From a security standpoint, the most interesting addition to the Apple’s iPhone 5s is its integrated fingerprint scanner, called Touch ID, which enables you to unlock the phone with the touch of a finger, rather than a passcode. You’ll also be able to make purchases from iTunes with a fingerprint scan rather than having to enter your Apple ID password.

But despite the believed uniqueness of fingerprints, using a fingerprint scan as an authentication credential isn’t a panacea for security problems. It’s worth taking a little time to understand the technology, what it can do, and how it will integrate with your digital life.

How does a fingerprint reader work?

Fingerprint recognition technology has been around for decades. It’s a form of authentication, the term used to describe the process of proving you are who you say you are. In this case, the technology scans the provided fingerprint, compares it to a database, and, if there’s a match, allows access just as a password or passcode would. While fingerprint recognition technology can technically identify you as well as authenticate you, most systems still require a username to speed up fingerprint matching and reduce errors. However, since the iPhone stores your Apple ID username, this won’t be an issue for most users.

Fingerprint readers can rely on a variety of scanning technologies. The two that can be best integrated into a mobile device are optical readers and capacitance sensors. Optical readers are conceptually simple, using what is essentially a digital camera to take an image of your finger surface.

Capacitance sensors are more complex, instead creating an image of your fingerprint by measuring the differences in capacitance between the ridges and valleys of your fingerprint. They leverage the electrical conductivity of your sub-dermal skin layer, and the electrical insulation of your dermal layer (the one where your fingerprint is). Your fingerprint is effectively a non-conductive layer between two conductive plates, which is the very definition of a capacitor. The fingerprint reader senses the electrical differences caused by the varied thickness of your dermis, and can reconstruct your fingerprint from those readings.

The Touch ID sensor in the iPhone 5s is a capacitive reader, embedded in the home button. That was a good choice on Apple’s part, since capacitive scanners are more accurate and less prone to smudgy fingers, and can’t be faked out with a photocopy of a fingerprint.

So the reader takes a picture of my finger and looks it up in a database?

Not quite. Comparing complete images is a complex — and computationally intensive — task that even powerful computers struggle with. Instead, the image from the reader is run through an algorithm that pulls highlights from your fingerprint and converts them into a digital summary — a template — that is easier to work with. This template represents your fingerprint, and varies based on the algorithm used.

The template is then stored in a database, ideally after being run through a cryptographic hashing function, just like your passwords. Passwords themselves are never stored; instead they are converted by a one-way encryption algorithm, with the result being stored in the database. Done properly, this means your password can never be recovered, even if a bad guy gets the database.

Although details aren’t yet known, we expect that Apple uses each iPhone’s unique device code as part of the hashing algorithm. Since it’s embedded in the iPhone’s hardware, it’s effectively impossible to attack off the device with more powerful computers; on-device attacks are much slower and more difficult.

When you use your fingerprint to log in to a device, the technology images your fingerprint and runs the image through its algorithm. Then it compares the result with the value stored in the database. If the two match, you are let in just as with a password.

Apple made it a point to note that your fingerprint will never be uploaded to iCloud or any Internet server. Instead, it will be encrypted and stored in what’s called the Secure Enclave within the A7 chip itself.

Is a fingerprint more secure than a password or passcode?

Not necessarily. In the security world, there are three ways to prove that you are who you say you are, with something you know, something you have, and something you are. Something you know is a passcode or password; something you have is a token, key, or even your phone; and something you are is a “biometric identifier,” like your fingerprint.

Using any one of those identifiers is known as single-factor authentication, and it’s considered strong authentication when you combine two or more factors. If you think about it (or watch enough TV), you can easily imagine ways to fool a fingerprint reader, ranging from a photocopy to a fake finger made from gelatin. Every fingerprint reader can be deceived, and doing so doesn’t necessarily require high technology.

Plus, if you have physical access to the database, you can run attacks against it just as though it contained passwords, by generating and testing fake templates. Not all algorithms and hashing functions are equally good, and it is easy to end up with a system that is weaker than the well-known ways we manage passwords.

