My larger point was about all of the data, not biometrics specifically. Great, y... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		cronix on Jan 15, 2019 \| parent \| context \| favorite \| on: DuckDuckGo will use Apple Maps My larger point was about all of the data, not biometrics specifically. Great, your fingerprint never left the device. Everything else does, which is probably way more personal data than just a fingerprint. Your fingerprint really does me no good unless I want to try to frame you for a crime, or want to get into your specific device or other thing that requires biometrics (maybe your work). Your data, I can make use of a lot of if I were criminally inclined. Your credit card numbers, your ssn, your investment accounts, your pics for making false ID's, passwords, or any other data that has ever flowed from your device. You'd have to be pretty sophisticated to be able to make use of someones fingerprints, while basically anyone could use your credit card number. Which is more valuable and larger vector for exploit?

mlindner on Jan 16, 2019 [–]

None of the data you describe ever leaves the device unless you opt in to syncing it to iCloud (which is not on by default). The FaceID/Fingerprint never leaves the device and if you don't enable iCloud syncing of the other data off the device the data is unreachable with keys kept on the device.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact