Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»General Discussion»How to get past the finge...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

General Discussion

Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region Forums

DetlefK

(16,423 posts) Mon Sep 23, 2013, 08:02 AM Sep 2013

How to get past the fingerprint-scanner of the iPhone 5S:

The german hacker-community CCC (Chaos Computer Club) has found a way to trick the fingerprint-scanner of the iPhone 5S: Steal the fingerprints and print them on a transparent foil. They method is actually pretty old. They admitted, they only had to increase the resolution.

They also lambasted Apple for even considering something that unreliable as a security-measure.

Step 1: make a digital photo of the fingerprint

Step 2: enhance quality with software (and adjust for size)

Step 3: print on a transparent foil

Step 4: spread a very thin layer of glue or latex-milk on the foil; the liquid will amass on the printed areas, forming a relief when solidifying

Step 5: carefully moisturize the relief a little bit before use


http://www.spiegel.de/netzwelt/netzpolitik/fingerabdruck-scanner-ccc-hackt-apples-touch-id-a-923797.html

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 11 replies, 2099 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (0) ReplyReply to this post
11 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
How to get past the fingerprint-scanner of the iPhone 5S: (Original Post) DetlefK Sep 2013 OP
Isn't it easier to use the threat of bodily harm? Renew Deal Sep 2013 #1
Yes, if you happen to have person and smartphone in the same place. DetlefK Sep 2013 #2
It's still better than a PIN or nothing at all Paulie Sep 2013 #3
Its a gimmick. dipsydoodle Sep 2013 #4
Exactly trumad Sep 2013 #5
Next up dipsydoodle Sep 2013 #6
That would be hard to hack. trumad Sep 2013 #7
AFAIR the tongue-surface is also unique for each person. DetlefK Sep 2013 #9
That "feature" is the reason I won't buy the 5s Stargazer09 Sep 2013 #8
First of all, it's optional on the 5s, second, the phone doesn't store your fingerprint frazzled Sep 2013 #10
Oh, okay Stargazer09 Sep 2013 #11

Renew Deal

(81,847 posts)
1. Isn't it easier to use the threat of bodily harm?
Reply to DetlefK (Original post)
Mon Sep 23, 2013, 08:20 AM
Sep 2013

To compel the person unlock it?

What about getting someone drunk and pressing their finger on it?

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

DetlefK

(16,423 posts)
2. Yes, if you happen to have person and smartphone in the same place.
Reply to Renew Deal (Reply #1)
Mon Sep 23, 2013, 08:33 AM
Sep 2013

But the victim could always suspect that someone tampered their iPhone.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Paulie

(8,462 posts)
3. It's still better than a PIN or nothing at all
Reply to DetlefK (Original post)
Mon Sep 23, 2013, 08:37 AM
Sep 2013

It's easy to get through a PIN if it's not set to wipe the device, just look at the screen smudges, and people will often start with 19... Swipe PINS are even easier as the smudge goes between numbers and persists longer even with use.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
 

trumad

(41,692 posts)
5. Exactly
Reply to dipsydoodle (Reply #4)
Mon Sep 23, 2013, 08:48 AM
Sep 2013

a pretty convenient gimmick if you ask me.

Everyone is all in a huff about this gimmick---but hell....it's just as secure as the four digit code.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

DetlefK

(16,423 posts)
9. AFAIR the tongue-surface is also unique for each person.
Reply to dipsydoodle (Reply #6)
Mon Sep 23, 2013, 09:35 AM
Sep 2013

Of course it's unhygienic, but on the other hand it's hard to steal and useless for any other purposes.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Stargazer09

(2,132 posts)
8. That "feature" is the reason I won't buy the 5s
Reply to DetlefK (Original post)
Mon Sep 23, 2013, 09:27 AM
Sep 2013

I love my current iPhone. It's given me four years of reliable service, but it's starting to have trouble recognizing input and loading apps. It's time for a new one, and I was very interested in the 5s.

I really do not want my fingerprints stored on any device. I know the government has them, due to my military service, but I have to have a little faith that their data systems are a little more secure than Apple's.

The 5c isn't as powerful as the 5s, but it doesn't collect and store my fingerprints, and I'm sure it will be a better phone than the aging one I have now.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

frazzled

(18,402 posts)
10. First of all, it's optional on the 5s, second, the phone doesn't store your fingerprint
Reply to Stargazer09 (Reply #8)
Mon Sep 23, 2013, 09:46 AM
Sep 2013

All this stuff about "hacking" your fingerprint and reusing it is apparently bull:

. First of all, there's a dedicated "enclave" in the iPhone 5s processor that's used solely for the purpose of storing encrypted data related to Touch ID. Its only connection to the rest of the iPhone's hardware is a function to say, "Touch ID check OK/Fail." The notion that someone could grab this data via a Bluetooth connection is ludicrous Hollywood "hacking" BS.

Second, the iPhone doesn't actually store fingerprint data in the first place. The iPhone 5s maps your fingerprint and converts that into a string of data (a one-way hash), then holds onto that chunk of data. The next time you put your paws on the phone, the same hashing process produces another data chunk; the two chunks -- not the two fingerprint images -- are matched up to allow access. In fact, assuming the hashing process works the same way as it does for existing iPhone passcodes, the fingerprint data is encoded in a way that's specific to that individual phone (salted). Copying it anywhere else would be useless. [Have we been hearing about hacker gangs remotely stealing iPhone passcodes via magical processes to use them elsewhere? No, we have not -- and if we had, it would almost certainly be via social engineering or visual spying as the phone is unlocked, both of which are impossible with Touch ID. –Ed.]

Anyone who somehow managed to access the iPhone's Touch ID circuitry and extract the hashed data would just find a string of alphanumeric gibberish, not a 3D-printable set of whorls and ridges ready to be turned into a latex Mission:Impossible-style fake finger. My TUAW colleague Dr. Richard Gaywood, who knows a thing or two about this stuff, says turning that data back into a readable fingerprint "would be like taking a cake, eating half of it, smashing the rest up with a fork, then giving it to someone and asking them, 'How much did the whole cake weigh, and what message was written on the icing that was on top of it?' "

http://www.tuaw.com/2013/09/22/iphone-5s-fingerprint-sensor-gets-completely-misunderstood/
TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»General Discussion»How to get past the finge...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.