In addition to Private Space, Android at I/O 2024 is really working to boost the mobile operating system’s theft, security, and privacy protections.

  • Markaos@lemmy.one
    link
    fedilink
    English
    arrow-up
    16
    arrow-down
    2
    ·
    6 months ago

    If a thief knows your PIN (by watching an earlier unlock), Android is now requiring “biometrics for accessing and changing critical Google account and device settings, like changing your PIN, disabling theft protection or accessing Passkeys, from an untrusted location.”

    Sounds great for Pixel 6 series with their reportedly highly reliable fingerprint sensors /s

    Honestly, I’m not sure what to think about this - extra protection against unauthorized access is good, but requiring biometric verification with no apparent alternative irks me the wrong way.

    Maybe that’s just because of my experiences with Nokia 5.3 and its awful rear fingerprint sensor with like 10% success rate. But then again, there will eventually be phones with crappy sensors running Android 15.

    • 9point6@lemmy.world
      link
      fedilink
      English
      arrow-up
      13
      ·
      6 months ago

      I think even the worst sensors in new phones today are only as bad as the best ones a few years ago now, fwiw.

      High quality fingerprint scanners are almost a commodity part at this point

      • Markaos@lemmy.one
        link
        fedilink
        English
        arrow-up
        5
        ·
        6 months ago

        I had a similar opinion when I was buying that phone - pretty much every phone had a fingerprint scanner and people generally didn’t complain about them, so decent scanners should have been mass produced and cheap - but HMD/Nokia managed to make me reconsider that opinion.

        For context, Nokia 5.3 is a 3 or 4 years old model, so it definitely doesn’t disprove your statement, but I remain sceptical.

    • lemming741@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      6 months ago

      The P6 fingerprint reader was dog shit wrapped in cat shit. I cannot believe they shipped that turd.

      • henfredemars@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        6 months ago

        This is not how the OS is designed. The biometric data never leaves your phone. In fact, it’s kept in a security coprocessor that doesn’t have access to the network.

        This is not easy to bypass. Typically, that fingerprint sensor is connected directly to that security processor and not to the main. This is a design decision to prevent stealing your fingerprint. Even on a completely compromised Android system, your fingerprint data is not accessible because android never had access to your fingerprints in the first place.

    • voxel@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      6 months ago

      idk my a52s’s underscreen sensor is pretty reliable.
      it never failed on me, except when i was holding my finger in the wrong place (like only half of the finger on the sensor etc, and even then it allows for a surprising amount of leeway (like i was able to unlock it with 60% of my finger being off-sensor a couple of times), sometimes just requiring your to hold a finger for a bit longer)