I don't want to hear your whining about it" is a means of condoning these actions through silence. You are a part of the problem.
If you can comprehend what is going on here, you should be loud and obnoxious about it. Get people talking. Make it the focus and refuse to give up that focus. The only way this is going to change is to get so many people angry about it that it becomes more politically advantageous to oppose than support it. If you get angry about hearing about it, then I'll take that - you now have an incentive to help get it changed so people will shut up about it.
Essentially, you are asking me to discuss my politics here, where I draw the line, etc in a thread about the iPhone 5s. I know where you stand. I heard you the first ten times.
I'm not trying to stop you from having the discussion. Can you just label the thread "NSA can get your fingerprints off that iPhone 5S" and have at it. There is a time and a place for everything. Everyone here has heard about the NSA situation by now. The word is out.
> Essentially, you are asking me to discuss my politics here, where I draw the line, etc in a thread about the iPhone 5s.
Nope. I'm just asking you to not ask others to not discuss their politics. You're more than welcome to not participate in the conversation if it's not useful to you.
Sorry, you aren't going to change anyone's political opinions by yelling louder. There are plenty of people who are comfortable with the NSA, as well as plenty of people are not.
We really can't discuss the finer points here because no matter how polite I am, I will simply get voted down for not agreeing with the HN politics. By the way, recently I heard a few tech heavy-weights come out in favor of the NSA (e.g. Larry Ellison, Max Levchin).
Clearly other people feel the same way, since it is being upvoted. And if you don't care for reading NSA-related comments, either moderate his posts (outside of your jurisdiction, I'm guessing) or I suppose you'll have to deal with it by collapsing his threads with any number of HN plugins that exist.
Never. The claim that the NSA has infiltrated everything has the right amount of truthiness, and pushes all the right buttons, to give the HN/nerd crowd such a sense of unified culture, justness of cause, and "us v. them"-ness that it literally can never be replaced now. It's like asking when Christianity will finally get over this Jesus fellow and his crucifixion. That is the cause that transformed a bunch of heretical Jews into Christians.
HN, similarly, is just going to be the place where a bunch of libertarian-leaning programmers became, from my perspective, conspiracy theorists. But more charitably, maybe, we can say they are now radically opposed to government invasion of privacy.
The Snowden revelation, whatever you think of it, has been one of those events which divides time into before and after for this crowd.
I don't see how this is snarky. We know that data is being scooped up in an opportunistic manner. It would be foolish to not consider the security implications when deciding which devices/technology to adopt.
Urgh. When do we get to the point where I can read HN without comments complaining about very relevant NSA discussions being voted to the top?
It's foolish not to speculate on reasons why giving your thumbprint to a vendor may not be in your best interest. I'd much rather see the OP comment on the top of this discussion rather than some inane debate about whether the new phone is an incremental upgrade or an exciting evolution.
What was snarky about it? I hadn't properly considered that my fingerprint would likely end up with spy agencies if I used the new fingerprint service.
Hunch: it's got to do with the fact that anyone can upvote, not anyone can downvote, and there's a large enough audience that thinks every topic posted is fodder for the surveillance discussion (which isn't a stretch) and thinks that's the most important thing to upvote (IMO it's probably not, but welcome to democracy).
It is more than the NSA. Now I have to worry that other apps, services, and overall weak security on the iPhone will have my fingertips all over the place. If my phone is stolen, fingerprints gone. No thanks.
Probably a little while after the "Days since the last major NSA revelation about how deeply they are tracking everything we do and say even in 'private': __" sign has had a chance to increment to a significant time period. Right now it's more than a little distressing to have not seen the sign above single digits for what seems like a very long time.
I love how your comment about how noisey and pointless it is to mention the NSA on this post caused the entire comments section to become noise. I can't even find a non-NSA relevant post in this list.
Yes. And how exactly do we check this? Why is it that we can still trust Apple? For all we know, the data gets sent directly to the NSA or, if it doesn't, there might be some secret backdoor that will make the device send the data at a later point. The last round of leaks was specifically talking about backdoors with all bigger US companies in order to circumvent encryption.
That's what I means by "we have to consider the iPhones backdoored". Once you can't trust the device any more, all bets are off and thus we can't be sure that what Apple says they do with that fingerprint is what they actually are doing.
(edit: regarding jailbreaking, I seriously doubt that a sufficiently well-hidden backdoor would be found by a jailbreaker. Or have we found the backdoors in OSX or Windows yet? Since the latest leak, we know they are there)
This is incorrect - we do not know any particular products which are backdoored.
edit: Also, there is a difference between a subtle crypto vulnerability and sending data to a server that, according to the announcement, is designed to be protected in its own enclave and never sent anywhere. The latter would be far more obvious in the code and easier to spot.
Well, as a computer/network security professional, historically there are plenty examples of companies who have lied about the security of their systems (eg. "without your password, our flash drives cannot be decrypted" when in fact the key is not related to the password and stored in plaintext in a sector on the drive).
Which seems like the more likely covert NSA spy device? The iPhone fingerprint sensor that Apple prominently mentioned in a product launch or the hidden ATM fingerprint sensor that your bank says isn't there?
Well, you can't trust _any_ device if that's your line of thinking. Not an iPhone, not an Ubuntu phone, no device whatsoever. Not unless you've baked your own chips, or made some contraption running your software in parallel on different CPU architectures.
If you're going to do anything, including working on the computer you're typing your comments on, you have to trust a lot of parties. Some of that trust involves knowing who made the code, and some of it may involve the knowledge that the NSA will not be using their best, most secret backdoors against a whole lot of people.
If you don't trust the iPhone not to steal your fingerprints then you probably shouldn't own an iPhone -- fingerprint reader or not. I mean, that's sort of obvious, no?
What phone should you own instead? It seems like the only choice if you want to real privacy is to stop using a phone at all, but that's obviously unrealistic for many people.
Honestly, to effectively market this technology in today's waters, they have to say that it's kept local.
If they send out 8 bytes of your fingerprint data hidden in every picture you take (so your fingerprint can be regenerated by looking at your first 500 pictures) I doubt anyone will ever find it.
Makes me think of all these companies that your passwords are secure until one day, someone hacks their database and decrypts them. When confronted, the company says "But they were very secure, you should have mentioned that by 'secure' you meant "with one way encryption".
Am I understanding this correctly? What if the NSA went to Apple and said you have to get us access to everyone's fingerprints or you'll go to jail and other stuff, so Apple put a fingerprint scanner on the iPhone? It seems like a stretch to me.
How many webapps have encypted and stored their users password "only on their own servers", to later have them leaked via combination of exploit in 3rd party software that allowed the download of their DB and a little brute force?
Only difference on an iPhone is that there are literally 100s of thousand of apps that can possibly be exploited
In this case, the L2 cache is part of the A7, so that would be fair. I would guess this means it's also only stored in NVRAM local to the SOC and not persisted to the general flash filesystem.
I would guess they just tacked a bog-standard TPM chip into their SoC design. Biometric (fingerprint) sensors and TPM chips go together; see any enterprise-targeted laptop from the last five years.
Quite. It'll be a little hardware black box that nobody can see into, one that just gives a 'yes' or 'no' answer.
Additionally -- if things are like they used to be when I was in the biometrics world in the mid-90s -- the fingerprint template will be small and work like a one way hash; if you have the template you cannot reconstruct the fingerprint from it. It wouldn't really be very useful to the NSA or anyone else.
Serious question -- what is the big deal if someone gets your fingerprints? I can't think of the last time my fingerprint was used as some infallible method of identification, if ever. If the spooks want it, they already have it. I'd rather someone get their hands on my fingerprint than my passport, driver's license, and credit cards, and it seems much more difficult to steal than those things.
I think the fingerprint scanner is positioned not to be some indestructible lock like RSA or a safe-deposit box, but a reasonably decent deterrent like door locks and The Club. It seems to be at the same level of security as your iPhone passcode -- a well-equipped intruder can certainly get into your stuff, but your mom or a pickpocket won't be able to.
The problem is that I can't change my fingerprint. If it gets out by some third-party abusing the secret backdoor (or just abusing whatever other place you have your fingerprint stored), then they can potentially forge your fingerprint when committing a crime or when otherwise attempting to access resources you have access to.
When a third-party loses your password, you change it and life goes on (you are not reusing passwords, are you?). When a third-party loses your fingerprint, what do you do? Cut off your fingers? Grow a new hand?
Yes. The fingerprint information is supposed to be irreversibly hashed. But so are passwords. And yet we still see them being stored unencrypted. No. I'm very careful with my fingerprints.
Also, the data on my phone must be some of the most valuable data I have. When I lose my phone and you gain access, you immediately own all my online identities. My phone has SSH keys, it has the password to my Email account stored in its keychain (very handy for all these "I have forgotten my password" features on all the sites), it has my 2 factor authentication tokens - I can't even begin to imagine how bad it would be if somebody had access to my phone.
What does that even mean? You wear gloves in public all the time? You wipe down everything you touch?
Which makes me wonder, aren't one's finger prints all over your iPhone exterior anyway. If someone steals one's phone wouldn't it be easier to dust it for prints than crack the security on the digital copy?
Which makes me wonder, aren't one's finger prints all over your iPhone exterior anyway. If someone steals one's phone wouldn't it be easier to dust it for prints than crack the security on the digital copy?
Ding ding ding! We have a winner.
Almost as silly as not using a biometric logic because "what if they use a backdoor to get a photo of my face?"
Which makes the idea of a fingerprint reader on a phone somewhat nonsensical. Your password is all over the phone, and Mythbusters has proven how easy these are to fake.
Actually, it doesn't, because properly used biometric isn't a sole auth method. You want to use it coupled with at least a pin - then suddenly just looking over your shoulder isn't enough, you have to handle the phone carefully, or steal the fingerprints off your glass. That's more work, and makes it more costly and skill intensive. It's not impenetrable, but still quite efficient.
Good point. If it's two or more factors then the weakness of the fingerprint factor is not such a big deal. Is the iPhone 2 factor?
I think there is too much of an emphasis on using uniqueness for security. The idea is that if "It could only be you!" you are secure.
The sci-fi vision is a world where a fingerprint or retina scan is taken and that's it. There's no username needed, just the fingerprint itself is enough to confirm your identity. In reality, the idea of uniqueness for security actually would create security problems, because it removes the other factors involves, and biometric codes like fingerprint cannot be changed as needed (technically a fingerprint can be changed 9 times. A voice on the other hand cannot.)