In short, nothing is perfect, and a fingerprint alone isn’t necessarily more secure than a password. Worse, you can’t change your fingerprint. That’s why super-secure systems usually require a fingerprint and either a password or smart card.

Doesn’t my phone count as a second factor?

Sort of. Many of you may use your phone as a second factor to log in to services like Dropbox. In that scenario, you log in to the site with your username and password, and then Dropbox sends a one-time code to your phone, which it has on file. Since you know your password and have your phone, this counts as two-factor authentication.

Unfortunately, unlocking your phone is different, since the phone itself is the target. Thus, a fingerprint alone is still single-factor authentication, and not really more secure in a strict sense.

However, you are much less likely to loan someone your fingerprint, and while a bad guy might guess your passcode, the odds of someone stealing a copy of your fingerprint in the real world are very low, unless you are a high-risk target.

If it isn’t more secure, why switch to a fingerprint?

Practically speaking, for most consumers, a fingerprint is more secure than a passcode on your iPhone. It’s definitely more secure than a four-digit passcode.

But the real reason is that using fingerprints creates better security through improved usability. Most people, if they use a passcode at all, stick with a simple four-digit passcode, which is easy for an attacker to circumvent with physical possession of your iPhone. Longer passphrases, like the obscure 16-character one I use, are far more secure, but a real pain to enter repeatedly. A fingerprint reader, if properly implemented, provides the security of a long passphrase, with more convenience than even a short passcode.

As I wrote over at Macworld, Apple’s goal is to improve security while making it as invisible as possible.

Does this mean the death of passcodes on my iPhone

Not at all. First of all, iOS isn’t about to get rid of passcode support since only the iPhone 5s will have a fingerprint reader.

Second, as you can see in this image, you will always have the option of inputting a passcode instead of scanning a fingerprint.

Third, while many of us share our iPhones with our spouses and children, Apple officially supports only a single user per device. However, Apple has said that Touch ID will allow you to set up fingerprints for trusted friends and family, so they can easily access your device.

If someone steals my phone, does that mean they have my fingerprint? — Almost certainly not. There’s no reason to keep the fingerprint itself, just the template. And as mentioned previously, your fingerprints are encrypted on the iPhone 5s (we suspect Apple really means “hashed”).

Can someone gain access to my phone with a copy of my fingerprint? — Probably. As I mentioned earlier, unless you combine your fingerprint with another authentication factor, like a passcode, an attacker needs one piece to pretend to be you.

Realistically, almost no one needs to worry about this, although I fully expect there to be a number of articles written about the efforts of amateur spies to make fake fingers. I will also start being more careful when I attend certain hacker conferences, given my prankster friends.

Will I be able to log in to my bank with my fingerprint, instead of a password? — Using your fingerprint to log in to Web sites and apps, like those from your bank, might happen eventually, but not right away. Apple must first open up API support for it, then developers need to integrate it into both their apps and the back-end authentication databases. Apple said that other apps can use the fingerprint reader, but that your stored fingerprint won’t be available to those apps. Thus we suspect initial support will be using Touch ID to access a password stored in the iOS keychain, using API support of some sort.

App makers and cloud services who want direct fingerprint access, if Apple even supports it, will also need to redesign their systems to deal with scenarios like someone’s fingerprint being compromised, or a user who also logs in from a Windows-based computer that has a different fingerprint scanner. They can’t simply switch everyone to Apple-only fingerprint templates. (And as much as having an open standard for generating the templates might sound like a good idea — there’s even an industry organization called the FIDO Alliance to promote such interoperability — who knows if Apple would eventually support it.)

But again, I highly suspect Apple will, at least for a while, mostly rely on securing credentials on the phone using the venerable Keychain, perhaps adding a feature or API support that asserts the fingerprint for that registered user was authenticated.

Also, banks are legally required to use two forms of authentication. That’s why you likely have to enter a PIN when you log in from a different device, or you must do the email confirmation dance when you log in from a new computer. Technically, though, your phone could count as a second factor, and banks could update their systems to combine the fact of having your phone with your fingerprint for access.

Will I be able to use my fingerprint to log in to my work network?

Not right away. Although Apple is adding enterprise-level single sign-on (SSO) support in iOS 7, your work network and applications will still need you to authenticate using your existing username and password. SSO merely means you don’t have to re-enter those credentials for every work system. Over time I expect to see vendors offer tools to allow you onto your work network after you authenticate using your fingerprint on your iPhone, assuming your IT department approves.

Why is this so important?

Apple isn’t the first company to add a fingerprint reader to a phone. I’ve tested laptops with fingerprint readers and seen phones with embedded readers. The real excitement is that Apple will make this technology accessible to many millions of consumers.

Doing so will dramatically improve the security and usability of the iPhone 5s for average users. I hate needing to enter a strong passphrase on a tiny keyboard, especially when I’m walking around. A fingerprint reader will be far more convenient, and essentially eliminate the less secure four-digit passcodes most people use, if they use one at all.

Combine this with the fact that many users now use their phones as a second factor when logging in to a variety of cloud services, and you can see that improving the security of the iPhone 5s could generally improve the security of significant aspects of the Internet. That won’t happen overnight, but improving security at any access point improves security for the entire system.

Once we see usable fingerprint authentication made widely available for consumers, life for the average attacker is going to get a lot harder.

Author Rich Mogull has been working in the security world for 17 or so years, and breaking computers (usually by accident) even longer. After about 10 years in physical security (mostly running large events/concerts), he made the mistake of getting drunk in Silicon Valley and telling someone he “worked in security.” Article reprinted with permission from TidBITS.

With the touch of a button, Apple’s iPhone 5s will change the mobile industry. And Touch ID, the fingerprint reader built into the latest iPhone, just may simplify your life.

Thanks to its insanely simple implementation in the phone’s Home button, Apple has taken the first big step toward making its mobile devices even more central to the daily process of more efficiently managing the security-dependent details of our daily lives.

Delta Airlines announced today that it plans to equip its pilots with Microsoft’s new Surface 2 tablet running Windows 8.1 RT. The company is moving to Microsoft tablets despite the fact that it was the first airline to roll-out iPads to pilots to replace heavy flight bags.

Delta gave 22 pilots iPads back in 2011, but thanks to a deal with Nokia – which is now owned by Microsoft – the company will be a going with an all-Windows approach. The company already gave its 19,000 flight attendants with a company-issued Nokia Lumia 820 Windows handset back in August of this year.

Two days after getting my brand new iPhone 5s, the fingerprint scanner stopped working. I couldn’t believe it. The iPhone wouldn’t recognize my thumb print, no matter how I caressed its button. I tried training the system to recognize my other thumb and my two index fingers. That didn’t work either. The new iPhone’s marquee feature was already a write-off. “Just works,” my ass.

The iPhone’s hottest new feature is as reliable as my cat.

Then the news broke that the Chaos Computer Club in Germany announced that it had “hacked” the sensor with a photo of a fingerprint. At first glance, this story looked really bad. Some German anarchist coders had used a slight of hand to crack a “foolproof” biometrics system with a simple picture? Before the phone flew into our eager hands, everyone imagined that more elaborate methods would be needed to fool Touch ID, like hacking someone’s finger off. But a simple picture? It was the biggest story of the weekend: “Apple’s Touch ID hacked in less than 48 hours.”

But turns out the “hack” — which is more correctly called a “spoof” — was anything but simple. It was a multi-step process that required considerable skill, specialist equipment and almost 30 hours of hard work.

Firstly, a clear, un-smeared fingerprint has to be found. This looks easy on CSI, but is tricky in real life. The fingerprint has to be “lifted” using standard crime scene techniques: cyanoacrylate fumes, fingerprint powder and fingerprint tape. Not stuff you’re likely to have on hand, in other words.

The lifted print is photographed at very high resolution (~2,400 dpi) and cleaned up in software. It’s printed on transparent sheet at 1,200 dpi using a laser printer with the toner settings turned way up, to ensure the maximum amount of toner is deposited. This creates a mold. Liquid latex or wood glue is poured into the mold and carefully peeled off when it has cured. The hacker breathes onto the mold to make it warm and moist and then presses it against the sensor. This method is well-known in the biometrics world and has a long history of fooling many other fingerprint sensors on the market.

