or Connect
AppleInsider › Forums › Mobile › iPhone › Apple's Touch ID already bypassed with established 'fake finger' technique
New Posts  All Forums:Forum Nav:

Apple's Touch ID already bypassed with established 'fake finger' technique - Page 7

post #241 of 319

If you have a gold 64g, I'll take it off your hands.

post #242 of 319

Funny how much that guys' hands were shaking during the video, and if your going to show proof of cracking, you should clear out the "saved" finger prints, and for measure have someone else use their hands thats not recorded in the device to open it. 

post #243 of 319
Quote:
Originally Posted by Pilotattitude View Post

Funny how much that guys' hands were shaking during the video, and if your going to show proof of cracking, you should clear out the "saved" finger prints, and for measure have someone else use their hands thats not recorded in the device to open it. 
They released a part 2 video last night with two different people so there were different hands. The video would prove nothing to those here who are in denial.
post #244 of 319
Quote:
Originally Posted by DroidFTW View Post


They released a part 2 video last night with two different people so there were different hands. The video would prove nothing to those here who are in denial.

 

The source of the fingerprint is the real issue. If it's supposed to come from the touchscreen itself, then all the user has to do to defeat it is not lock the phone with a print from the hand that they use to operate the touchscreen. If it's supposed to come from another source, then it's unlikely to apply to the standard lost or stolen phone scenario. 

post #245 of 319
This is not a hack! It has nothing to do with a real world scenario. Lets see someone do this with someone else's phone, by lifting a finger print from the phone or something else, not by taking pictures of your own finger. One of the things this "hack" totally disregards is knowing which finger print is encoded and its orientation. Then add the difficulty of finding that particular finger print. So that is not a true representation of a real hack.

While I would not call this the highest security measure, I don't really see it any worse than a 4 digit pass code, and as an iPhone 5S owner, it is much easier to use than the passcode. However, I am confident that a real vulnerability will be found, and fix, and so on and so on, as is normal!
post #246 of 319
Quote:
Originally Posted by mstone View Post
 

Touch ID was designed to keep your wife from reading txt messages from your girlfriend while you are in the shower. If she suddenly orders a 2400 dpi laser film printer and a high resolution camera with a macro lens, then you might have something to worry about.

 

If I had a wife then I'd have something to worry about  :err: 

post #247 of 319

This is odd, I have posted twice to this thread over the last 24 hours and NOW both are missing in action.  Neither was a flame post or personal in nature.  I have never had posts pulled for any reason.

 

David

post #248 of 319

Easy to beat this so called 'hack'.

 

If you use your left hand to use your phone, unlock your phone with your right pinky.

 

This hack is just as good as someone video taping someone entering a password. 

post #249 of 319

This "hack" was only done under near perfect circumstances, and doesn't really implicate real-world security. 

 

Not only did CCC have the device and still needed two full days to crack it, but they also KNEW WHICH PRINT WAS REGISTERED and left a PERFECT, FULL PRINT to copy. I have 10 fingers, and I don't need to register the tip. I could register part under the knuckle for example, and just habitually smudge the home button after authenticating. I only touch the phone with my finger tips and palm mostly, so there are almost no clean prints for other parts of my finger. 

 

In a real world theft scenario, the thieves would have to know exactly which print was registered because 5 failed attempts would require a password, and 10 failed attempts would wipe the device. They would also have to do this before I could wipe my phone, and when the worlds best biometric hacking experts still needed 48 hours under perfect conditions, the likelihood of them gaining access to my phone is almost zero. 

 

This also implicates the oft-cited scenario where police can compel you to input your finger print. They don't know which finger or what part of each finger is registered. Under the print I currently registered with Touch ID, I could give them all 10 finger tips and they still couldn't gain access to the phone. There are 10 fingers to register, different parts of each finger, and at that point its just as much of a guessing game as a passcode except significantly more difficult to input a "guess." 

post #250 of 319

This is the most ridiculous thing I've ever read.    No security ever is infallible, including the locks we have on our doors and the remote controls we have for our cars.    The purpose is to make it reasonable and practical.     The purpose of the security I.D. on the iPhone is not to prevent the phone from being stolen.   It's to prevent your co-workers, friends or family from seeing what's on your phone or using up your phone/data allowances.    And considering how much privacy we voluntarily give up, by posting every trivial, absurd aspect of our lives on Facebook and the like, the privacy aspect isn't even all that important.    