An NFC tag/card/ring, seems much better to me, since these can be changed as needed and would be more difficult to hack than taking a fingerprint off the phone.
An armed thief could steal your ring or fob along with the phone, but they could also make you use your finger to unlock your phone for them. So I don't think that's really any added protection in that situation.
The thief that just grabs your phone off the counter or out of your pocket will have a much tougher time with the NFC tag than with the fingerprint.
This makes sense. However, the cops already have many peoples' fingerprints once they've been booked, and in general if someone wants your fingerprints they can usually get them. I think the question of fingerprint forgery is an important one but I would assume that in a real trial the evidence presented also considers the likelihood the fingerprints were forged.
That said, I can see how this could potentially dramatically increase the availability of public fingerprints if it were hacked. More importantly the fact you can't reset your fingerprint is something I overlooked. I do think that in general though anyone building a system that relies exclusively on a fingerprint as a highly hack-resistent security measure is foolhardy regardless of how prevalent fingerprint data is. In other words, your iPhone passcode isn't protecting your data anymore than your fingerprint if someone gets their hands on your phone, so I don't really see how this point is material to if it's a good idea to use fingerprints to unlock phones.
Simply publish your fingerprint somewhere - then if anyone uses it to impersonate you, it won't matter.
It's not quite the same with private keys because you can always generate some new keys and publicly revoke your key if it could have been compromised. Since you cannot regenerate your fingerprints and could have already lost them, simply revoke them up front.
In the country where I live (Switzerland), getting a drivers license thankfully does not involve somebody taking your fingerprint. Also, public transportation here rules to such an extent that not even having a drivers license is a perfectly valid option. I don't have one for example.
My passport also is one of the last ones you could get without it containing any biometric data.
As such, I'm reasonably sure that no third-party ever had access to my fingerprint. And I'd love for it to stay like this (see my parent comment for the reasons why)
Why do you care if anybody gets your fingerprint, if you have already decided nobody can be trusted with your fingerprint and thus will never trust fingerprint based authentication? Once you are at that point, it's like your eye color or something. I don't care if other people get my eye color, because I will never use it to authenticate.
I'd hypothesise it's more likely somebody will use your fingerprint to identify you than your eye colour. For example, at a crime scene if your fingerprints are found you can hardly say "oh, I don't trust my fingerprint so I won't authenticate with it, ignore that" - like it or not, it's seen as being at least something to investigate. On the flip side I imagine a witness who reports only "green eyes" won't have their case followed for very long.
Not the OP, but think a about it this way: your fingerprint is now in a central database backed-up by lots of processing power so someone can match it pretty quickly and, all of a sudden, you realize you can no longer commit anything "bad", ever, because "they" may catch you based on the data they have about you.
And to someone who may ask me "why would you want the freedom to do something bad?" I'll answer that three of the biggest monotheistic religions are based on a guy a girl who were allowed to do bad things (Adam and Eve). I'm agnostic myself but I find it pretty self-explanatory nevertheless , you just can't impose the lack of free-will on people.
But pragmatically, the more data they have, the more likely you are to show up as a false positive. Worst case; you handle something in a hardware store and it's later made into a bomb by a third party. You're going to need a solid alibi for that one.
Or you get placed at the scene of a protest even though you weren't present for it. Now you're on the terrorist list.
Additionally they can catch you more easily for victimless crimes, like if your fingerprints are on a bong they collect. I figure it's easy enough for them to stick you with a felony even without actively helping them get more data. So I'm trying to minimize the felonies I can be stuck with.
I don't agree with the fear, I'm just saying it's more likely somebody can be nefarious with your fingerprints than other things, regardless of whether you personally authenticate with them. For what it's worth, I don't agree there's an issue - I just don't think it's reasonable to compare fingeprints and eye colour.
It could depend on the state, but in America a driver's license is basically the de-facto form of ID. So, sometime back in the 50's or something, I believe fingerprints started to be taken as part of getting your license so that your fingerprints could be traced back to you for crime purposes. Similar to how in some states when you purchase a firearm, you are required to give the state a spent shell so that the state has a record of the "ballistic fingerprint" of your firearm.
The problem I see is that if they have a copy of your fingerprint, and then their computer says that matches a crime of sorts, what do you do then? You have to consider the false positives.
I don't have fingerprints. A large part of the world population doesn't have readable prints. What now? People on blood thinners, elderly people, Asians, women all have less distinctive prints. I don't have prints due to psoriasis.
Saying that fingerprints are a bad biometric because some people can't use them is like saying escalators are a bad idea because some people can't use them.
They might be a bad biometric but it's not because they aren't universally available to everyone.
When it's used as a gate, it is an issue. It took the Seattle PD and whatever agency actually issues civilian CAC (HSPD-12) a long, long time to get enough prints to allow me access to do my job. Both eventually had to accept three very partial prints as evidence.
The Feds have had my fingerprints for 8 years, because of a foreign adoption. In fact, they have two versions because my first fingerprints "expired" because it took so long for the adoption to happen. So they have an extra $800 from us-- Thanks USA! (tm).
Plus, as others have mentioned below, most conceal carry firearm permits will require it, at least here in Illinois.
So, the govt. already knows that I'm a registered Republican, they have my fingerprints (twice), they know I have a FOID (Firearm ID in Illinois), they know my travel patterns (via airlines, gas stations, etc).
I think the last of my worries is some fingerprint scanner on a smartphone. At least I won't have to type in my PIN to unlock it while driving...
Exactly. I've already had to give my fingerprint numerous times at the airport just to enter the United States. I figure the US government must already have it in numerous databases, so it's not a concern if they've backdoored Apple's devices to copy them again.
My question: Is digitized fingerprint information gathered from a given device useful? As in, could you run the prints gathered from an iPhone against, say, a DMV database? My intuition tells me that you couldn't. And that would gravely limit their utility value to the government.
My guess is that if the sensor works as well as they claim, including 360 degree orientation, it has to store a pretty complete profile of the fingerprint.
In my state, you're required to have the State Police add a digital scan of your fingerprints to the FBI database when you apply for a handgun license.
This is just another iteration of the "I have nothing to hide" argument, but now you're making it with f-ing fingerprints? Get a clue, nobody needs to have this argument again.
It is most certainly not a "I have nothing to hide" argument. It is a "what exactly is the value of a fingerprint in terms of identity theft?" It's a question of how dangerous, really, would access to the world's fingerprints be for a nefarious hacker. I'm not asking to be facetious, I honestly don't know the real answer relative to more standard security measures like passwords.
The same argument can be had for any individual piece of information. It's the amalgamation of all your personal data into the digital system of the internet that's dangerous, so it doesn't really tell us anything significant if your fingerprint by itself is valuable.
So use a passcode - the fingerprint feature is optional. That said, I doubt they are doing anything nefarious with it - if it eventually leaked that fingerprints were being sent to the NSA, the cost to Apple would be incalculable. I would bet, or at least hope, that Apple has designed the hardware involved to be subpoena proof - meaning that the design would make it impossible to remotely collect fingerprints even if a court ordered them to initiate efforts to do so.
So here is where "meta data" and direct access to app info gets really interesting.
Firstly - the NSA has no need to be able to access the fingerprint. The fact that the fingerprint is your passcode barometrically ties you to the device, without a doubt, and makes the meta data all that much more accurate.
What we know is that the NSA has complete upstream dominance, direct and indirect access to company data and extremely powerful correlation tools.
With the features of the 5S' "always on motion sensors, tied to health apps - they basically can construct not only WHO, WHERE, HOW, WHEN, you do something, they'd be able to go as far to be able to develop a "health number" into that dossier.
The fact of the matter is that while the Apple product is a nice shiny thing - and sure - as a phone and a tech, I'd love to use it -- but the data it produces about its users is 100% transparent to the NSA, based on everything we have seen so far. And more egregious; the fact that the NSA unabashedly abuses this access and does construct elaborate pictures of your behaviour then SHARES this with other agencies.
The passcode and fingerprint only serve to prevent the data the NSA IS collecting from being wrongly attributed to another human body.
The only new scenario I can think of here is if your fingerprint happens to be the same as some bad person - either by coincidence or an error in the scan. This could get you some unwanted attention.
Do you believe disabling the reader in a software-setting is enough to be sure it's not working? I don't. With all these NSA concerns going about, having a hardware fingerprint-reader on your smartphone that you can't avoid touching is something to think about.
Actually, random banknotes can usually be traced to a specific person, so any DNA traces could probably be linked - there have been experiments that show that majority of non-tiny banknotes are [A] put in ATM [B] given out to a known person; [C] given to a shop/vendor; [D] retrieved by the bank. So, given multiple banknotes, they could reasonably list the identities of people who shopped in that shop, simply by looking at the banknote serial numbers.
That I can understand, but it's "approximate" info on a banknote that probably has a couple of fingerprints. Even if the store had a video-camera, it's gonna be a bit tough to figure out exactly who gave a given $20 bill to the cashier. And since this person is using cash and not a creditcard, all they got is a (usually bad-quality) store-cam of someone that they think is the one who handed a given $20 bill to the cashier... meh, that's pretty fuzzy. Even if I told the FBI that I'm going to the mall and I will spend a $20 bill this Saturday, I think it would still be exceedingly difficult to find the exact bill unless they were tailing me the whole time. In which case I've already been located & identified by the FBI as a person-of-interest within their physical reach, so I'm already as good as dead.
They undoubtedly have the fingerprints of any American they care to (hell, they got mine during 4th grade when a police officer came to our school to "teach us about fingerprinting"). However iPhones are of course used throughout the world...
Even ignoring the specific issue of fingerprints, which I am not convinced is a major concern, the widespread use gives numerous other reasons for pause.
you accidentally touch it one time without cover - done. And all the stores where people come and try the devices... (personally as an immigrant i already have my fingerprints on file, so i have nothing to worry about, it is just very amusing to see how another couple of billions would be gathered as well once Android phones replicate the feature :)
the same statement about "not providing direct access" will get them off easily like it already did for them and Google/FB/etc in case of the rest of personal information.
I'd say it would be negligent on the part of NSA to not use such a convenient source of fingerprints of "foreign" persons :)
>at least hope, that Apple has designed the hardware involved to be subpoena proof
why would a corporation intentionally do it? Conspiracy of obstruction of [future] justice comes to mind.
