>Out of curiosity, in what way do you feel TouchID makes your phone more secure than just a password? Someone could steal a glass you've touched along with your phone and unlock it with a bit of effort.
Well, quite a lot more effort.
I don't want my data/photos/etc to fell pray to a phone thief -- or a guy that finds the phone after I dropped in a cafe. And Touch ID does that fine.
The "fingerprint on glass" scenario you mention concerns dedicated people targeting my data especially -- which is not something I realistically care about. If such people were after my data, they could also use a crowbar and beat me till I tell them my secrets...
>but a would-be thief is more probably far more concerned with selling the hardware than ransoming your data.
Yes, and I am more concerned about my data than about the hardware -- after all at that point it is already in the thief's hands.
It's actually less effort, though. It's basically impossible at this point to brute force an iPhone password, and even if you use TouchID a thief could theoretically still try and break in using the backup numeric password. Also it's been shown that depending on how you use your phone, usable fingerprints can be lifted right off the screen (you touch it all the time after all), so someone who is after your data doesn't even need a separate fingerprint source. To me, TouchID is a convenience feature, not a security one.
Where has that been demo'd using anything like a realistic scenario? Every iPhone since the 3GS had oleophobic glass - combine with cloth pockets and any fingerprints are not going to be high-quality enough to survive for long.
TouchID isn't to make you a better international spy, but rather to deal with realistic threats.
The average person is much more likely to have their password stolen by somebody watching them enter it over and over every time they look at their phone than somebody who is going to go through the trouble to replicate fingerprints.
Completely agree. My point was that if you get your phone stolen, it's pretty much guaranteed to be a random thief who just picked it up and doesn't care about your data, so the security method makes no difference. If you actually want true security, though, TouchID is no better than (and arguably worse than) a passcode against someone who is actually after your data.
Well, quite a lot more effort.
I don't want my data/photos/etc to fell pray to a phone thief -- or a guy that finds the phone after I dropped in a cafe. And Touch ID does that fine.
The "fingerprint on glass" scenario you mention concerns dedicated people targeting my data especially -- which is not something I realistically care about. If such people were after my data, they could also use a crowbar and beat me till I tell them my secrets...
>but a would-be thief is more probably far more concerned with selling the hardware than ransoming your data.
Yes, and I am more concerned about my data than about the hardware -- after all at that point it is already in the thief's hands.