Wednesday, September 13, 2017

iPhone X Form Factor and Security [u]

Perhaps. One solution is to turn off
the phone at LEO encounters
Over the past two days, a surprising number of friends and colleagues have asked for my opinion on the iPhone X. This new smartphone seems to have received a lot of attention.

While I love the new features, I'm concerned about the form factor. Initially, it seemed to be as big as the iPhone 6/7 Plus models, which is too big for me. (I've been using the iPhone 6 & 7.) 

It turns out I was wrong about the size. Compared to the iPhone 7, the iPhone X is about about one tenth of an inch higher and about 0.15" wider. So, it's slightly bigger than the iPhone 7. And, compared to the iPhone 7 Plus, the iPhone X is about half an inch shorter and quarter of inch narrower, making the X significantly smaller than the 7+. The beauty of the iPhone X is that the screen is more than a quarter of an inch larger than the screen on the iPhone Plus models (6, 7, and 8). That's a bigger screen on a smaller phone due to the X's edge-to-edge design.

So, the bottom line is I'm considering getting the iPhone X. 


Face ID

Instead of using Touch ID's fingerprint recognition feature for authentication, the iPhone X uses Face ID, which recognizes a person the same way humans do, by their face. Apple claims that Face ID is 20x more accurate than Touch ID, which is great. But, some people have raised alarms that law enforcement officers (LEOs) could take you into custody and simply unlock your phone by pointing the screen at your face. Could that really happen? Perhaps. But, I've seen alarmist headlines before ("Apple Crosses The Line With New iPhone Feature"). One way to protect against this is to simply not enable this feature for people who are deeply concerned. Another option, if Face ID is turned on, would be to simply turn off your phone before a LEO encounter (i.e. crossing international borders, etc). 

Each time the iPhone is turned on, the secure enclave, which processes your Touch ID or Face ID credentials, remains inactive until a person manually enters their PIN to decrypt this information. It appears, during Craig Federighi's demonstration of Face ID, that his demo phone had been restarted but not unlocked with the PIN, prior to his demo. This prevented Face ID from working. While that's the correct technical behavior, it happened at the wrong time – but he seemed to recover well during the demo.

Update: Apple's Craig Federighi details Face ID and how to quickly disable it.

No comments: