...
But that is because the user didn't wipe their fingerprint off the phone. That doesn't prove that TouchID has an insecure DRM.
Precisely what sort of access would you recommend for a mobile device? Uses will not memorize a secure password.
A separate key they carry on their keychain?
Be honest with the end user rather than try to mislead in order to market. Giving the end user a false sense of security is far worse than no security at all. The key here is that the end user makes an
informed choice. The user then makes a trade off between security and convenience.
1) A secure password.
2) A separate key that can be inserted into the device.
3) No security. Rely only on physical possession. User does not keep sensitive data on the device.
4) Weak security / DRM. Useful only if one wants to delay rather than prevent access. This can be effective where time is of the essence to an attacker.
Please explain how TouchID with a secure password is dependent on DRM?
Apple can't force people to adopt strong security if they have no desire to. Those who have a desire to, will use a secure password and TouchID (or not use Apple device).
I don't see the citations that show me that Apple has forced everyone to accept DRM for their security?