Trevor Stinson

talk to me on twitter / subscribe via email or rss

TidBITS: Q&A about Fingerprint Scanning

TidBITS has a good overview of fingerprint security in light of the new sensor on the iPhone 5s. The two quotes below provide answers to what I consider to be the most important questions. Read the full article for more detail on how fingerprint scanners work, and what to expect from the one on the iPhone.

On the possibility of your fingerprint being stolen:

The template is then stored in a database, ideally after being run through a cryptographic hashing function, just like your passwords. Passwords themselves are never stored in databases; instead they are converted by a one-way encryption algorithm, with the result being stored in the database. Done properly, this means your password can never be recovered, even if a bad guy gets the database.

Apple made it a point to note that your fingerprint will never be uploaded into iCloud or any Internet server. Instead, it will be encrypted and stored in what’s called the Secure Enclave within the A7 chip itself.

On whether or not fingerprints are actually more secure than passwords:

…using fingerprints creates better security through improved usability. Most people, if they use a passcode at all, stick with a simple four-digit passcode, which is easy for an attacker to circumvent with physical possession of your iPhone. Longer passphrases, like the obscure 16-character one I use, are far more secure, but a real pain to enter repeatedly. A fingerprint reader, if properly implemented, provides the security of a long passphrase, with more convenience than even a short passcode.


A Journalist-Agitator Facing Prison Over a Link

From the New York Times:

“But it is important to remember that the majority of the 105 years he faces are the result of linking to a file. He did not and has not hacked anything, and the link he posted has been posted by many, many other news organizations.”

Hmm.


Reflecting on Apple's colors

It is widely reported that Apple will be introducing colorful iPhones tomorrow. I don’t know if this is true or not, but it seems likely. Apart from alleged leaked parts and widespread rumors, this seems historically inevitable. Most people today probably think of white, black, and silver when they think of Apple products, but the idea that Apple doesn’t do colorful products couldn’t be further from the truth.

VintageZen has already published a great rundown of Apple’s history with color, so I’m not going to try to be comprehensive here. I just want to touch on a few highlights.

Bondi Blue

One of the first products Steve Jobs introduced after returning to Apple was the iMac G3. That original iMac debuted in Bondi Blue and is credited with saving the company. The iMac was soon available in five colors.

Anodized iPods

Perhaps the best-known colorful Apple products are from the iPod line. The white iPod was already iconic, but sales really took off when Apple introduced the cheaper iPod mini that was available in a variety of colors. It’ll be interesting to see if cheaper, colorful iPhones have a similar impact. I’d like to say yes, but even a cheap phone is still expensive if purchased unlocked without a contract—and if it’s obtained for “free,” then the contract itself is expensive. (If a phone is genuinely cheap all around, then there’s a good chance it’s not worth buying.)

The colorful iPods (mini, nano, and shuffle) have all been anodized aluminum as far as I’m aware. This same process is also used on Apple’s less-colorful products.

Gold is a cultural thing

In addition to the rumors of colorful cheap iPhones, it is also expected that Apple will release a gold (or “champagne”) iPhone, presumably as a variant of the highest-end flagship model. I’ve heard a lot of Americans mocking the idea of a gold iPhone, and that doesn’t surprise me. I think it would be great if the gold iPhone is only made available in specific markets where gold is a better cultural fit. A China-only gold iPhone would be a good way for Apple to communicate to Chinese customers that their market is not an afterthought.


Stanley Hauerwas: What Makes America So Prone to Intervention?

Stanley Hauerwas on the role of war in American society:

…war serves as the great liturgical event for Americans, where we sacrifice the youth of the present generation to show that the sacrifices of the youth of the past generations were worthy. So war becomes the great ritual moral renewal of the American society.

And on humanitarian interventionism:

I suppose in realist terms, you’d say that the US is a status quo power. It wants to keep conflicts under control because as a status quo power, any conflict has the possibility of weakening our power. But that’s not humanitarian intervention. That’s just straight self-interested international behavior. And it seems to me you can say a lot in favor of that more realist view, which I think would lead you probably to not intervene, rather than to intervene.


Upcoming worship album: The Rock Won't Move (Vertical Church Band)

Vertical Church Band (the worship team at Harvest Bible Chapel near Chicago) is releasing their second album on October 29. We’ll probably be singing a lot of these songs in the months ahead at Harvest Bible Chapel St. Louis. Check out the trailer below for a preview. Sounds promising.


How our worship team makes vocal rehearsals work

Last week I explained why our worship team does vocal rehearsals and how that has been helpful to us. This raised a few questions, so now I’m going to give the “how” as well.

Do the planning before rehearsal

First, one point that applies regardless of whether or not you’re doing a separate vocal rehearsal: it is essential to have a complete plan before the team arrives for rehearsal. This means knowing what order you’ll use for each song, who will start each song, how transitions will flow, and what the dynamics will be throughout the service. Make sure the plan is written down and distributed to the team. A worship leader can try to get by without this preparation, but it will be discouraging to both yourself and the team, the results won’t be as good, and it will ultimately be more work than it would have been to prepare in advance.