 

In NYC, robberies of this type take place mostly on the subway (although I've never seen one happen).    Do you think the idiots who grab a phone are going to go through the process of lifting and printing fingerprints?   Don't be ridiculous.    And with Apple's new tools for essentially bricking the phone, it's all pretty much a moot point anyway.    

 

I have an iPhone 5 and I don't even use the four-digit security code as it's too much of a pain to use.   The phone is always with me and if I should lose it, I'll brick it.    I won't be buying the 5s, but I assume I'll eventually buy the 6 which will have the same feature.   I think it's a great feature that makes a lot of sense.   I'm sure they'll be tech advances that make it even more secure in the future.

post #251 of 319

The fact is, the same can't be done with passwords which is what most phones already use.

 

A hacker can spend even 10 times the amount that he/she did on fingerprint duplication techniques with password cracking (using multiple GPUs) and will still not be able to crack my 8 character password in less than 3-10 tries after which, most systems would lock you out.

 

Passwords > Fingerprints aka Touch ID = gimmick.

post #252 of 319
Does anyone else think this guy has had too much caffeine?
post #253 of 319
Quote:
Originally Posted by DroidFTW View Post


They released a part 2 video last night with two different people so there were different hands. The video would prove nothing to those here who are in denial.

 

The second part, which isn't posted on their site by the way so not sure it is the same people, does nothing to dispel the questions from the 1st video. Need to see everything done in real time and from scratch. Doesn't answer the question is the other persons finger was already enrolled. Thus, the scanner is looking right through what is placed on the finger. Also, While the table looks the same, what is placed on the scanner is not. 1st video was a translucent latex piece and this is a black piece of plastic. Never show the bottom of it. If this is supposed to be a follow-up , why does it not using the same piece? 

 
There is another thing as well, They do not show the bottom of the persons finger doing the initial scan in either case. How do you know there isn't something placed on his fingertip, which eliminates any detail like if you scanned you cat's paw or another body part. Thus, anything with lack of detail or minimal detail would unlock the phone. 
post #254 of 319
Until they post a complete unedited video from start to finish it means nothing.

Why keep arguing about which fingers were used or if he's shaking. Wait for the FULL video.

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
post #255 of 319
Quote:
Originally Posted by MattD View Post

The fact is, the same can't be done with passwords which is what most phones already use.
A hacker can spend even 10 times the amount that he/she did on fingerprint duplication techniques with password cracking (using multiple GPUs) and will still not be able to crack my 8 character password in less than 3-10 tries after which, most systems would lock you out.
Passwords > Fingerprints aka Touch ID = gimmick.

Hey "MattD", is this another one of your accounts? The fact is a majority of users don't use the complex pass code and a lot of users don't even have a pass code set. The touch ID will make it so convenient for the owner to have a level of security without the annoyance of typing in a pass code.
post #256 of 319
Quote:
Originally Posted by MacHarry de View Post

OK,is it possible to return the new iPhone 5s to Apple until this hard issue is solved?

 

Put it on eBay... you'll make a tidy profit and someone who isn't an idiot will get a great device that supports multi-factor authentication.

post #257 of 319
Quote:
Originally Posted by MattD View Post

The fact is, the same can't be done with passwords which is what most phones already use.
A hacker can spend even 10 times the amount that he/she did on fingerprint duplication techniques with password cracking (using multiple GPUs) and will still not be able to crack my 8 character password in less than 3-10 tries after which, most systems would lock you out.
Passwords > Fingerprints aka Touch ID = gimmick.

If fingerprint ID is a gimmick, it's a good gimmick. It's a lot easier to use than typing in passwords and 4 character passwords as not very effective and I still accidently type even a 4 character password wrong, which takes more time to log in. The fingerprint ID was very quick and simple, I like it better, which is the bottom line.
post #258 of 319
Quote:
Originally Posted by yoyo2222 View Post

Does anyone else think this guy has had too much caffeine?

I think he might have been on something a little stronger and possibly illegal than caffeine.
post #259 of 319
Quote:
Originally Posted by jungmark View Post


Hey "MattD", is this another one of your accounts? The fact is a majority of users don't use the complex pass code and a lot of users don't even have a pass code set. The touch ID will make it so convenient for the owner to have a level of security without the annoyance of typing in a pass code.