Obstruction of justice can only occur if someone does something in response to a legal action that inhibits it. Fortunately it is not [yet] a crime to think ahead.
Even if I knew for a fact the NSA would get my fingerprint from my iPhone it would still be worth the convenience of having that fingerprint auth. I can legitimately stop putting in a pass code all the time and still have my phone be secure against random people using it, strangers finding it and getting access to my email, etc.
I would prefer the NSA not have my prints but virtually every other piece of data they collect is more likely to be used against me.
it HAS already leaked that emails, browsing, who knows what else, is being sucked up by NSA ... so apparently it doesn't matter. Apple is still selling plenty of iPhones, people are still using Gmail, etc etc. Apparently Americans don't much care.
Apple being added to PRISM would, from what I read, mean that content on Apple servers could be searched, not information stored on phones.
If iPhones phoned home information on stored on phones, I'd expect there to be a huge shitstorm and ample evidence of suspicious traffic. Do we have any evidence _at all_ that this has happened?
Yes, NSA can specifically target iPhones, which I think happens by backdooring the computer which is used to sync the device. One of the NSA slides had a private photo from an iPhone of 'a former senior government official of a foreign country'. http://www.spiegel.de/international/world/how-the-nsa-spies-...
Which is completely different scenario than "the iPhone being backdoored". You don't have to sync your device to a computer that is online, except for the first activation.
All I mean is that if you're using all of Apple's iCloud services (email, calendar, safari, not to mention iPhone backups to iCloud), your phone already "phones home" with a ton of info.
We know that the info can be sucked out of Apple (or Google, or Faceboob, etc) if the NSA wants to (for now).
So if they have your fingerprint data ... or even the ability to suck stuff off your phone ... then ... well qed
look obviously I'm in the minority, in caring about my biometrics being "built in" at such a "ground level" to a device that has so much connectivity to "the cloud" ... if you're not disturbed by this, then fine. I'm ok, you're ok. It is ok to hold different views.
Well, I'm in the camp that doesn't use any iCloud/Google services or Siri for security reasons, so I understand your point of view.
For me, it's very relevant whether we have any evidence that the government is collecting data residing _on_ iPhones on any scale, or whether the iPhone has any such capabilities built in. As far as I know, this hasn't been reported.
I know that Apple technically can push out a software update that would enable data collection or even covert audio recording, but in the end I have to make a decision on the likeliness of this vs. the convenience of having a smartphone handy.
Regarding fingerprint data, the US already has that and will continue to do so for 50 years, due to the fact that I had to travel to the US for work related reasons. Not happy about that, but, well, that's life.
Did you btw know that you can turn off "simple passcode" and then use a purely numeric longer passcode? In that case the iphone will still show the big easy-to-hit numeric keyboard allowing you to type in the arbitrary length numeric code.
Brilliant! I did not know that. I haven't been using Long Passcode Mode because I didn't want to type on the tiny keyboard to unlock 100 times a day.
Yes, absolutely. While the idea of fingerprint-purchasing might have interesting applications, what you mention should also be a serious concern.
The saddest part to me is that people are attempting to put an end to this worry by saying "well, Apple said they don't give apps access to it." And no other tech company has ever told us about any of their involvement and cooperation with the NSA in the collection of private user data.
People shouldn't wooed by this new feature and be blinded to its security implications. Start taking this stuff seriously, instead of what these companies are telling you.
Installing such machines in public or private property would require all sorts of legislation that doesn't yet exist otherwise the machine would be illegal in both of those environments because of existing legislation.
I acquired a passport in 2010, and left the country that year, and the year after, and was never asked for my fingerprints. You may be thinking of a program that applies only to non-citizens.
Not in the US, no. I ended up sending them my life story to convince them I was who I said I was, but they did not ask for fingerprints. I've never had to be fingerprinted for any reason. There is a palm geometry scan on file for me with a datacenter, but that works on a different principle.
How hard would it be to run a mobile scanner over public surfaces and correlate the data with security camera footage?
In any case, we're talking about devices that can already spy on you to an enormous extent (conversations, photos, e-mail, passwords, plenty more). Fingerprints seem way down the list of important things they could be stealing.
Actually, my gym (24 Hr Fitness) uses fingerprint scanners to sign people in. I hadn't really given it much thought before, but indeed, it would be possible for their system to be compromised and for my fingerprint data to be released into the wild...
Or to generate an artificial fingerprint that can fool scanners, and then use that to access an other service or data you have/use that is "secured" with fingerprint as the single authentication factor.
Since fingerprints can't be changed, he more widely they are used for authentication, the more likely that they will be compromised and the less useful they are for authentication.
That's a good argument against using fingerprint scanners as the only choice for authentication. They're not very secure, because they can potentially be stolen and faked.
However, it's not at all an argument against using fingerprint scanners as an optional choice for authentication, just because the scanner could be used to steal your fingerprint.
Fingerprint theft is a problem regardless. You can't really target systems that enable that theft, because it's an ever-present risk. Instead, worry about systems which fail due to such theft.
Fingerprints are fine for a gym, because who cares if somebody fakes yours. They're fine for a smartphone for many people, because it's intended to stop casual theft, not be an impenetrable barrier. Fingerprints should definitely not be used (at least on their own) for, say, nuclear launch authorizations or other things of similar import, because they can be stolen and faked.
Unless you have to also swipe a card in which case the fingerprint might be stored on the card. That how it's done where I live since you can't store peoples fingerprints without a good reason.
Yeah, I don't get it either. Wouldn't the fact that it could record all your conversations and movements and mobile data traffic be a much bigger problem?
I think it's prudent to note that Apple made specific guarantees of fingerprint privacy; however such explicit guarantees haven't been made for passcode privacy.
I am not concerned about my fingerprint data being part of some larger database.
However, if you're using a fingerprint to unlock, it's much harder to say "I've forgotten my password" - or stop them from using your finger while you're unconscious.
I don't think people are all that concerned about the dirty deeds of some nefarious black hat in this case. I think people are concerned about secret courts, a government that interprets its own laws, and a substantial portion of the public that hasn't graduated from issues commonly found in high school.
I don't know, the bureaucratic apathy coupled with decades old technology of your local DMV might make a decently effective example of security through obfuscation.
You don't _have_ to. You can root your iPhone and log all packets sent from the phone, and block out any stuff going to Apple (turn off iMessage, iCloud and Siri). For downloading apps etc, you can do that through iTunes and sync your iPhone using a cable.
You might be able to do this through a self hosted VPN too. Just setup your own Great Firewall that won't talk to apple. That way you don't have to root your phone. Not sure how much control you have over which traffic goes over a VPN connection though. And this might block your iMessages haha.
If we're assuming the worst, then nothing you use is safe. Google? No... Downgrade to a regular non-smart phone? I guess that's safer. They'll still have your phone records, though.
Are you similarly worried about the GPS in your iPhone that you presumably keep in your pocket wherever you go, which is tied to your credit card and billing account with the telephone company?
Generally speaking, because some regulatory agency or other would refuse or revoke certification of a device that has a "disable radio" feature that doesn't work.
I wouldn't assume that a device is incapable of accumulating GPS tracking information in "airplane mode" and forwarding it when the radio is turned back on, however, or that intelligence and law enforcement agencies would never quietly disable "airplane mode" in the course of specific investigations.
Airplane mode more or less disables the phone's transmitters, but not necessarily the receivers. Even if the baseband processor is told to shut down the radio, it can still be listening for a remote backdoor message, and subsequently enable the transmitter for some nefarious purpose - similar to a remote shell.
There's a branch of philosophy that takes this to your conclusion... we can't really trust anything in this world.
However, while the NSA has surely overstepped its bounds I don't believe it is omnipotent. At some point its influence ends. I'm still willing to believe in airplane mode. Perhaps next week's scoop will change that, but for now I'm somewhat confident it works.
Its not like it stores all the prints on all your hands...
Does the signature output of the sensor even resemble something that would be useful to a third-party? It seems doubtful that it dumps out a little JPEG... and it might not even be possible to reconstruct.
If the NSA has compromised everything, what's the point of all this paranoia? If you can't trust your software, your compiler, your operating system, your microprocessor, your network adapter, your router, or your ISP- you're hosed. It's over. You lost. So can we at least stop banging the war-drums?
There's either absolutely nothing you can do about it, or it's not as bad as you think and you are being wildly over fearful.
I don't think they compromised everything. From reading the last exposures it seems that they can wiretap Blackberry emails on a targeted basis, not on a dragnet basic(please tell if i'm wrong here).
But since we don't know if they compromised apple(an american company), and the benefits of fingerprint ID is not that big, maybe we need to think about not using it?
Just a thought... the third-party doctrine is what enables perfectly legal surveillance of most communications. However, something residing on your device and never entering a third party's possession would seem to be directly covered by "your papers" in the 4th amendment. The bar for lifting fingerprints out of your CPU is much higher than the bar for lifting emails out of Yahoo.
Not only that, but it can't be accessed by software either. Only the Touch ID sensor has hardware access to the actual fingerprint data, which is stored on separate memory on the A7 chip. That was in the keynote presentation.
Going at your premise and skipping over the fingerprint conversation: we have no evidence that the iPhone is backdoored. The NSA documents referred to scripts that were used on compromised computers that the phones were synced to, which indicates to me that they target unencrypted backup files.
I stopped having to worry about them keeping my fingerprints private when I turned 14. Turns out you need a license to drive a car down the road! How was I supposed to know?
and when you press the unlock button (containing the fingerprint reader that you think is inactive, but is actually still reading your prints) .... presto blammo hello mr nsa
Of course most HN users suspected it, but nobody else would listen. Now that there's proof, those who keep beating the drum are doing so because the public might still be paying attention and it might actually do some good.
Hey, not to break up the bash-the-NSA discussion, which is legit and badly needed, but did anyone notice just how bad the fact-checking is in this article? It's terrible.
Error 1: article says the A7 is a "40x CPU performance bump". Wrong; it's 40x over the original iPhone, not over the A6.
Error 2: article says graphics are "56x faster". Same error.
Error 3: article claims the M7 is a motion sensor; it's not. It's a chip which handles data from the various sensors.
Error 4: next paragraph after the first M7 paragraph finally gets it right. Bad editing.
Error 5: Apple didn't skirt the megapixel count for the new sensor as claimed. The new sensor has the same MP count, as was stated.