Don’t think that having all of this planning done ahead of time will make things too rigid. Lack of preparation does not lead to increased creativity. Rather, it means you’ll be scrambling just to make things work. Flexibility and creativity are increased when there’s a solid plan in place as a framework.

Designate a vocal team leader

Now for the specifics of running a vocal rehearsal. The first question to answer is who will lead the vocal rehearsal. If you (the worship leader) are both singing and leading the band, then you’ll need to either have vocal rehearsals at a completely different time (probably before the band rehearsal), or identify a person who can act as vocal team leader while you’re working with the band.

Whether it’s you or someone else, the vocal team leader needs to understand harmony, be capable of developing a vocal plan for the service, and know how to coach vocalists. Don’t expect to just throw a few singers together and see good results. It’ll sometimes work, but it’s not viable long term, and it probably won’t lead to growth as a team.

If the worship leader and the band leader are the same person…

As the worship director at our church, I lead the band all the time, I sing all the time, and I act as worship leader about half the time. We’ve chosen to conduct our rehearsals as one hour of split vocal/band time, and then a second hour with everyone together. This means that I’m with the band the whole time, even when I’m the primary worship leader for the week.

On the weeks where I’m the primary worship leader, we have a designated vocal team leader (and she does a great job). On the weeks when someone else is the primary worship leader, then they run the vocal rehearsal themselves. Either way, I stay with the band. This means it’s important that the vocal team leader knows how to play an instrument for the vocal rehearsals. We also have pitch-shifted recordings of all the songs on Planning Center so that the vocal team can sing along with the melody even though I can’t be in two places at once.

Remember, we still bring everyone together for the second hour of rehearsal. So we do get the chance to all sing together—I just can’t be with them for the first hour. This isn’t too much of a setback if I’m singing melody or if the vocal team leader knows what parts I’ll be singing.

In summary, our recipe for vocal rehearsals:

  1. Have the planning done before rehearsal.
  2. Know who will run the two sub-teams (vocal and band).
  3. Decide in advance how to work around the fact that no one can be in two places at once.

Most of this comes down to doing the homework ahead of time. That includes the weekly preparation of service plans, but also the more long-term work of identifying leaders who will help you build up the team.


The line even Hitler didn't cross

There was a real fear, particularly as air technology got better [after World War I], that there’d be massive chemical attacks on cities. They were really the first weapon of mass destruction but they’ve never quite lived up to that destructive capacity. Nuclear and biological weapons today have much more massive destructive capacity.

Good interview about the history of chemical weapons and the politics surrounding them.


Power outages caused by squirrels

Power outages caused by squirrels are a new hobby of mine. It started in April, after I read about a squirrel that electrocuted itself on a power line in Tampa, Fla., cutting electricity to 700 customers and delaying statewide achievement tests at three nearby schools. I was curious, just enough to set up a Google news alert: squirrel power. But as the summer progressed, and the local news reports of power outages caused by squirrels piled up in my in-box, my interest in power outages caused by squirrels became more obsessive and profound.

Apparently power outages caused by squirrels are not exactly a rarity. Mr. Mooallem shows us how common these interruptions are, and also how ironic it is that we consider them to be unnatural.

“I just didn’t think a squirrel could make the lights go out. They’re just tiny little things.” A century ago, a shrewd squirrel might have been equally skeptical about our ability to make so many lights go on, watching a few little humans raise the first wooden pole.


More Encryption Is Not the Solution

The only surefire way to gain back our privacy is also the least likely: the citizens of all nation- states must empower politicians who will defund and dismantle the espionage machinery and instead rely on international cooperation to expose and prevent terrorist activity.

There will also always be a role for encryption, for human-rights activists, diplomats, spies, and other “professionals.” But for Mr. and Mrs. Smith, the solution can only come from politics that respect a basic human right to privacy—an encryption arms race will not work.

It’s depressing to think that we need to rely on politicians to solve this issue, but this article hits the nail on the head in identifying cryptography’s main weakness: Nations have police forces and intelligence agencies, and they can shape their legal systems to fit the needs of those in power. Regardless of how well a person encrypts their information and their communications, a nation-state will still have the ability to use force on anyone who gives them trouble.

Regardless of how patriotic you may be about your own country, I’d bet that you’re willing to acknowledge that bad nation-states do exist. Cryptography is essential to those living in such states, but the best-case scenario is to make sure nation-states don’t get into such a condition to begin with. For those not currently under oppressive regimes, this means electing people who won’t set up the infrastructure to allow such abuses—or pressuring those in power to tear down rogue systems that have already been built.


☜ Previous Page Next Page ☞