or Connect
AppleInsider › Forums › Mobile › iPhone › Apple's Touch ID already bypassed with established 'fake finger' technique
New Posts  All Forums:Forum Nav:

Apple's Touch ID already bypassed with established 'fake finger' technique - Page 3

post #81 of 319
Quote:
Originally Posted by Ramrod View Post
 

 

Sorry to hear you don't know how to wipe your screen or that your friends can't come up with a complex pattern. And sorry to hear you blame the locking mechanism because the idiotic user didn't know how to connect the dots. Wow! Like I said, Denial is a helluva drug.

In the end I say don't worry what me or others think about this ridiculous gimmick. The inconvenience of having to constantly take your gloves off is enough reason to not want to use it. Come this winter, anyone with a GS4 can happily swipe in their pattern lock and never have to take be inconvenienced with taking off their gloves. Samsung was smart enough to know this. Apple? Not so much.

 

Oh my.. Stop with the glove point, we've already both agreed on it, so shut up, just being a condescending prick now.

 
You point out that I don't know how to wipe a device clean? Are you mentally challenged?
I've done it with cleaners, micro-fibre cloths, shirts, pants, everything. And nothing has worked, so that point falls..
 
They had very complex patterns, but clearly you don't think so, which is fine by me...
"DENIAL IS A HELLUVA DRUG"... LOL. Yeah, you bloody hypocrite. You call be being in denial, yet when I point out perfectly logical points, you just say I'm in denial simply because you are? Get over yourself. That reflection ain't pretty.
 
You point out that Samsung thinks of things.. Yeah, so true. Like how they thought a 2500 MAh battery is enough for a 5.3 HD screen? Or how a dual core with a gig of RAM is enough for Android. Or how about those screen issues? Yeah, certainly SAMSUNG is the CLEAR CUT winner in QUALITY. Lol, please, get off AI. Clearly all you've done is join simply because you wanted to point out a finger unlock pattern is better. Yes, it is better is some cases, and it's worse in some cases... like with EVERYTHING.
post #82 of 319
Quote:
Originally Posted by Ramrod View Post
 

Sorry, best and easiest way is the pattern unlock that android uses. Apple should have put more money towards a better user experience, bigger and better screen, and better hardware overall. The fingerprint lock is useless in winter. What a hassle to keep taking off gloves to unlock my phone. I like what Nokia and Samsung did with the touchscreens that work with gloves. Get on it Apple. Stop these stupid gimmicks.

 

Well, fingerprints are convenient but you don't have to use your fingers,  You understand that you can use any part of your body, even parts that are illegal to expose in public in most countries.  Although I guess using those parts might keep the Germans from lifting the print where they are used. LOL. :lol: 

post #83 of 319

If this video is proof that the iPhone Touch ID was cracked, then this video actually demonstrates that the Touch ID wasn't cracked at all.

How so?

If you know which finger to use and you know your own 4 digit pass code, have you really cracked the Touch ID?

No.

The person used his own lifted fingerprint without restarting the phone; and he knew which fingerprint to use.

The Touch ID requires a 4 digit pass code after restarting.

http://support.apple.com/kb/HT5949?viewlocale=en_US

Security safeguards

Every fingerprint is unique, so it is rare that even a small section of two separate fingerprints are alike enough to register as a match for Touch ID. The probability of this happening is 1 in 50,000 for one enrolled finger. This is much better than the 1 in 10,000 odds of guessing a typical 4-digit passcode. Although some passcodes, like "1234", may be more easily guessed, there is no such thing as an easily guessable fingerprint pattern. Instead, the 1 in 50,000 probability means it requires trying up to 50,000 different fingerprints until potentially finding a random match. But Touch ID only allows five unsuccessful fingerprint match attempts before you must enter your passcode, and you cannot proceed until doing so.

To configure Touch ID, you must first set up a passcode. Touch ID is designed to minimize the input of your passcode; but your passcode will be needed for additional security validation, such as:

  • After restarting your iPhone 5s
  • When more than 48 hours have elapsed from the last time you unlocked your iPhone 5s
  • To enter the Passcode & Fingerprint setting

Since security is only as secure as its weakest point, you can choose to increase the security of a 4-digit passcode by using a complex alphanumeric passcode. To do this, go to Settings > General > Passcode & Fingerprint and turn Simple Passcode off. This will allow you to create a longer, more complex passcode that is inherently more secure. Security is further strengthened by using a mixture of uppercase and lowercase letters, numbers, and symbols."

----------------------------------------

If Apple had never revealed how the Touch ID process worked, the individual would not have figured out that he can scan his own fingerprint, elevate the ridges onto a surface, place the surface on another finger, and then use the other finger's "living tissue" beneath the "fake epidermal fingerprint layer", to activate the Touch ID with his own 4-digit pass code.

The staged video simply demonstrates that the technology works as advertised, in that the scanner read the correct fingerprint pattern, and that the overlay was placed on the finger of a living person.

According to this article, the ONLY way a fingerprint pattern was replicated was with a DIRECT FINGER TO GLASS PLATE 2400 DPI HIGH RESOLUTION SCAN ON A FLATBED SCANNER.

Which means that he couldn't lift a fingerprint directly off of the iPhone 5s itself, because the light from the scanner would have refracted when coming into contact with the sapphire crystal glass.

In other words, take a mirror, and place a clear fingerprint on it, and scan the mirror.

Light reflected on itself would wash out the image the same way you photograph a white wall with flash.

The bottom line is that the individual didn't crack the Touch ID with his own fingerprint and 4 digit pass code; and he couldn't crack the Touch ID because the scanner worked as advertised.

post #84 of 319
Quote:
Originally Posted by Ramrod View Post
 

 

Says the person who just joined AI. HAHAHAHAAAA. 

Dang, denial is a helluva drug.

 

Want to know why I joined AI? Because I wanted to show to the world the debunking of this stupid german video.

 
You may as well copyright that freaking saying, or maybe you are on drugs, you just keep repeating it. Also, another point is that you haven't even attacked any of my points, seem like we agree on my terms. Thanks for bringing along the stupid android joyride that is Ramrod.
 
Now, get out child, you don't belong here. Maybe one of those fandroid sites will do you well, just like AI does it's own Apple fanatics well.
post #85 of 319
Quote:
Originally Posted by Ramrod View Post

Honestly? Do you live in a bubble? WTF? Just because you're fine with not using gloves in the winter doesn't mean the rest of us are. The overwhelming population in North America alone (forget the rest of the world for a second) wears gloves in the winter. 
And YES there are gloves out there that work with TOUCHSREENS (not just iPhones), but these gloves don't work with the Touch ID. That's what the discussion is. Are you so bent on wanting everyone to love the Touch ID that you could not see this point? One more time now, the point of mentioning gloves was to point out they do not work with the TOUCH ID. Can't believe I had to actually point this out. Dang!
Well if that becomes such a problem for people in cold climates then turn touch id off and go back to passcode. It's not like Apple ever claimed touch id would work with gloves. And I hardly think its a reason not to implement it. I would guess the vast majority of people use their iPhone without gloves.
post #86 of 319

OMG!! My Bank website is only password protected! Guess my all money is gonna disappear soon! /s

post #87 of 319
Quote:
Originally Posted by Rogifan View Post
 
Quote:
Originally Posted by Ramrod View Post

Honestly? Do you live in a bubble? WTF? Just because you're fine with not using gloves in the winter doesn't mean the rest of us are. The overwhelming population in North America alone (forget the rest of the world for a second) wears gloves in the winter. 
And YES there are gloves out there that work with TOUCHSREENS (not just iPhones), but these gloves don't work with the Touch ID. That's what the discussion is. Are you so bent on wanting everyone to love the Touch ID that you could not see this point? One more time now, the point of mentioning gloves was to point out they do not work with the TOUCH ID. Can't believe I had to actually point this out. Dang!
Well if that becomes such a problem for people in cold climates then turn touch id off and go back to passcode. It's not like Apple ever claimed touch id would work with gloves. And I hardly think its a reason not to implement it. I would guess the vast majority of people use their iPhone without gloves.

"It's not like Apple ever claimed touch id would work with gloves", no but they DO claim that it is highly secure, which now seems to be uncertain at best, and untrue at worst.

post #88 of 319
Quote:
Originally Posted by Ramrod View Post
 

Sorry, best and easiest way is the pattern unlock that android uses. Apple should have put more money towards a better user experience, bigger and better screen, and better hardware overall. The fingerprint lock is useless in winter. What a hassle to keep taking off gloves to unlock my phone. I like what Nokia and Samsung did with the touchscreens that work with gloves. Get on it Apple. Stop these stupid gimmicks.