Error 6: article mentions a "10-shot burst mode". Wrong again. The burst mode is 10 frames per second, but is not limited to any specific number of frames.
I haven't been able to find a single forum/thread for the Apple announcements today (anywhere) that wasn't completely filled with either:
1) NSA flaming
2) 'lol no 5 inch / 1080p screen' style comments.
3) filled with disappointment that the iphone isnt a whole world more than what has been leaked.
How useful it would be to find a forum where actual on-topic discussion was visible and it was the crap that got filtered out, instead of the other way around.
Isn't it fair to be disappointed? They dropped the visual upgrade and introduced dozens of new bugs, forcing developers to put in some serious hours. And the result is what?
The best feature released is downloading new content in the background. That's wonderful, but not enough. iOS background processes are still crippled, so I can only have an open socket in the background if it's part of a VoIP app. And for some reason the VoIP flag also signals that I want the app to run on startup?
I don't see why we should care about iPhones or iOS anymore. The latest upgrade is a fingerprint scanner and it's faster. Ok. The operating system finally drops the idiotic skeuomorphism and lets people share photos with Apple's version of NFC. Includes a 2D game engine. Great. Oh beacons? Wonderful, now we can opt-in to targeted localized advertisements.
I'm more interested in getting a device that doesn't force its requirements inbetween me and my workflow. That means widgets, sideloading, intents, and applications that can edit the same files. Removing the animations or reducing their duration (jailbreak an iPhone, install the Accelerate package, and tell me that isn't a much better experience).
On iOS you still can't even delete their default apps if you don't want them. I thought Apple was supposed to be about style? My old iPod Touch still has a folder full of apps I don't want. And an empty Newsstand.
Apple is for children and the computer illiterate. The only benefit of iOS over Android is that you don't need to be totally vigilant over what you install. But the cost is living in a walled garden under the watchful eye of your nanny. I'm disappointed in iOS and the iPhone. They are becoming increasingly irrelevant. They're going to find that the preferred style changes over time, whereas Android is going to have a technical fan base for quite a while even after the "massive screens" fad dies down.
This is another classic case of being first (or at least one of the first) out the gate is more important than the rest of the race. They just want to get the traffic up to speed for ad-views before making sure the story is correct.
was that a press conference after the event because in the event they were clearly shown (and mentioned) to be over the original iPhone with the added claim that half of the total improvement so far is over the iPhone 5 ( a very roundabout way of saying the performance has doubled as compared to the previous iPhone)
When I see Apple putting forward as a key feature the number of bits in their processor in a general public announcement... I'm really feeling the "new" product is not really new. In the past Apple was always laughing at the PC ads boasting processor speed and memory capacity.
Apple laughs at numbers-based ads when they are behind, and play up the numbers when they are ahead. Remember the Pentium snail ads? There's nothing surprising here. They have a spec advantage right now and they're playing it up. If and when they drop behind again, they'll be back to talking about more qualitative aspects.
Isn't that what EVERY company does when it comes to marketing? I have never taken a single marketing class but I'd think putting emphasis on your strong points and gloss over your weak ones is common sense?
Not on Hacker News. On Hacker News your press conference should alternate new feature paragraphs with apologies.
"We have a new fingerprint sensor! But, you probably don't want to use it because privacy crazies online think Apple is a front for the NSA."
"We're moving to a 64-bit architecture! But, geeks with low reading comprehension think it's not that useful because we have tiny RAM, so you should just ignore this point too."
"We have the best mobile phone camera ever created! But, everything was already good enough, so we've probably just wasted two years developing this and wasting shareholder dollars instead of entering the virtual cow social abuse market."
In terms of raw sensor performance, certainly. The new camera moves the software stack forward in a way that Nokia didn't though - extremely high frame rate to "catch" the best moment, programmatic selection of said moments, merging of exposure information across multiple consecutive frames, etc.
As a photo enthusiast that part of the presentation was a lot more exciting than the (rather marginal) improvements to lens and sensor.
You don't need to mess around with these software hacks when the hardware is as good as in the Lumia 1020. Besides these software features are already done in the HTC One (lookup 'Zoe'). Apple's playing catchup here.
Lumia 1020 has very slow shot-to-shot and start times. On iPhone 5 I can start the camera app and shoot 9 images in 10 seconds. Just did it. On 1020 you might get 3 shots of in the same time. But the key is the time to first shot. On iPhone 5, from off to first shot is roughly 2.5 seconds, and just .5 of a second or so for the second. 1020 takes 4-5 seconds for first shot, another 2-3 seconds for the second (based on my experiments in the store).
Since most people use their cameras to shoot pictures of cute cats or children, and then upload them to FB, I think the vast majority of people would prefer the fast and very good quality of the iPhone over the slow but excellent quality of 1020.
Best is too vague. My issue with it is that it's a huge bulge on the back of the phone, so in my mind it can't be the "best mobile phone camera ever created".
There are a lot of interesting things you can do with a massive address space even if you don't have the RAM to back it. You can mmap massive files. False pointers are virtually nonexistent for conservative GCs in a 64-bit environment (I believe modern Objective-C is compiler supported refcounting though so this doesn't really apply here). You can virtual alloc a 4GB array and just let it grow in physical memory on demand.
There is also a new instruction set to go along with the bump to 64-bits which improves things. However, I remember Herb Sutter saying that, in the case of x64, Microsoft generally found that the improved instruction set performance gains were a wash due to the increased cache misses caused by the doubling of the pointer width. I'm not sure how much ARM 64-bit instruction set improves things.
I'm definitely out of my depth here, I guess I just wasn't really convinced 32-bit was ever a ceiling on the iPhone. I'm sure Apple have their reasons though, and maybe massive files and 4GB arrays and really do matter to iPhone users more than I thought. I'm sure Apple have some reason beyond marketing, since I doubt the general consumer really cares.
> (I believe modern Objective-C is compiler supported refcounting though so this doesn't really apply here)
Yeah, I don't think they ever supported GC in iOS. Now that you mention it, it's probably not a coincidence that it was added to the Mac shortly after the entire product line had switched to 64-bit. You could still do it in 32-bit, but I doubt they were expecting many developers to start writing new 32-bit apps at that point.
What does use a conservative garbage collector on iOS, however, is Safari's JS engine. But I assume that the conservative scan is only used on the stack (that's what FF does), since it would be kind of silly to do a conservative scan of the heap for a language that doesn't support pointers. So it doesn't seem likely under normal circumstances that you'd have many false hits even with 32-bits.
Memory bus bandwidth - moving large chunks of data around just got twice as fast. That means loading textures for games, or hauling photos up from flash memory will be substantially faster now.
Yep, of course. Which is why I don't understand when people act like this is something weird. Talk up your strengths, talk down your weaknesses. If a point that was a weakness last year has become a strength this year, you emphasize it even though you de-emphasized it last year. That's just how it works.
Because no other company ever criticizes their competitors' marketing?
This discussion is frankly insane. This stuff is called "marketing". Virtually every company does it. Companies that don't do it are called "failures".
More than most brands, Apple uses 'meta' advertising, calls out competitors for being corporate and mainstream and focused on machines over humans ("1984", etc.) It helps them mint money selling nice-looking consumer electronics, and at the same time it makes them justly more susceptible to this kind of criticism. It's all part of the same package. I think they can weather a little criticism for the hypocrisy in their marketing, let them take their lumps as they take their money.
> they'll be back to talking about more qualitative aspects.
The problem is that they hardly have qualitative aspects left that they can claim over the competition. They are engaged in a race to the bottom.
When the highlight of the keynote is a feature that has been available on cheap Thinkpads for five years, you wonder if Apple will ever innovate again.
An increase in processor word size has been part of Apple's marketing materials in the past, as was the transition from PowerPC to Intel. Apple tends to not get hung up on speed and capacity, which is just always regularly increasing, but step-wise jumps like word size are a different type of change since they require substantial technical hurdles and, as is the case here, can double the speed of certain applications in a single generation.
Apple are hoping that journalists are lazy or rushing to meet a deadline, so they get headlines line "New iPhone is 40x faster than old iPhone!".
They could have put "2x faster than iPhone 5" in their slides, but they deliberately chose to put 40x (referring to the original iPhone) and leave it slightly ambiguous.
It's the first smartphone with 64bit CPU, it's a significant achievement, and they are rightly proud of it. I thought comparisons to the original iPhone were very silly though.
Non techies that I know hear 64 bit and immediately think that it's better. When friends show me a new lap top or whatever else, they say it's 64 bit. When they're shopping they ask if something is 64 bit. They don't understand why it's important, but they think it is.
My "is it new?" test works this way: how would I explain what's new to my father (who is 74 years old and knows not much about tech). A7, M7, iOS 7, better camera and flash: not much to say. Touch ID OK that's new, but that's not much.
It's not about your fingerprint though. It's just that cheap scanners are easy to trick and you leave fingerprints everywhere, including on the very surface you scan it on.
Scanners like the one used only work with live fingers, and read geometry deeper than the surface. You're not going to trigger it with an ordinary collected fingerprint.
It needs to be contextualized and explained for practical usage. They had the same problem with Siri, which was pretty awesome, but presented very gimmicky.
I suspect that slide was partially a message to ARM and their partners as well as Intel:
"Architecture transitions used to be a big deal. We have built a software and developer ecosystem that makes them worth a single slide. ARM: Don't get too comfortable. Intel: Show us what you can do."
Looking at Intel's roadmap and the success they've had with Haswell ULV, I think they have at least a fighting chance at ending up in an iOS flagship product within 2-3 years.
Smartphone hardware is in the 9th inning. These devices have mostly hit the natural limits of what's achievable for now. Bad for Apple since this effectively levels the playing field.
Flexible displays would certainly be neat, but their utility for a cellphone largely escapes me.
Wearable peripherals are a different category, they're not smartphones. Regardless, I dont have terribly high hopes for these future devices.
Mobile payment is mostly not a hardware issue. It's a software issue and a matter of coordination or market forces selecting a standard or two. It's things like THIS that are the next battleground in mobile: services and integration.
They are in rectangular boxes because that shape, for various reasons, happens to be extraordinarily efficient. TV's haven't changed shapes.