 

The Touch ID, I agree is convenient as it's faster than entering a password but it's NOT secure. In other words, not having any security is also convenient because the Touch ID is as good as not having any lock enabled.

 

Passwords are secure which is why banks have been using them for years and would never implement a silly illusion such as this. How many videos have you seen of a password being cracked in under 10 attempts and how many years have passwords existed for? That's what I thought.

 
Also, the video might not be a complete unedited version BUT it sure proves that the whole RF signal to check the sub epidermal layer beneath your skin is all marketing talk.
 
The fact is, the majority of users don't need gimmicks. 
post #260 of 319

They needed to show  negative responds on the finger that will be covered up with the fake print before unlocking. The touch sensor as it was explained, ignores dead skin (or thin latex?).  The illusion may be that the  middle finger was already trained and the device just simply ignore the latex. ....a good magic trick.  Anyway, we need independent confirmation.

post #261 of 319
This is great news for the CIA. And the FBI. And Interpol.

But for your average iPhone thief, it means nothing.
More people will use longer and more complex passcodes on their iPhones.
Touch ID doesn't eliminate the need for a passcode.
You need to set up a passcode before using Touch ID in the first place.

Sent from my iPhone Simulator

Reply

Sent from my iPhone Simulator

Reply
post #262 of 319
Okay, AI. Get right on the verification of this, okay? Surely you have some graphite dust or cyanoacrylate sitting around the office. And pull out that old photo editing software, and fire up your laser printer. And find some transparent sheets. Then go to the fridge for the pink latex milk -- that's where you keep it, right?-- or find your white wood glue. Now finish the process and report back.

The fact is, our OS devices are stolen by junkies or meth heads, usually, and sold for pennies on the dollar. I'm guessing fingerprint labs aren't readily available to most people, nor do they care to make them available. Jeez, if thieves were capable of this kind of advance planning ( or "planning", as we call it in my country) they'd have straight jobs or be stealing something more lucrative than cell phones and tablets.

Ask any thief whether he would prefer to break into a locked car or an unlocked car. This technology is a simple lock, that's all. But the best lock is the one you use...
post #263 of 319
Quote:
Originally Posted by MattD View Post
 

 

The Touch ID, I agree is convenient as it's faster than entering a password but it's NOT secure. In other words, not having any security is also convenient because the Touch ID is as good as not having any lock enabled.

 

Passwords are secure which is why banks have been using them for years and would never implement a silly illusion such as this. How many videos have you seen of a password being cracked in under 10 attempts and how many years have passwords existed for? That's what I thought.

 
Also, the video might not be a complete unedited version BUT it sure proves that the whole RF signal to check the sub epidermal layer beneath your skin is all marketing talk.
 
The fact is, the majority of users don't need gimmicks. 

 

While the majority of thieves won't have a good original hi-res print to construct a fake from: rendering the entire "hack" demo irrelevant for the real world. Sure, anyone with a copy of my front door key can get in: that doesn't actually invalidate the concept of locked front doors being more secure than unlocked ones does it?

 
I'd be interested in seeing, say, ten randomly selected from the real world phones all successfully broken into using this technique. It's possible real world phones never offer the high quality fingerprint necessary for the breaking: just like my locked door doesn't offer anyone a copy of my key to replicate.... might it may be that the defeat is as simple as smearing the fingerprint sensor after the successful unlock?: then the warning has had at least some use...
 
ITRW few usable fingerprints are developed at crime scenes so who's to say whether real world phones ever have a good enough print to hi-tech extract and exploit?

 

As to "gimmicks", the low penetration of any sort of passcode usage seems to contradict that. The "gimmick" of convenience is a reasonable argument.

post #264 of 319
Quote:
Originally Posted by MattD View Post

The Touch ID, I agree is convenient as it's faster than entering a password but it's NOT secure. In other words, not having any security is also convenient because the Touch ID is as good as not having any lock enabled.

Passwords are secure which is why banks have been using them for years and would never implement a silly illusion such as this. How many videos have you seen of a password being cracked in under 10 attempts and how many years have passwords existed for? That's what I thought.
 
Also, the video might not be a complete unedited version BUT it sure proves that the whole RF signal to check the sub epidermal layer beneath your skin is all marketing talk.
 
