I can kind of get why "Windows Hello" camera-based face id isn't exactly great but do you also think the same of Apple's "actually modeling your face" style? Because I was really apprehensive about it compared to a fingerprint reader but I've pretty much flipped 180.
There is no way to indicate login consent with biometric authentication; when you are asleep, your finger/face can be used without your consent. Really it should be called biometric identification, not authentication.
While biometrics are imperfect (because you can't change or even hide the key), it's not quite as bad as you make out.
On iOS at least, it gains affirmative consent by you double clicking a button on the side. It also refuses to recognise your face if your eyes are closed.
It’s pretty strict and won’t authenticate if I look too tired, so I think you’d have to be pretty careful about how you tape the unconscious victim’s eyes (a conscious victim would just look away from the screen) to fool it.
And if someone has full physical control over you such that they can open your eyes without consent, do you really care if they can unlock your phone? Your life is in their hands at that point anyway.
You have to assume a persistent attacker with physical access will be able to crack the device regardless.
I'm thinking children or spouses, you may be able to trust them not to murder you in your sleep, but accessing your device while you sleep to be able to play some games or read your texts is something they would probably do.
It only works if you're close, alive, your eyes are both open, and looking right at it. I doubt that degree of specific physical attack is in most people's threat model. It's only backing a 4/6 digit pin for most people anyway. Realistically, it's not the weakest link.
As long as you think face or fingerprint as an username and not as password, they are kinda fine.
You should be able to change your password, so there are not good. They are also public information.
For now, they work as they are still hard to fake, but that might change over time in the future.
I use finger print scanners at home because it's less keystrokes.
But not on my phone. Both because my (trusted) friends sometimes need to borrow a phone, and also for the very rare chance police detain me and try to break into my phone without a warrant.
Legally, you don't have to tell a cop your password, but they can physically force you to use your finger/face to unlock your phone.
Windows Hello is more than just a webcam, the IR spectrum is a lot harder to fake (compared to, say, facial recognition in many Android phones). You'll need a picture taken with an IR camera, programmed into fake webcam hardware, to bypass it. Still far from perfect, but not as trivial to bypass as people seem to think.
That said, the traditional fingerprint readers are more secure and just as easy to use. I don't understand why Apple shifted focus for mobile security onto facial recognition, especially with the development of under-screen fingerprint scanners in smartphones.
John Gruber / Daring Fireball has written several posts about FaceID, including:
> "(Quoting Stratechery) TouchID made it far easier to have effective security for the vast majority of situations, and FaceID makes it invisible. [...] the first time I saw notifications be hidden and then revealed (as in the GIF above) through simply a glance produced the sort of surprise-and-delight that has traditionally characterized Apple’s best products" - https://daringfireball.net/linked/2017/11/08/apple-at-its-be...
> "(Quoting Tom's Guide) I’ve been using Face ID on the iPhone X for more than 24 hours, and I don’t need a stopwatch to tell you that it unlocks my phone slower than when I was using Touch ID on my older iPhone 7 Plus". This is not a “workaround”. This is how you’re supposed to unlock iPhone X. Starting with a tap of the side button is not how you’re supposed to do it — you’re creating a two-step process where you only need one. [...] The best way to use Face ID is to pretend it isn’t even there, and just swipe up from the home indicator." - https://daringfireball.net/linked/2017/11/01/face-id-extra-s...
> "(Quoting Michael Tsai) However, Face ID also has advantages. It works with gloves on, with wet fingers, and with dry/cracked skin. It’s more convenient when the phone is in a dock or car mount where it would be hard to get my hand under it to put my thumb on the sensor." - https://daringfireball.net/linked/2019/03/01/tsai-iphone-se-...
I wear face masks more often than I wear gloves and I sure hope facial recognition doesn't just throw away half my face. Combine that with the fact that in certain Asian countries it was normal long before COVID to wear masks when you're not well and I'm not sure which one makes more business sense.
With under-screen fingerprint scanners, or the power button fingerprint scanners on some phones, that "two step process" turns back into a single step. My unlock process is to put my finger on my screen (where the fingerprint scanner is) and pull it out of my pocket. It's honestly no different from the swipe up that you need to do on iOS. Because the scanner is on the front, it also works pretty flawlessly when it's attached to a mount of some sort.
Wet hands are one place where improvements can be made, but modern fingeprint scanners are doing quite well in that space as well.
I've used Google's facial recognition system for ages before I had a phone with a fingeprint scanner and it was always pretty snappy for me, but I didn't set it up with this phone and I haven't missed it so far.
Most analyzing of face ID feature happened when it first came out before covid, so a lot of security claims are probably not fully accurate anymore (or at least are deserving of a re-evaluation)
I have little basis for this assumption, but I imagine apple would compromise a bit of security to keep the feature people payed for working and just chop off half the face.
Now what you really want to be doing is printing QR code masks to make up for the missing half of the face! /s
The problem is companies acting like masks are an aberration: if you work in construction, or around your house, then there's plenty of moments you're not wearing gloves but can't or shouldn't take a respirator off (or it's far more involved then taking off a glove).
Face ID has been upgraded since 2019 and is now a lot faster than the initial iteration. Some people may argue Touch ID will always be faster, but I think actively looking at the phone is quicker than trying to put your finger in the right spot
> You'll need a picture taken with an IR camera, programmed into fake webcam hardware, to bypass it
This is absolutely wrong. I've bypassed it with only a picture (off of a phone, no less). It is bad technology (for securing sensitive information). In terms of convenience of course, it is unmatched.
I've found the convenience to be quite easily surpassed by not ever locking my machines, at virtually no cost to security compared to biometric authentication :)
That's a pretty solid point, though if you only want to secure against a random hobo that doesn't know you at all (and indeed has never seen you) then face locking is okay.
If you're leaving your laptop unattended in a place where random strangers have access to it, the likely outcome is that the machine will be stolen. I'm struggling to come up with a threat model that makes sense for biometrics.
I'm not sure what sort of office you work at, but unfortunately all of the ones I've ever been in do indeed have random strangers in them (not employed by the company). Generally you can trust them not to steal laptops, but you are still not supposed to be sprinkling your possibly internal-only communications around. This threat model is well-served by biometrics, though really why you wouldn't just use a password I don't really know. As you say it works against a more robust attack and there are ways of generating them that are (relatively) easily memorisable using mnemonics.
I've never worn a glove that feels comfortable using a touchscreen in.
Even medical latex-type gloves make keyboard typing near impossible for me (granted that might be because I'm right between sm and md size gloves so I have to wear slightly baggy mediums...)
I can kind of get why "Windows Hello" camera-based face id isn't exactly great but do you also think the same of Apple's "actually modeling your face" style? Because I was really apprehensive about it compared to a fingerprint reader but I've pretty much flipped 180.