I think smartphone hardware is pretty much dead. The major leaps - touch screens (which is so ridiculously underappreciated as an innovation), HD screens, HD cameras, CPU horsepower, nice OS's, voice recognition, blah blah - are behind us. There is a reason that almost all of the best selling smartphones look alike, feel alike, and generally have the exact same feature sets. The differences between each other, in the grand scheme of things, are lamentably minute.
These are great points. To add to your list - I'd love it if as part of mobile payments they do what's needed to completely replace a wallet.
If I'm at a restaurant paying for a drink with my phone, I should also be able to send them a verified copy of my id with photo and age. Then I could stop carrying a wallet entirely.
Integration with low power peripherals will be nice, but don't forget about high powered peripherals like tablets and tvs. If I put down my phone right now and pick up a tablet, I should be able to finish typing this comment with no interruption.
Usually, but not always. In 2007, it turned out that the available technology allowed something way better than what was actually being sold. Apple realized this and used this fact to go from zero to smartphone dominance nearly overnight. Gaps do happen, they just don't last long before someone comes along and gets rich by exploiting them.
Except that Apple just doubled the processing power. That, with everyone else now needing (and, given a year, able) to catch up & exceed, is hardly "the natural limits of what's achievable for now". The processing power curve shows no sign of slowing down, and with wireless tech racing past LTE toward 100Mb territory meaning local storage capacity becomes a mere buffer instead of a limit, we're nowhere near "natural limits".
The only limit we face now is users finding sufficient aggregate need for all that power & bandwidth. Build AppleTV into a touchable monitor, drop a wireless keyboard on the desk, and eliminate that 4" bottleneck for most users - BAM, death blow to Windows etc.
The iPad 3 pushes 2,048 by 1,536 pixels. A single monitor 30" requires 2560 x 1600 (or maybe less, if it's crap). So ... I can see an iPhone being able to drive a single 30" monitor some time soon.
People will be using their phones as desktops (if not serious workstations) sometime soon. And once they use them as desktops, phones won't be fast enough until they have performance comparable to workstations (which, as you point out, won't happen).
Why not? If it doesn't melt while being maximally used in my hands, why should it be thermally impossible to put it on the table while connected to an external screen?
The processor is more powerful than many old computers, and the 30" screens need no more pixels than the iPhone screen already has.
I wonder if it would be practical couple the CPU directly to an externally accessible thermal pad, and have some sort of docking station which includes additional cooling. There are probably better cooling options available (liquid, heatpipe?) if you could find a way to connect/disconnect them reliably and not compromise much on the mobile aspects of the design.
Yes, it would be very useful to have a single OS image that could scale its user interface and capabilities to the hardware it finds attached at any given moment.
OSX already does this. Got a base model Macbook Air and a big powerful iMac or Mac Pro? Connect a thunderbolt or a firewire cable and boot in target disk mode, you'll boot from the Air's hard drive but get the full hardware capabilities of your iMac or Pro (better GPU, more CPU power, whatever).
Apple's advantage on craftsmanship is already well-established and doesn't really need to be sold (to people who haven't already decided they hate Apple, that is). 64-bit is not the primary differentiator of the iPhone the way a few hundred MHz is the only real difference between laptops in a Best Buy.
I don't see them talking about this any more than they've talked about every iterative processor improvement in the past. Being the first 64-bit smartphone is a slightly bigger deal than selling 2.6GHz instead of 2.4.
I think the "Touch ID" fingerprint matching that was just revealed is way more interesting than their performance improvements. I wonder why they chose to order the announcements like that.
In most previous Apple iterations, when they release a cheaper/multi-colored version of a flagship product, they also release a new (more premium) product line. This time they didn't. This is disappointing to Americans (hence the drop in share price) but also shows Tim's direction: China. His expertise in the company under Jobs was in supply chains and Asia, and now he is orienting (pun not intended) the company towards Eastern markets.
Disappointing shortsighted shareholders, but in my opinion an absolutely perfect time to buy AAPL: they have huge cash reserves and pushing in to the massive Eastern market with the Gold iPhone will only pad further those cash reserves that that low P/E.
"Gold" has much more of an appeal to many Asian populations than the US given that Asia has been the cause of exploding actual gold demand. In the US I know few people with garish gold widgets. However, in Asia where the Apple product is a status symbol, the gold iPhone 5S (not the lump of coal 5C) will certainly bolster the image of the premium version.
It may show Tim's direction toward China, but it also shows Apple's lack of full understanding of the Chinese market in that the iPhone 5C is priced at US$733 at launch in China. I'm sure they'll get some sales with the fake gold on the 5S Tacky Edition, though.
* OpenGL ES 3.0 support (things like true HDR rendering, etc. will finally be possible)
* 64-bit support. For most app developers, this will just be a recompile. The tricky part is that any closed-source 3rd party SDKs/libraries/frameworks used will also have to be rebuilt first by their authors.
More importantly, what are they talking about when they say 64-bit? The architecture uses 64-bit addresses? The processor uses 64-bit registers? What are the main advantages to current CPUs?
They mean that they are switching to a 64-bit ARM architecture.
Note that the 32->64 bit register and address size increase is by far not the only difference between 32-bit ARM and 64-bit ARM. Aarchv8 (64-bit arm) is effectively a complete clean redesign of the ISA, designed to be modern, fast, and only maintain some backwards compatibility, discarding many signature features of ARM that no longer make sense. Such as predication of everything and free shifts in every instruction.
64-bit ARM should be significantly faster, at least once the compilers catch up.
"64-bit processor" almost universally refers to using a 64-bit word size: 64 bits of virtual memory space (even if only some of it is mappable) and 64-bit ALUs.
This was well covered when desktops switched, but the main advantages are that certain operations are faster (e.g. RSA) and the extra address space lets you use mmap() and the page cache for everything, instead of writing your own stupid cache.
Disadvantages are that 64-bit code consumes more memory. There are ways around this.
I'm not sure why AMD64 didn't specify a 32-bit memory model mode while providing 64-bit registers and the rest of the improvements. Like X32 for Linux. Then if you're not using all that RAM, you can benefit from smaller pointers and so on while still having 64-bit words.
Given that 64 bit ARM instruction set is not an extension of 32 bit ARM, it seems to me that the iPhone A7 chip must include a chip which can implement both instruction sets at the same time.
I'm sad it seems most likely the 5S will be fingerprint OR pin/passphrase to unlock. I can imagine situations at borders or in interactions with police where compelling a fingerprint swipe is physically easier than compelling a passphrase entry, and I think it is also legally easier to compel later.
The ideal would be a 4-8 digit numeric PIN with strong "10 tries and it dies" plus fingerprint, and as a backup, a full length desktop-style passphrase (iCloud passphrase). And maybe some kind of "only works on pre-authorized devices" enrollment system requiring the passphrase to generate local keys, too.
OK everyone, walk back from that ledge. Someone with the resources and motiviation to drug/kidnap/kill/amputate to get access to a biometric scan is going to be well-equipped just to steal the device and read the flash out via JTAG.
Screen locks do not provide meaningful security vs. a determined attacker, and never will no matter what the unlock mechanism is. Unless you encrypt all storage with a strong password (not a 6-digit PIN) and a good PBKDF, all you get from this stuff is protection against casual snooping.
Or it's just the cops, and unlike a password or pin or pattern, they can actually physically force your authentication out of you with a single finger press.
Theoretically you can do some liveness checks (work better on retina/iris than on fingerprint), but basically everything related to fingerprints is easy to forge outright, let alone making a dead man's finger appear live.
Every time fingerprint scanners are mentioned, people start talking about cutting off fingers. Guess what: the people making the scanners have considered this scenario. All of their clients have nagged them about it continously for decades. It's fun to talk about, but it won't work.
I want to be able to set, at my option:
1) PIN-only
2) FPR + PIN (where you must use iCloud to get in if your FPR doesn't read)
3) for morons, FPR only.
I currently use a much stronger than 4 digit numeric PIN, but it is honestly a pain. If I could set both the FPR and PIN as required to get in, I could use a shorter PIN. If I'm allowed to bypass the FPR entirely, the PIN has to remain as strong as it is now.
(What I'd also like is something better than hardcoded timeouts for requiring the PIN. Like "require FPR every single time you unlock, require PIN+FPR if it has been <30 minutes or <120 minutes but no movement on accelerometer OR connected in my car, require FPR+icloud passphrase otherwise". Fully configurable by the user.)
His tweet doesn't confirm or reject your #2 (just that PIN is available as an option), so just relax and wait to see. I mean, I doubt they'd implement FDR + PIN like you want (cause it seems a minority wish?), but it's still possible.
Only for morons is way harsher than I'd put it, but fundamentally it's a difficult to inspect security system that's based on a potentially vague analog signal.
In the security world, things which are novel are not to be trusted. The security of a system is measured in how many serious researches have attacked it, and to what degree they succeeded.
I expect that there are solid biometric security standards that have been subject of serious analysis and attack. If it turns out that Apple's implementation uses one of these standard and tested solutions then I think I'd trust it in place of a PIN. In the absence of that evidence, the Properly Paranoid position is the skeptical one.
A quote from Babbage in 1864 is apropos: "One of the most singular characteristics of the art of deciphering is the strong conviction possessed by every person, even moderately acquainted with it, that he is able to construct a cipher which nobody else can decipher."
Because compelling someone to give you a fingerprint is pretty easy, and could be done trivially at a border, or incident to arrest or detention, or by anyone willing to use a modicum of physical force.
Plus, since liveness checks are weak, anyone with access to anything containing your prints. I suspect at the next Defcon there will be a fun challenge to defeat it given a print lifted from a glass using $5 in supplies in 30 minutes. And then at the Defcon after that, the same contest will be in the children's area.
Imagine someone knocks you out and takes your phone. Use finger (possibly still attached) to authenticate. Profit.
So not really a good idea.
I rather have the option of unlocking the phone via PIN, then have the option of sending a FPR hash to a site of my choice. Speaking of which, I wonder if they salt or provide some other way of sending unique hashes to different web sites or is this now the equivalent of using a fingerprint as the same password for all sites.
Which is worse, since you can't really get a new finger (well, you get 19 more resets including toes) since your print is somehow compromised (website leak, etc.)
I read a liveblog of the presentation, and they only mentioned using it to unlock the phone and to purchase from the iTunes store. I don't think it's usable for random websites.
I'm still weirded out by the idea that Apple has finally split the iPhone line into "premium" and "value" streams. It just seems so... un-Apple. The whole "last-year's-model" discount was a bit of a kludge, but still Apple stood out from the rest of the industry with such a simple product line - device, biannual release, size, that's it.
