> faulty fingerprint sensor
The fingerprint sensor does not make access control decisions, so the fault would have to be somewhere else (e.g. the software code branch structure that decides what to do with the response from the secure enclave).
> faulty fingerprint sensor
The fingerprint sensor does not make access control decisions, so the fault would have to be somewhere else (e.g. the software code branch structure that decides what to do with the response from the secure enclave).
If you're interested in this in more detail, check this out:
https://blackwinghq.com/blog/posts/a-touch-of-pwn-part-i/
This is a great read, but note that it's specific to Windows and Dell/Lenovo/Microsoft.
Apple does it different(ly), and I'd argue more securely. Being able to specify the full chain of hardware, firmware, and software always has its advantages.
Apple's fingerprint readers do not perform authentication locally -- instead the data read from the sensor (or derivatives thereof) is compared to a reference which is stored in the secure enclave in the Apple silicon (Ax Tx or Mx) of the Mac or iOS device itself.