Comment by Direc
Thanks you for sharing that information. I really appreciate the openness of the company and the level of detail we are able to get! I have had a really bad time with my fingerprint reader, and...
View ArticleComment by spiiroin
Currently in rootfs, under /var/lib/sailfish-fpd/templates directory. Details might vary between device types, but generally with as tight access limits as android hal allows/requires. Also, once file...
View ArticleComment by Direc
Thank you for explanation! What partition the data is stored on? How does one check if the partition is full? Some Android users have had issues with that said partition being full... Or perhaps just...
View ArticleAnswer by spiiroin for Saving your fingerprint to a networked mobile device...
Fingerprint handling in Sailfish OS is roughly put: Leverage already existing Android fingerprint HAL via libhybris. This should then match the requirements set for Android devices as applicable for...
View ArticleComment by MartinK
Yeah, I would expect they store some data that can be used to verify the presented fingerprint is yours, which could be something like a few randomly selected key points on your finger or something...
View ArticleComment by ExPLIT
I'm pretty sure, it works this way, like @naytsyrhc say. I use Fingerprint on my Lenovo ThinkPad Notebook under Debian, and fprintd works the same way.
View ArticleComment by johanh
Your idea is good and it sounds great if implemented this way, but speculation is not a real answer on the question.
View ArticleAnswer by naytsyrhc for Saving your fingerprint to a networked mobile device...
My answer is: no it doesn't necessarily have to. I really don't know how it is done. But if I would implement it, I would create some sort of key from the scanned fingerprint and would use a one-way...
View ArticleComment by pisarz1958
It's stored in the cloud in US, on the same server where classified docs about vaccination conspiracy are.
View ArticleComment by nthn
@pisarz1958: look at ANY of the NSA documents released since 2013, there are more than enough. Have you ever even heard of the term 'dragnet surveillance'? Or, regarding @bocephus' statement, ever...
View ArticleComment by pisarz1958
Guess you guys completely missed out on San Bernardino terrorist case and the whole "pretty plz add backdoors to your crypto" drama in the US. You can catch up here:...
View ArticleComment by nthn
@pisarz1958: I don't understand why you're trying to suggest anyone who's hesitant of giving up all of their private information, no questions asked, to big corporations and shady government agents is...
View ArticleComment by johanh
@utkiek Partly agree. A fingerprint falls under the GDPR regulation of private data and requires consent to collect. It is not in any way public data (by definition of law), even though people leave...
View ArticleComment by pisarz1958
Isn't fingerprint sensor on phones implemented the same way as on PC? Which means, data is being stored securely in sensor itself, with verification happening on the sensor itself, with OS knowing only...
View ArticleComment by Kim
I would expect it to be stored locally (on the phone), as the fp lock must function even when there are no network/coverage. Where it is stored on the phone is another question, but it probably is in a...
View ArticleComment by johanh
If nobody can answer that, it sounds like a possible violation against GDPR.
View ArticleComment by utkiek
@johanh a fingerprint is alway stored. at least once! :-)) The use of biometric id's is a dangerous game. You can't chance a biometric id if leaked. And a fingerprint is a public biometric id. If I...
View ArticleComment by bocephus
Asking how fingerprints are stored on the device is not "tinfoil hat lifestyle". And this thread *is* research, whereby I ask of Jolla the relevant information. You clearly have nothing of importance...
View ArticleComment by johanh
@utkiek Could you explain why forgetting anything has to do with where fingerprints are possibly stored? I can't see the connection.
View ArticleComment by bocephus
@Kim Of locally, hence my mentioning physical access. I would *expect* the same of Jolla, but I'm not going to leave my security up to unproven expectations.
View ArticleComment by r0kk3rz
The implementation here is going to be hooked into the android hal, so i'm not sure even jolla can answer this question...
View ArticleComment by utkiek
In worst case you can "forget" your password. But forgetting a fingerprint??
View ArticleComment by johanh
@pisarz1958 Your comment is not relevant and not helpful. I think it is a very good question and would like to know how and where it is stored. I don't know the truth of the statement that "Google and...
View ArticleComment by bocephus
@pisarz1958 Spoken like a true Android sheep. Why are you using Sailfish? @johanh Of course I can't judge the validity of my (tongue-in-cheek) claim, but I'd honestly be more surprised if Google...
View ArticleSaving your fingerprint to a networked mobile device has to be a bad idea
Of course Android users don't care, but you just know that as soon as they have scanned their fingerprint with their device, Google *and* NSA will have it in their databases within 5 minutes. How does...
View Article