Steve Jobs' first big contribution towards turning Apple around was cutting down their product line into two products in every category: a premium one and a value one.
At first this meant they cut back to only selling four products: two desktops (premium Power Mac and value iMac), and two laptops (premium PowerBook and value iBook). But as new products came on they eventually got this treatment too.
Apple has had premium and value lines before. Indeed, during the heyday of the Macbook, it was split into a premium aluminum and a cheaper polycarbonate model.
Yes, obviously the PC/Laptop side of the business has always had this kind of differentiation (also the pure-Mp3 player business), but the iOS stuff has avoided this since the inception of the iPhone. The iPad, iPod, and iPhone were just "size only".
Now that Jobs is gone and competition has heated up, we're seeing Apple back away from that with the iPad mini and the 5s. It feels like a big shift for Apple.
Jobs was the entire reason that their product offering was so focused. Look back at the mess that was Apple's product offering smorgasbord before Jobs returned and took his hatchet to it.
Without visionary leadership, most big companies are unable to resist the temptation to take the kitchen sink attitude toward product development.
The coherence of Apple's product strategy will most likely decrease as we move further past the age of Jobs... unless they find a new similarly-capable leader.
This seems more focused and less confusing than prominently selling last years’ model (which Apple has previously done).
From a consumer perspective it seem extremely hard to differentiate between different years’ iPhone models. This new clear (also visual) distinction makes it easier and provides more guidance for consumers. It’s a bit more work for Apple (what with them having to make two iPhone models every year) but for the consumer it should be much easier to understand.
The 5C stands out and makes it really clear that Apple has something that costs a bit less than their flagship. Yeah, it’s just the 5 repackaged – but I think it’s really important signalling and should make Apple’s lineup much easier to understand for consumers.
There’s still the 4S to muddy the waters, though. Ah, I guess that’s some Jobs-era legacy mess. Selling a two year old model is really lame and confusing after all :-)
>But Apple executives, including Mr. Jobs, were seriously considering selling a less-expensive but similar phone as early as 2009, according to former executives involved in the plan. Then, the manufacturing teams were most opposed to it.
>Their concerns, which I previously reported on in the Wall Street Journal, were about manufacturing complexity: how could Apple build so many models with so many different components? Apple’s relatively simple supply chain had always been a big competitive advantage. Having relatively few products allowed it to focus, buy parts at scale and keep things secret.
What I want to say is, none of us, I suppose, were in the man's head, or worked at Cupertino. We can only speculate why there is a single iPhone/iPad. (And as you can read from the article, it may be due to operations and not because Jobs was so much about “simplicity“.)
Saying “Now that Steve is dead” contributes nothing to discussion unless you work at Apple and really know what you're talking about. (In which case your comments are very valuable.)
> during the heyday of the Macbook, it was split into a premium aluminum and a cheaper polycarbonate model.
The MacBook line wasn’t split. The MacBook Pro is the Intel powered successor to the PowerBook. The MacBook is the Intel powered successor to the iBook.
hey·day: the period of one's greatest popularity, vigor, or prosperity
When the MacBook was introduced, it was way less popular than it is now. Apple sells 2,5 times as many computers than it did back in 2006.
They split "premium" and "value" as soon as they released the 3G, and started offering an older model for half the price. This makes a lot more sense, because the value line is no longer just an old model. Now buyers of both get to have something to look forward to.
You can console yourself with the fact that the 5C isn't a value stream since it's priced the same as premium Android phones with better screens, processors, etc.
I have just had a look on the Apple UK store's website. The 5C starts at £469, the 5S at £549. I am not sure if there is any price differentiation going on?
Better photos, TouchID, snappier performance -- a traditional incremental Apple upgrade befitting the "S" moniker.
I've long been wondering when/if Apple would take on NFC and things like payments more aggressively. I get the feeling that they're going to skip NFC entirely, and that TouchID is going to be a large part of processing transactions without the need for any physical device interaction (swipe/tap/bump).
Right now I've got that hazy tip-of-iceberg feeling that Apple is probably in the early phases of executing some grand vision that I can't yet see the entirety of.
And that's why Apple continues to be the leading consumer device co: who else out there has "vision?" Google is the closest, but IMHO Android has always felt reactionary, not visionary.
How odd, I feel the opposite, re: vision... Google is leading the way with progressive developments in many varied fields.
Expecting more today from Tim Cook, the Apple announcement left me flat. Understand, that while I'm a long time Apple user, my Android phone(s) have offered features to which Apple is still playing catch-up. Apple is the reactionary these days; they may have introduced the iPhone as a ground-breaking product back-in-the-day, but Android is outpacing the iPhone with each new release.
<opinion>Aside from the MBP I use for work, I won't be purchasing another Apple product anytime soon, FWIW.</opinion>
Google's vision is definitely out there, but it's intangible. Glass is a $1500 product that is geared towards geeks. Folks who don't even know how to properly use a BT headset would be overwhelmed by Glass.
I guess it's about target market. Apple makes it available, like, everywhere, and accessible to folks like my parents. Google puts it way out there (cool), but it requires a nerd to use or grok.
To echo r00fus, Apple's visions are more tangible to the everyday consumer - or at least better elucidated. Apple is the master of "segmentation" - i.e.: identifying a pain point or desired experience, and building it. TouchID, for instance, solves a problem - passwords suck. "Here's a simple, frictionless way around it, that incidentally will be powering all of your apple-conduit payments inside of a year." That's a vision that relatable, easy to understand, etc., compared to something like glass which is much more "out there."
To put it another way, each apple feature is clearly tied to a consumer-relatable use case. Collections of features form pieces of apples vision, rolling up use cases into the "experiences" that they mentioned today.
Didn't Apple say they wouldn't consider NFC until the technology has matured enough not to hammer the battery life so much. As much as I want NFC I'm inclined to agree, if I wanted terrible battery life I'd buy an Android.
NFC is rather different from bluetooth and hence not really comparable for many use cases.
Primarily, NFC is much lower power consumption than bluetooth, much smaller field, and much lower data/bandwidth. NFC is more in the category of RFID.
Secondly, NFC tags are unpowered and rely on the reader for energy. They store several dozen bytes up to several thousand bytes and are useful for QR-style applications, like "Tap here for our address" and so forth. I did up some business cards with tappable tags on the back that take a device to my website. They also make tags fully embedded in paper and cardboard for cosmetic appeal.
NFC tags are very cheap, on the order of a few cents each up to a dollar each, and are therefore well suited to the smart objects applications such as, for example, tapping a pill bottle to retrieve non-trivial amounts of information about the medicine, or storing identity information on personal possessions.
Really, the applications are endless. I think Apple has missed the ball on this one. They should have included NFC early on. You can buy an iPhone case with NFC, which is useful but of course it's never as good as having it built in.
(Interestingly, the linked article is on TechCrunch, a news website that recently published an article "NFC = No One Fking Cares!". Of course, the author, a journalist apparently with no engineering background, drew a lot of caustic comments for that one, and subsequently I stopped reading that publication. This iPhone 5 article is poorly edited; it's too bad this out of probably dozens of choices is the one that made it into YC.)
Bluetooth Low Energy, which the parent commenter was referring to, uses a minuscule amount of power compared to the old standard. BLE devices can run for months on a coin cell, it has negligible impact on the battery life of a smartphone.
Using NFC, the act of reading uses very little power, and of course tags are unpowered, but the reader needs to constantly scan for nearby tags, and that can be a battery hog. There are reports of 50% shorter battery life on NFC-equipped android phones.
Yes, there's that Examiner article claiming 50% drainage. But look further and you'll learn that in Android, at least, NFC polling is off when screen is off or locked, and when screen is on and the NFC subsystem is active, it polls intermittently at a very low frequency of about 10 Hz to save power. Google I/O had a discussion of this (sorry I don't have the link) and they reported about a 0.5% power consumption hit when NFC was on. It definitely hits the battery but negligibly. I have NFC turned on all the time on my devices (GNex, N7, N4) and they run for 12 hours (about 30-50% usage rate).
NFC didn’t really break through in the market. Not yet, not ever, I don’t know. But I’m pretty sure that Apple is betting on Bluetooth LE, something their devices already have. I could see that work out.
Don't you wonder that the reason it didn't break the market was because iPhones never shipped with it. Same as QR codes, no default app to use them = poor adoption of the technology.
This is what I don't like about apple the 5s $199 version has 16GB and the 5c $199 version has 32GB. They should have at-lease giving us 24GB for 5s $199.
Apple being apple trying to keep margins high.
The new colors kind of suck but great for high school girls.
You are getting downvoted a lot (for various reasons I'm sure), but you really do make a good point. The jump from 16GB to 32GB is $100 w/ the iPhone. I think a lot more people would jump for $50. But probably not enough to sacrifice the (generous) margins given by a $100 increase.
One thing I was certain about before today was that my next phone would have 32GB. Sorry Apple, I probably would have stuck with the iPhone for $199. Now I'm actually on the fence!
I had to trim down the number of playlists I store on my Nexus 4, which only has 16 gigs. I also have to be more cognizant of how many podcasts I download at the same time.
I like my phone. But I don't think I'll ever buy anything without at least 32 gigs of storage, or a place to plug more memory in.
Unless you have a data plan with less than 2GB of data, that is. And are OK with waiting a bit for things to buffer. With Google Music I end up offlining a lot of songs because data plans in Canada are terrible and because 3G isn't everywhere you want to listen to music. Add podcasts and you hit the storage limit in no time.
My Desire HD has a 32GB SD card now because the 16GB was full with music, videos and game ROMs. That 32 is pretty close to full now.
My younger brother has filled up two 16GB iPod Touches (second gen and fourth gen) with music and videos.
My extremely non-technical father has filled up the 8GB SD card his phone came with, with just music. I'm sure if he could, he'd use more space but a €30 microSD card is more than he's consider spending on phone extras considering he paid €90 for the phone on prepay.
People use more storage than you think. If it was not a big deal, why would phone companies use it as the sole upsell towards their more expensive phones?
Streaming. There is no reason to carry a complete copy of your music/video library around with you. If you think there is, the iPod Classic is made for you :)
Now, here's what happens when I try to stream a video on my phone's internet connection:
* It takes 20 seconds of buffering just to start.