The fact is, the majority of users don't need gimmicks. 

Bullsh1t. The majority of 5S will use touch ID.

Passwords can be easily obtained. Look at all the security breaches over the years. Since the fingerprint is stored locally, the only way you lose it is if you lose your iPhone too.

Also you can socially engineer a password or phish for one too.

No security system is ever flawless. I bet you say keys/locks on doors are gimmicks too because you can just break a window to bypass it.
post #265 of 319
I can use any of my 10 fingers so which one are hackers going to guess at? I think I will use my middle finger, How about my toe or my one eyed snake?
post #266 of 319

I found this post on this subject on a news site. I couldn't have said it better.

 

=======

 

Jesus, some people are muppets.

 

Phone thefts are on the whole opportunist crimes.

 

How many people have the ability/desire or time to stalk you, get a clear print, steal your phone and create these fakes? Not many.

How many phones are stolen by James Bond villains to get your secure data (bank details?) which of course you keep in a file marked 'BANK DETAILS' on your phone? About none.

 

AFAIK, if they do go through this laborious process and hack into your phone via a fake fingerprint they STILL NEED YOUR PASSCODE to alter anything in order to make the phone useable. Otherwise the second it connects to the internet it will be disabled (presuming the owner disables it). There is no way around that. The phone is useless except as a source of information and it you are think enough to carry that info around with you on a device you deserve all you get.

 

I used to laugh at the Apple fanbois but now the most hilarious bunch are the anti-apple brigade...

 

==========

post #267 of 319
Quote:
Originally Posted by MattD View Post

Quote:
Originally Posted by jungmark View Post

Hey "MattD", is this another one of your accounts? The fact is a majority of users don't use the complex pass code and a lot of users don't even have a pass code set. The touch ID will make it so convenient for the owner to have a level of security without the annoyance of typing in a pass code.

The Touch ID, I agree is convenient as it's faster than entering a password but it's NOT secure. In other words, not having any security is also convenient because the Touch ID is as good as not having any lock enabled.

Passwords are secure which is why banks have been using them for years and would never implement a silly illusion such as this. How many videos have you seen of a password being cracked in under 10 attempts and how many years have passwords existed for? That's what I thought.
 
Also, the video might not be a complete unedited version BUT it sure proves that the whole RF signal to check the sub epidermal layer beneath your skin is all marketing talk.
 
The fact is, the majority of users don't need gimmicks. 

Did you really just try to make the argument that Touch ID is no more secure than having no security at all?

Also, fingerprint authentication is widely used as a security element in situations where high security is required. In conjunction with a single password it adds significant additional complexity to unauthorized access. For example, for protection of classified matter, we use it in combination with a badge swipe and a pass code, a triple requirement of possession of an item, knowledge of a passcode, and the physical presence of the authorized user.

While each of those may be individually compromised, they each have their difficulties. In the case of the phone with fingerprint authentication, physical possession of the phone plus the correct fingerprint represent a double, rather than triple requirement, but even if the reported hack is real, that is still pretty secure, given the likelihood of someone having the resources and the incentive to pull off such a complex process. Much harder than just stealing a credit card, for example.
post #268 of 319
Quote:
Originally Posted by DaveN View Post
 

AFAIK, if they do go through this laborious process and hack into your phone via a fake fingerprint they STILL NEED YOUR PASSCODE to alter anything in order to make the phone useable. Otherwise the second it connects to the internet it will be disabled (presuming the owner disables it). There is no way around that.

 

Quote:
Originally Posted by jungmark View Post

Passwords can be easily obtained. Look at all the security breaches over the years. Since the fingerprint is stored locally, the only way you lose it is if you lose your iPhone too.

Also you can socially engineer a password or phish for one too.

 

You can only GUESS passwords using brute force or word lists (assuming the password is some easy to remember name/ word) or by using a key logging software. Fortunately, key logging software would not make it through to both the App store or Google Play.

 

Passwords can't be hacked unless you can break encryption which is not possible in most cases as you'd need to be a genius to crack such encryption and if you can do so, you'd paid in hundred of thousands of dollars. This fingerprinting technique would cost a few hundred dollars to less than 2 grand meaning that, it can be easily bought by anyone.

