1. 2

    I’ll be there!

    1. 5

      It’s not clear to me why the fingerprint sensor is anything other than a sensor. The worst thing a faulty sensor could do is lie about what fingerprint is being presented, which is trivial to do anyway because spoofing fingerprints is incredibly easy. Why does the sensor have “access” to the “secure enclave” such that it’s necessary to key them to each other? That makes no sense.

      1. 2

        IANATIDE, but my guess is this is the same reason we don’t send passwords in plaintext over the wire. If it’s just a plain sensor, it’d be trivial to build and install a replacement to intercept the signal, and either replay it later to gain access or create a replica fingerprint that conforms to said signal. Think of unique TouchID sensor and whatever it is in the TouchID stack that pairs with it to be a unique pairing with their own shared encryption key. Again, this is all conjecture, but makes sense to me.

        1. 1

          That, and part of Apple’s privacy story is that your fingerprint data is “entangled”(their words) with a per-device key in such a way that your fingerprint can’t possibly leak.

          In that sense having a paired sensor & secure enclave does seem a sensible design.