* Assuming it's 360p, it runs for about a minute or two, then starts to buffer again. If it's higher, it lasts even less.
* The video starts to buffer again. This takes another 20 seconds.
* This repeats until the end of the video.
* My phone company charges me €2 for data used in excess of my daily allowance.
My home internet connection is mostly the same experience, except I can watch a 480p video, and I don't get charged €2 for it.
A lot of places that I might be don't even get EDGE coverage, never mind 3G or anything better. For 25 of the 30 minutes of my most common bus trip, I don't have 3G coverage.
Here's what happens when I watch a video of any quality on my microSD card.
* I open the video in my video player.
* The video plays, without interruption, until the end.
I'll be sticking with local storage for a while yet.
You can still just sync sporadically what you need, and keep the complete library on a HD or your main computer. Most peoples' collections won't even fit on a 128GB device.
I could, or I could just have my collection available when I decide to listen to it rather than have to think to put it on a smaller device beforehand.
On the other hand, my 4S has a persistent mobile data connection, so storing music locally is of no great benefit to me. I guess all we can conclude is that 16GB can be huge, or tiny, depending on how you want to use your device.
Ever done a road trip? Amazing how many places out there on major interstates have like no data coverage. On-device storage is important for cases like these.
I was in the US a few months ago and did experience what you are talking about on the interstates, so I get where you are coming from. It was actually kind of a strange experience to be out of service so often.
But here in Canada, where I spent almost all my time, the only place I've ever had any significant coverage issues is when I was in the far north, and I've only been there once. It's essentially a non-issue for me.
The only times I use my iPhone for music are on long drives and airplanes. Not a good use case for iTunes Match. I do have Match, but mainly just use it on my laptops (which don't have any music on them).
That's why I love iTunes Match. I'm able to take my complete music library around with me without actually using up all my phones storage. As long as I have network connectivity, the song will be downloaded to the device on-demand.
The plastic they're using (hard-coated polycarbonate) is, I believe, the same plastic used on many of the Nokia Lumia phones which a lot of people say feel much higher quality than other, regular plastic phones. That said, the 5C is the cheaper option and it isn't going to feel as good as the aluminium of the 5S. I don't however think it will be anywhere near as cheap-feeling as other phones (e.g. the Samsung Galaxy S4 which has been described as feeling "greasy").
Those are all just staged for ads (unless you think you can't listen to the Beatles Red Album on a blue nano and vice versa) except for the latest one, which came out after the Nokia devices.
I'm sure someone did it before (I seem to recall IE5 letting you change the interface to match the early iMac colours) but your comment (and a quick glance at the linked image) is misleading as it stands.
The Nokia is staged for ads too. You can change the highlight color to be whatever you want. Additionally, many WP apps have a solid colored tile that doesn't respect the user's color choice.
Not sure I agree with Nokia's formulation of the saying. I prefer "Imitation is the sincerest form of flattery", which makes a lot more sense. Imitation isn't the best form of flattery - it's actually quite an irritating form of it - but it is the sincerest form (since, unlike verbal flattery, it's rarely feigned: you imitate because a thing is worth imitating, not to flatter the imitatee).
Totally depends on how it feels. Certain Android phones do feel cheap because of the plastic they used, just as certain laptops felt cheap. Apple has a history of making polycarbonate products that do genuinely feel significantly nicer than the average product.
First the NSA, now the wife, what's up with people in HN? Are you all planning a coup with your mistresses?
If you're married and your SO can't just ask you for your PIN code - and you will, without even thinking about it, give it to them - you might want to take some time to think hard about your relationship.
I can't imagine why I'd need to ask my SO's PIN or she'd need to ask mine - I actually would, as you say, probably give it without even thinking about it; but if you have a healthy relationship then noone feels any need to check the other's phone/email/diary/whatever.
My wife and I have each others' unlock codes because sometimes we get info from each others' phones for one another. "Hey hon, I've got my hands full, can you see if Jane replied to my text yet?" or "Can I use your phone to look up X? Mine's about to die."
We don't feel any particular need to check up on each others' communications, though. It's just a practical matter for us.
Ok, there can be valid uses. But they haven't happened in my 9 years together with my SO. Probably depends on the habits - I don't call/SMS that much anyway; I know her ATM card code, as we needed that some times, but I've got no idea about her phone/other passwords.
How about a series of emails joking & griping about your wife's habits to your best friend? Completely harmless but not exactly the kind of thing that you'd want them reading.
Our digital selves trail back in time farther and farther these days; would you want your wife reading emails between you and an ex from before you met her?
Well if your wife has so little faith in you that she goes snooping in your email history, again, "you might want to take some time to think hard about your relationship."
So this argument is complete crap when it comes to governments but totally okay when it comes to spouses?
How about a series of emails joking & griping about your wife's habits to your best friend? Completely harmless but not exactly the kind of thing that you'd want them reading.
Our digital selves trail back in time farther and farther these days; would you want your wife reading emails between you and an ex from before you met her?
"According to Apple, the processor is more than twice as fast as the A6, with a 40x CPU performance bump. Graphics are said to be 56x faster."
What does that even mean? I'm getting tired of claims like these. They're obviously non-sensical and groundless and they should be publicly shamed for it. But that'll never happen I guess.
At some point you'll be able to pick up your friend's phone or tablet, touch it, and without entering usernames, emails, or passwords, have access to all your "stuff", including the same homescreen / desktop as your own phone / laptop.
There will be open source, open standard, secure authentication and identity systems chained together, kind of like an evolution of Persona or OpenID, and when you view a website on your friend's phone, it will recognize you immediately.
A setup like that relies on massive trust in cloud computing services and sanctity of the operating system, software, and hardware which I -- and probably many other curmudgeonly tech-savvy people like me -- are unwilling to give.
I was with you until you mentioned it would be OSS with trust webs like Persona… not that I wouldn't prefer it, but even Google is more about proprietary, cloud-based these days.
About the ID fingerprints? Am I the only one so in constant fear and doubt that thinks this would be a great way of bulk collecting the fingerprints of ANYONE?
They don't even say fingerprints are not uploaded:
According to the press release, "fingerprint information [...] is never stored on Apple servers or backed up to iCloud." But nowhere do they claim it doesn't ever leave the phone. It looks like this leaves Apple the option to upload the data to "trusted partners".
Even after the device is out it would be very hard(if not impossible) to verify it doesn't send fingerprint or hash of fingerprint online. There's plenty of places they can hide this.
The entire NSA thing to date is a huge scandal, and yet no one (outside of the tech community) seems to really care... Not many people are closing their accounts associated with NSA complicit companies.
Do you really fail to see the difference between disclosing user info already on the servers to the NSA under legal orders and announcing a new product after the leaks, claiming it does not send any data, and doing the exact opposite without any additional benefit? Why would Apple do this?
I don't recall reading NSA can now force companies to include finger sensors, and then force them to collect data they wouldn't be collecting otherwise.
I didn't say anything of the sort - just that major tech companies don't seem to really care about their reputation in relation to the NSA snooping. I'm not saying they've built in backdoors or anything either way, I'm just saying if they have, I don't think the average consumer seems to really care about it. Heck, I'd bet most of Hacker News is still using Google, Facebook, Microsoft products etc. and their reputations have hardly been tarnished by the revelations.
Because we can't, not really. I mean, sure, at a significant price, you kinda can, but the cost will be great.
Delete your fb, g+ and twitter accounts. There will be a social price to pay, but it's still not too great for a significant amount of people. For many, though, even that is costly.
Get rid of your Nokia, Apple or Android phones. Suddenly, harsh. Still possible, because there's some alternatives, but if you want to avoid US and Chinese companies (srsly, Chinese), your options are limited and not well-known.
And, you've done both. Um, most SSL implementations. Your bank account. You'd have to go cash only.
Seriously, there isn't much we can do in any immediate way. Just vote the right way, and talk to people. Less glorious than pointlessly sacrificing yourself, sure, but actually works.
The government has given legal immunity to telecoms that collaborated with NSA spying in the past, I'm sure they'd extend that immunity to Apple if need be.
"The government can't grant immunity for that." ... come on.
I don't recall the exact wording of that law, IMHO it already covers such argument, but if not, it just needs a single sentence amendment. Government certainly can grant immunity against pretty much any civil claims.
They also can pass a law stating "Any and all contracts between Apple and 'gareim' shall be considered null and void.", though they probably won't do that - but adding an exception to the laws regulating advertising truthfulness is trivial. In fact, they could simply revoke those laws and then noone could bring any class actions for 'being sold a product on a lie'; class actions as such were only made possible by specific regulations and congress could eliminate the whole concept of class action suits if they wished to.
This can always be the job by someone in the company cooperating with NSA , without apple knowing. And i think government can grant immunity to lies. Hasn't many people lied to congress/citizens in the recent weeks ?
This was my thought as well - how can you verify the fingerprint if you don't have a representation of it to compare to? Don't think there is much value just an internal comparison would have.
I would hope that they simply save a hash of the fingerprint with a reasonable level of collision built in to make it difficult to tie a hash to a single person's fingerprint (maybe ~10 people would have that hash?). I would imagine they could then use some sort of secret tied to the device id and hash pair to positively identify to the server.
1)They said the detection gets better every time you use it. So my guess would be that multiple versions of the raw fingerprint data are stored inside the A7 chip. (That information never leaves the chip.)
2) You can use your fingerprint to authenticate apps like iTunes, as well as third party apps. For this, yes I am sure they will use some hash that cannot rebuild the fingerprint.
That may be true now, but we've seen very recently how powerful government orders can be. I could easily see it starting with "we do not upload fingerprints" to "we only send fingerprints at the request of government warrants" to something much more massive down the road.
If the data is sequestered on the A7, I suspect not even iOS has access to it. It may just be able to request authentication, and receive a true or false.
Calm down and stop posting inane comments. It'd be much more healthy for this community.
If you have doubts about the scanner, then don't buy an iPhone 5S. There's nothing much more that can be done besides what's being done already. And for others who know and don't care, that's their decision.
I don't have a problem with the fingerprint scanner, since people can choose to use it or not. The larger problem I see for the 5S is a marketing one: while the A7 processor and internal redesign are significant technical achievements, consumers won't understand that or care. They know that their existing iPhone 5's are relatively fast, and that will be enough for most people. They needed to add features - not necessarily speed - for this phone to have the kind of success that its predecessors have achieved.