So should you be worried? Not at all. On one hand, Touch ID will *not* protect your iPhone against a determined hacker. If a crook has the time and resources to target you, steal your phone, lift your fingerprints and create phonies, the fingerprint sensor will not prevent them from gaining entry.

But the average opportunist who finds your iPhone on the bus? Rest assured, your phone is safe.

As for my non-functioning sensor, I just retrained the system. The problem was my dry, scaly hands. If all journalists have thick skins, mine is really something else. (When my hands get really bad, a steroid cream thins it down and curbs cracking and bleeding.) I’d been using the cream and my hands looked like Heidi Klum’s when I first got the phone. But over the weekend my hands dried out like SpongeBob in Sandy’s dome. By Sunday, the sensor wouldn’t recognize any of my fingers or thumbs. I tried licking them and moisturizing my thumb, to no avail. So I deleted the five finger/thumbprints I’d trained the system on and started again. No problem! Touch ID now works flawlessly.

I just have to keep the moisturizer handy if I want to unlock my digital life.

Several months ago I decided that I needed to change the way I work. Like most bloggers, I spend the majority of the day at my desk. I’m 6’2″ and over the years I’ve developed not-so-great posture by hunching over my computer screen. The back and neck pain eventually got so bad that I realized I needed to change up my workspace.

I’d heard a lot about standing desks, so I decided to look into getting one. After researching, I zeroed in on the NewHeights electric desk. I’ve been using it for the past several months, and now I can never go back.

The iPhone 5s was hard to find this weekend but Apple certainly had no problem with the supply of the iPhone 5c. Early estimates showed the iPhone 5s outselling the 5c by a considerable margin on launch weekend and it’s still outselling its cheaper sibling nearly 3 to 1 a week later according to the newest data from Localytics.

While the new colors, flatness, and gradients of iOS 7 have received most of the attention from consumers, businesses are excited about the potential of the new iBeacons feature, and how it will change the way consumers interact with businesses.

The MLB put the technology on full display yesterday at Citi Field – the place where the Mets play- for a full demonstration of a prototype iBeacon technology. Working closely with Apple since February, the MLB’s developers have re-engineering a beta version of At The Ballpark at that can push coupons, ticket information, promotional offers, stadium information and much more based on where an individual is located at the ballpark.

Readdle has updated its popular Printer Pro app for iPhone, iPad, and iPod touch to introduce a new user interface that better fits iOS 7, as well as a number of new features. The app now promises “desktop class printing options,” such as the ability to print multiple pages on a single sheet of paper.

Apple released iOS 7.0.2 on Thursday, and in its release notes, the company said it had fixed “bugs that could allow someone to bypass the lock screen passcode.” Unfortunately, it seems it didn’t fix all of them, because the update added another lock screen vulnerability of its own, which you can see in the video below.

Strata, a puzzle game by developer Graveck, has been out for a few months now, but I only recently stumbled across it. Like FlowDoku, which I reviewed a couple of weeks ago, it’s a deceptively clever title that uses a couple quick rules to create complex tasks for players to solve.

The rules of Strata are simple: You receive a square grid between 2×2 and 6×6 boxes in size, and you have to place colored ribbons across every row and column. Some boxes have colored squares in them, and the top ribbon on that square must be the same color. That sounds way more complicated than it is, but it makes sense once you’re looking at it.

And you should look at it because it’s really, really pretty.

Virgin Mobile USA has today announced that it will be offering Apple’s new iPhones beginning Tuesday, October 1. Both the iPhone 5s and the colorful iPhone 5c will be available on its prepaid “Beyond Talk” plans, which start at just $35 per month.

Skitch, Evernote’s nifty image editing tool, has this week been given a new design and new features for iOS 7. In addition to a completely redesigned interface, the app now offers announcements for tips and information, new toolbars, and more.

The OS X Finder is an amazing thing, letting you create folder within folder, duplicate files, find your documents, and generally get stuff done. More and more, the Finder features are being integrated across all apps and documents on your Mac.