 

 "you can socially engineer a password or phish for one too." - Social engineering and phishing only work on idiots who can't tell the difference between a real website and a fake one by looking at the URL bar and who are gullible enough to provide too much information over the phone to some "customer service rep". Fingerprint lifting can work on ANYONE and you can't change your fingerprint.

 

The majority of thieves CAN afford the tools to hack your fingerprint but NOT your encrypted password which you can change and is a feature available on all smartphones.

 

Quote:
Originally Posted by DaveN View Post
 

AFAIK, if they do go through this laborious process and hack into your phone via a fake fingerprint they STILL NEED YOUR PASSCODE to alter anything in order to make the phone useable. Otherwise the second it connects to the internet it will be disabled (presuming the owner disables it). There is no way around that.

 

The point is about the fingerprint security by itself. Passwords, by themselves, can't be hacked.

 

It does not make sense to spend a few hundred dollars more for a fingerprint scanner under the pretence of it being secure. Now people argue that it's more for convenience. My point is, not locking your phone at all is just as convenient.

post #269 of 319
Quote:
Originally Posted by muppetry View Post

Also, fingerprint authentication is widely used as a security element in situations where high security is required. In conjunction with a single password it adds significant additional complexity to unauthorized access. For example, for protection of classified matter, we use it in combination with a badge swipe and a pass code, a triple requirement of possession of an item, knowledge of a passcode, and the physical presence of the authorized user.

While each of those may be individually compromised, they each have their difficulties. In the case of the phone with fingerprint authentication, physical possession of the phone plus the correct fingerprint represent a double, rather than triple requirement, but even if the reported hack is real, that is still pretty secure, given the likelihood of someone having the resources and the incentive to pull off such a complex process. Much harder than just stealing a credit card, for example.

 

So in your example, it's part of a COMBINATION of authentication techniques and my point is, by itself, it's useless. Also, if used as a combination with a pass code - you still have to enter the pass code which, them means that it's not more convenient. So, the whole purpose is defeated.

 

Stealing a credit card sounds like fun except for the part where you need to enter a pin which is a software feature on the authentication server that could be added by merchants at anytime. You can't really do any upgrades to a fingerprint scanner. They've been the same over the years and now just have higher resolution.

 

This "complex process" of breaking fingerprint authentication has been around for years and is 100 times less complex and cheaper than ATTEMPTING to break a password.

post #270 of 319

Disappointing! I think I'm still gone have to remember my 20 random character password. Well, it was nice while the dream of never having to use another password lasted :(

post #271 of 319
Quote:
Originally Posted by muppetry View Post
While each of those may be individually compromised, they each have their difficulties. In the case of the phone with fingerprint authentication, physical possession of the phone plus the correct fingerprint represent a double, rather than triple requirement, but even if the reported hack is real, that is still pretty secure, given the likelihood of someone having the resources and the incentive to pull off such a complex process. Much harder than just stealing a credit card, for example.

Do you think they will stole your iPhone and THEN ask "Well, now what do I do?". No, they will steal hundreds of iPhones and have everything prepared. It's gone be an investment for them. When they steal your credit card numbers they invest first in tiny cameras and magnetic readers to be able to read your card and see when you type your pin. Now they will just invest in whatever is necessary to read your fingerprints from your phone. Probably there will be kits ready for this and how to manuals.

post #272 of 319
Regarding the original challenge at http://istouchidhackedyet.com/ the folks running it have declared a winner.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #273 of 319

I think the Pattern Unlocking from Android and Windows phones is the best method for security on the phone. I don't think is better than a 20 character random password but much better than a 4 number pin or this fingerprint gimmick!

post #274 of 319

"This "complex process" of breaking fingerprint authentication has been around for years"

 

Yet that technique is worthless without a good hi-res fingerprint image. Which will be the case in most instances of a stolen phone.

post #275 of 319
Originally Posted by NelsonX View Post
better than a 4 number pin or this fingerprint gimmick!

 

Implying the 4# pin is the only possible password. And implying that fingerprinting done correctly is a gimmick. :no:

 

My only wish is that Apple would make the lock screen keyboard the same as the system keyboard. You can only type a password in the language to which the device is set right now, but some of us would prefer using other character sets for passwords.