This is typical of the previous 's' updates: 3gs, 4s. Both offered a better camera and faster speed, and not much else. The 4s had siri, which ended up being mostly just a gimmick IMO.
I use Siri to schedule reminders all the time. Sometimes to take notes and it's also useful for sending hands free texts via voice. Oh, and search... I just used it tonight when in an unfamiliar area to find the nearest gas station and get directions to it, all via voice so I can keep my eyes on the road.
The new colors are definitely a feature. One of the "problems" with the 4S was that there was no externally distinguishing feature that you had the latest and the greatest. They fixed that this time around.
I would surmise that is likely due to the iPhone 5C and iPhone 5 having very similar specs. A free iPhone 5 would cannibalize the 5C sales. Why pay 100 dollars for a color case? Then again, a number of people paid the "black tax" for their macbook a number of years back.
I wonder what this will do to the resale value of iPhone 5 64G Verizon. I'd upgrade from 5 -> 5S if it net cost were <$300, but it appears Priceonomics says it is $320-$450, and a new iPhone 5S 64G is $849.
Verizon iPhone 5 64GB black is listed as $370 on NextWorth so that's a maybe. I've had luck in past years of reducing my upgrade costs to under $100, but AT&T is being less generous on the contract period this time around (or it didn't line up as well as in the past).
Yeah, I'll probably just list my 5 "high" on Amazon, and buy a 5S IFF it sells, or just pay the Apple tax for the year. I'm not sure how Verizon works with upgrades when you have multiple devices on an account (phone, 3 iPads, 2 Mifi); could I just upgrade one of the iPads I brought to an iPhone 5S and shuffle things around?
I am not the person to ask about Verizon. I'm with AT&T because of my unlimited data plan and their excellent coverage in this area. That said, I'm considering something similar for upgrading to the 5S, NextWorth was just a place to look at prices to gauge what I should try and sell it for. I also only have the one data plan on AT&T, never got one for my iPad (wifi only).
Could it also be a supply-chain move? Using the 4S means different screen and other internals. Easier to source without risking shortages of 5C/5S components.
It's because they always have the two-generations-old model as the "free" one. It's been that way for years now. Current generation starts at $200, N-1 starts at $100, and N-2 is "free". The 5 is now N-1 and would have been the $100 model, but for whatever reason, they've decided that the 5C will take its place.
I wonder what they'll do next year. Reactivate a discontinued iPhone 5? Or maybe they keep the smaller form factor around but then they'd have to maintain three iPhone lines.
edit: Thinking about it, an iPhone 5C 8GB seems like the most likely candidate.
Yeah, but Nokia did it with phones first, so Apple should respect that. The same way Apple claims all sorts of things were unique and patentable because they did them on a phone touchscreen and not a PDA touchscreen (which is so TOTALLY different).
Apple has been doing colorful consumer devices for over a decade... iMacs come to mind... they do the modus operandi and they are suddenly copy someone? you have some serious tunnel vision.
You missed the obvious sarcasm in the post. Apple did colorful things before Nokia's phones, but Nokia did multi-colored phones before Apple did. And, using Apple's logic that just because it's a phone makes it different (see multiple iPhone patents that folks like Palm and Microsoft did first on PDAs and similar), that means Nokia was new and innovative and Apple copied.
I can't believe anyone wants a bigger screen. It's a phone, not a computer. I use it to quickly check email/web pages on the go, not write an essay. A bigger screen just means it ties up more room in my pocket.
The only real use for a bigger screen is that using the internet is considerably more usable. The easiest way to see this is to compare the internet on an iPhone vs iPad - even though you have exactly the same inputs (assuming you don't use a stylus), the iPad is orders of magnitude easier to browse the web on. There is a similar effect (though obviously lesser) to interacting with web pages on a 5" screen vs a 4" one - much more so than the extra inch would suggest.
Of course, but if I want to do more than passing browsing then I would want to do it on a device other than my phone. My phone's net connection is for finding out quick info, like transport schedules or the current score in a sports match. It's not for doing extended browsing. Hence to me, a bigger screen is detrimental.
You'd want to do extended browsing on another device precisely because the iPhone is too small. Your mind is stuck in "faster horses" land and you can't imagine what use you could get out of a better phone :-)
Disagree completely. My mind isn't stuck in 'faster horses' land. I just live in a winding medieval city full of laneways too narrow for a car.
(That is to say, my use case is such that I want a small device, and that is more important to me than the ability to have a big screen - it'd be useless to me because I would not want to take it with me, destroying the 'mobile' in mobile phone.)
I disagree. The iPhone 4 had (and still has) the perfect dimension of any phones for holding in to adult average human hand and carrying it around in average sized pant pockets or strapping it on arms while jogging/hiking. The iPhone 5 ruined it a bit in trying to copy competition and not knowing that it actually had it better. I see people using large android brick sized phones all the time uncomfortably carrying it around in their relatively tiny hands and unable to hold anything else even when they are not using it because it's too big to put in pocket. I know Jobs had obsessed over iPhone dimensions a lot and arrived at the best compromise for a device you can actually live with without being felt lugging it around.
By that logic, Apple should have never published the iPad because it is too big to hold in a human hand. Carrying bigger phones in a pocket isn't really an issue either.
I agree that Apple is missing out by only making 4" screens on the iPhone 5s/5c. If they really want to keep the 4" screen, they need to add another phone with a bigger screen, ie., 4.7" screen.
The M7 chip's an interesting nod to quantified self'ers. I'm certainly sick of the battery drain caused by running Moves, or one of the many Google Latitude clients, over time.
First of all, this is not a constructive comment. Second, they explicitly said that the fingerprint never leaves the phone (and believe me, people will be looking to verify. It would be a huge boon to a persons career to be the person that caught apple in that lie).
How are you going to check? iOS is closed-source. You cannot monitor the traffic 24/7 over the whole lifetime of the device. Maybe the fingerprint delivery can be ordered remotely.
It's a phone... If you are concerned that your fingerprints MIGHT be uploaded you need to consider just not using a smartphone. AKA "a voluntary spy device".
It's quite odd. Here's a device that can listen to everything you say all day long, that can read all of your e-mail, take pictures of you and your surroundings, sniff all of your passwords, etc. etc. etc., but people are freaking out because it might be stealing your fingerprints, which you leave thousands of on various public surfaces every day anyway? I just don't get it.
I'd like to know whether they're going to use the fingerprint sensor for unlocking the keychain as well. If yes, we could also take advantage of it in app development, no?
It's just like with passcode: you app never has "passcode API", but your keychain items are unlocked when user enters passcode according to the policy you have chosen. Why it should be different when fingerprint is used instead of a passcode?
Why does everyone keep going on about NFC? It's been on Android for years and it's never been used in any meaningful way. I don't see Apple introducing some new hardware component just for the sake of adding it. They'll introduce something when they have a really solid use for it, which is something that Google seems to have never really had with NFC.
What I meant is, if NFC is the best way to replace credit cards then Apple would want to be in on making that happen, they wouldn't just put the hardware on their devices and leave someone else to implement it. Something like NFC has just been basically a bullet point on Android phones' feature lists, but that's not really Apple's style. They're going to build something to use it on day 1 or they're not going to include it in their device.
Maybe they're working on payment stuff, maybe they're not.. but since it's obviously not ready I'm not the least bit surprised that we don't see NFC on Apple devices.
At one point of the keynote NTT Docomo was specially mentionned. They pioneered mobile NFC in Japan, where it's actually useful, as in you can forget your wallet at home and you might not notice as long as you have your phone.
They introduced emoji almost only for the japanese market at first, they could have done the same for NFC as well, that would have been great.
Being able to use your phone as a credit card is a pretty big deal.
NFC readers are normal for many point of sale terminals now and I would love to not have to get out a credit card to pay for something.
One of the Lumia phones was supposed to be able to do this, but it didn't work in the US or something because it required some weird encrypted SIM card.
It's chicken and egg problem - the vendors won't offer services until a majority of phones will have the [rather cheap] NFC hardware; so this Apple decision effectively means a significant global delay until such wireless services will be available to me and everyone else.
Very disappointing that they couldn't get the 5C closer to the rumored $399 or $450 off-contract prices... $549 is very steep for 1-year old technology wrapped in a $2 plastic case. I'd sell my AAPL stock today (if I had any left) before Wall Street crunches their numbers.
IMHO, Apple's claim doesn't matter at all. If the NSA wants to get inside your iPhone and add some code, it will find some way to do so - either with the help of Apple, through a backdoor or a recent vulnerability.
And once it's inside, the NSA is free to install a code snippet that uploads your fingerprint directly to their server.
The Touch ID is really exciting for accessibility as it enables visually impaired users to access their phone without having to fiddle around with a lock screen, which may reveal their password to those around them.
We just moved to an new office in august, and been waiting with buying displays hoping they'll be updated to the new formfactor of iMacs. too bad ... ;( really disappointed.
If I'm using my fingerprint to protect something, it must be way more valuable than the fingerprint itself. It's like using a key made of gold to protect a box full of rocks.
I think he meant ColorSync[1] or ICC support for color management. An image that uses a color space other than sRGB (like Adobe RGB or CMYK) will look different on iOS than it does on OS X.
Apparently, iOS 4 did add ICC support in CoreGraphics for apps to use [2] but it seems to me that Apple’s apps don’t take advantage of it.
Calibrating the screen and supporting embedded profiles in images are two different things.
It would be nice if images with embedded profiles rendered correctly to the screen, e.g. with Safari on iPhone, using a canned profile that assumes that Apple has correctly profiled the mean iPhone display and that the variance between particular screens isn't too high. From what I can tell the iPhone doesn't do color management at all and the display resembles sRGB enough to call it good enough for a consumer device.
On the other hand I'd assume that the number of people who would want to use an external colorimeter and make a profile for their particular iPhone was not a market big enough for anyone (let alone Apple) to bother with, and since the iPhone has no mechanism to actually use that profile, it's pointless except for the purpose of converting images to iPhone in a desktop app, but in that case why would you care about your particular iPhone?
Personally, I think I'd rather stay with my passcode.
Did you btw know that you can turn off "simple passcode" and then use a purely numeric longer passcode? In that case the iPhone will still show the big easy-to-hit numeric keyboard allowing you to type in the arbitrary length numeric code.
Yes. It's not as safe as a long alphanumeric password, but this gets annoying SO quickly, I'd rather type in my 8 digits.