Case in point is the ability to find the directory path of a document from the document’s title bar, as well as being able to (since Mountain Lion, anyway) rename your documents in the title bar as well. All of this is thanks to the proxy icon, which Apple defines as: “An icon in the title bar of a document window that users can manipulate as if they were manipulating the corresponding file-system object.”

Here’s how to use them on your Mac.

When Apple unveiled the iPhone 5s on September 10th, they invited Epic Games to come on stage to show off Infinity Blade III under the notion that only the iPhone 5s’s 64-bit processor could render the game as it was meant to be seen.

What was so bizarre about that was when the game shipped on September 18th alongside iOS 7, it didn’t make use of the 64-bit A7 processor at all. It was a week later when the game was first updated to support the iPhone 5s. Now it’s gotten another support to further take advantage of the A7 processor.

What’s better than HD? Super HD! And it’s coming to Netflix on your Apple TV and iOS device.

So let’s say for a second that Apple doesn’t ship a Retina iPad mini this year… but still decides to release a low-res iPad mini 2. How would they update it without a Retina Display?

Touch ID, son. 64-bit support. And, of course, by spraying it gold.

Will it go Retina or won’t it?

That’s the big question everyone has been asking about the upcoming iPad mini 2. We’ve heard conflicting reports, such as that it will only be available in 2014 instead of October of this year, when the iPad 5 is expected to show up. Other sources — like KGI Securities analyst Ming-Chi Kuo — say that it will be out before Christmas.

A new report might dash the hopes of anyone expecting a Retina iPad mini this year, though. Instead, they say it’s coming next year.

Google+ already lets you upload RAW photos to the service, but now the rendered JPGs from those RAW files are going to look a lot better. Working with the boffins at NIK software (which Google bought when it acquired Snapseed), the G+ RAW conversions have been tweaked to give some dramatically better results.

If you write in Markdown on your Mac, then you should buy Brett Terpstra’s Marked 2. It could be described as a tool for previewing Markdown files, but that would be like calling an iPhone a… well, a phone.

According to Derek “beefcake with a brain” Morgan from Criminal Minds, “sitting is the new smoking,” and too much of it will kill you. But who wants any boring old standing desk? Yes, you could put a couple of milk crates onto your regular desk and prop your MacBook on top, but why do that when you can spend $3,900 on the Stir Kinetic Desk, a standing desk with a touch screen?

If you have a router (no, not that kind of router), a chunk of plywood and some mad craft skillz, then you could make your own Undulating Contours charging station. If you are missing any one of those, then, it’d be better to spend the $24 on the real thing, hand-hewn in Louisiana.

Speaking of snapping photos and saving them in Evernote, Notograph is a beautiful new iPhone that will do just that, as well as syncing with Dropbox and iCloud.

The Evernote iOS app has gotten another big update, barely a week after it was revamped for iOS 7 and made useful again. The news today is the new Post-It camera, which now lets you scan the yellow sticky squares right into your Evernotes.

While we knew almost everything there was to know about the iPhone 5s prior to its official unveiling last week, I don’t think anybody expected Apple to announce a fancy new case to go with it.

The Cupertino company has released an iPad case or cover for every model it has ever made, but this is the first time it has provided first-party iPhone protection since the iPhone 4 Bumper back in 2010. But I’m glad it’s back in the case business.

The new iPhone 5s case — which fits the iPhone 5, too, by the way — is made from soft, premium leather and designed to “look and feel luxurious,” Apple says. It is precision crafted for a tight fit that maintain’s your iPhone’s sleek, slim design, and its microfiber lining promises to protect its aluminum shell from scuffs and scratches.

The case is available in six pretty colors, and it’s priced at $39.95. That’s pretty expensive for a case of this kind, but is it worth it?

Apple VP of Gold Raffi Jaharian is back in another Conan video. This time, he’s here to tell you how to get your grimy hands on a gold iPhone 5s (because gold is BEST).

We wish it was easy as meeting one of his cousins in the back of an Apple Store, but unfortunately, the real chances of getting a gold iPhone anytime soon are slim to none.