Originally posted by Marvin

Even if [the 5.5” iPhone] exists, it doesn’t deserve to.
Reply

Originally posted by Marvin

Even if [the 5.5” iPhone] exists, it doesn’t deserve to.
Reply
post #276 of 319
Quote:
Originally Posted by jfc1138 View Post

"This "complex process" of breaking fingerprint authentication has been around for years"

Yet that technique is worthless without a good hi-res fingerprint image. Which will be the case in most instances of a stolen phone.

Yet many here ridiculed the competition for having fingerprint scanners that could be bypassed using this 'complex process', and swore that Apple's way wouldn't be able to be bypassed in the same manner. What's superior to the competition is its incorporation into the home button.
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #277 of 319
Quote:
Originally Posted by dasanman69 View Post


Yet many here ridiculed the competition for having fingerprint scanners that could be bypassed using this 'complex process', and swore that Apple's way wouldn't be able to be bypassed in the same manner. What's superior to the competition is its incorporation into the home button.

 

Well that "competition" is very busy ridiculing itself eh? Motorola has one short memory... as the Atrix, IIRC, is the only cell that had a fingerprint tech unlock?

post #278 of 319
Quote:
Originally Posted by NelsonX View Post

Quote:
Originally Posted by muppetry View Post

While each of those may be individually compromised, they each have their difficulties. In the case of the phone with fingerprint authentication, physical possession of the phone plus the correct fingerprint represent a double, rather than triple requirement, but even if the reported hack is real, that is still pretty secure, given the likelihood of someone having the resources and the incentive to pull off such a complex process. Much harder than just stealing a credit card, for example.
Do you think they will stole your iPhone and THEN ask "Well, now what do I do?". No, they will steal hundreds of iPhones and have everything prepared. It's gone be an investment for them. When they steal your credit card numbers they invest first in tiny cameras and magnetic readers to be able to read your card and see when you type your pin. Now they will just invest in whatever is necessary to read your fingerprints from your phone. Probably there will be kits ready for this and how to manuals.

They will do all that to achieve what, exactly? Make phone calls and download some apps and music from your iTunes account?
post #279 of 319
Quote:
Originally Posted by jfc1138 View Post

Well that "competition" is very busy ridiculing itself eh? Motorola has one short memory... as the Atrix, IIRC, is the only cell that had a fingerprint tech unlock?

LG also has a phone coming out with a fingerprint scanner and the rumor is that HTC will as well, but it was fingerprint scanners in general that were ridiculed.
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #280 of 319
Quote:
Originally Posted by MattD View Post

Quote:
Originally Posted by muppetry View Post

Also, fingerprint authentication is widely used as a security element in situations where high security is required. In conjunction with a single password it adds significant additional complexity to unauthorized access. For example, for protection of classified matter, we use it in combination with a badge swipe and a pass code, a triple requirement of possession of an item, knowledge of a passcode, and the physical presence of the authorized user.


While each of those may be individually compromised, they each have their difficulties. In the case of the phone with fingerprint authentication, physical possession of the phone plus the correct fingerprint represent a double, rather than triple requirement, but even if the reported hack is real, that is still pretty secure, given the likelihood of someone having the resources and the incentive to pull off such a complex process. Much harder than just stealing a credit card, for example.

So in your example, it's part of a COMBINATION of authentication techniques and my point is, by itself, it's useless. Also, if used as a combination with a pass code - you still have to enter the pass code which, them means that it's not more convenient. So, the whole purpose is defeated.

Stealing a credit card sounds like fun except for the part where you need to enter a pin which is a software feature on the authentication server that could be added by merchants at anytime. You can't really do any upgrades to a fingerprint scanner. They've been the same over the years and now just have higher resolution.

This "complex process" of breaking fingerprint authentication has been around for years and is 100 times less complex and cheaper than ATTEMPTING to break a password.

Firstly, it's not useless by itself - even if it proves to be hackable it is likely to be more than adequate security to prevent the vast majority of attempted unauthorized access to a phone, and for that purpose it represents a huge improvement in convenience. For more secure processes one might want to add a password for a 3-step combo.

Credit card transactions could be adapted to require a PIN, at least in the US, they currently do not, so that argument is moot.

If you ever end up with a phone that supports this feature, I'd be curious to know how long it is before you start using it. I predict that it will be hugely popular, and that the incidence of it being hacked is minuscule.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • Apple's Touch ID already bypassed with established 'fake finger' technique
AppleInsider › Forums › Mobile › iPhone › Apple's Touch ID already bypassed with established 'fake finger' technique