 

Sorry, but when it is too cold, a normal person's first priority is to find a warm place is what I have heard. And I don't think even homeless people are always outdoors during winter. Its all good trying to find some silly anti-sentiment from a corner, but we will have to apply all these factors into real world scenarios. Let us be practical. TouchID not allowing gloves is your complaint? Really?

post #89 of 319
Quote:
Originally Posted by Ramrod View Post
 

 

I don't give a shlt why you joined. lol. Seriously kid, don't get so upset because the Touch ID was bypassed. You sound like you're about to bust a nut.  You can still buy an iPhone and nobody will care either way. Just don't ever wear gloves. lol.

One more for the road, say it with me now, Denial Is A Helluva Drug;) 

 

If you don't care about why I joined AI.. then why are you laughing at me for saying you only joined to point out an Android feature on an Apple website...

My debunking clearly states this video was a serious con, and it seems you were fooled by it. Don't be intimidated by such people. And I don't ever wear gloves.. so that point is useless to me.. Damn you're conceited ;)
post #90 of 319
Quote:
Originally Posted by Taniwha View Post

"It's not like Apple ever claimed touch id would work with gloves", no but they DO claim that it is highly secure, which now seems to be uncertain at best, and untrue at worst.
How is it untrue? No one has accessed the secure enclave inside the A7 chip. This "hack" appears to have been done in a controlled environment and hasn't been replicated or independently verified by anyone. Also there doesn't appear to be an unedited video from start to finish showing how this was accomplished. Sorry for now I trust Apple's word over some YouTube video that hasn't been independently verified and replicated.
post #91 of 319
While the process is somewhat complex, the thinking behind it is straightforward. In this case, a high-resolution 2400 dpi photo of a user's fingerprint was harvested from a glass surface using graphite dust or cyanoacrylate (the main ingredient in Super Glue) and a camera. The resulting image was cleaned up and inverted with photo editing software, then laser printed at 1200 dpi onto a transparent sheet.

To create the fake fingerprint, pink latex milk or white wood glue is laid over the printout and allowed to set. Once cured, the dummy can be peeled off the transparency, breathed on to produce a thin layer of moisture, and applied to a finger. This will grant access to a Touch ID protected device, CCC claims. 

 

“Hey. Hey, Ted. Can I get a picture of your fingerprints? What for? Oh, I… Uh… I have a fetish. Yeah, that’s it. I have a fetish for fingerprints. Both thumbs… work it, baby… Thanks. You wouldn’t happen to have any latex milk on you, either, would you? And can I hop on your laptop for a few minutes? You still have Photoshop on there, right?

 

Originally Posted by MacHarry de View Post
OK,is it possible to return the new iPhone 5s to Apple until this hard issue is solved?

 

Cue (look at that, I used it correctly) hundreds of paid Samsungers spewing that all over every Apple site.

 

Originally Posted by Ramrod View Post

Says the person who just joined AI.

 

 

Are you really in any sort of position to be pulling this (perpetually meaningless) card?

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply
post #92 of 319

Great analysis. And adding:

1) Fingerprints add to, and/or enhance, existing security. 

2) CCC says fingerprints are not part of 'oppression' - such bizarre claims, and the lack of the end-to-end process video, make me suspicious.

3) Seriously, Are people buying the 5S for the fingerprinting? I'll bet the top motivators are: A) superior imaging technology; B) Prestige/Style/Coolness; C) Better Faster processing.

post #93 of 319
Quote:
Originally Posted by Rogifan View Post

How is it untrue? No one has accessed the secure enclave inside the A7 chip. This "hack" appears to have been done in a controlled environment and hasn't been replicated or independently verified by anyone. Also there doesn't appear to be an unedited video from start to finish showing how this was accomplished. Sorry for now I trust Apple's word over some YouTube video that hasn't been independently verified and replicated.

One of the security directors at DefCon claims to have replicated the process already.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #94 of 319
Quote:
Originally Posted by macdaddykane View Post

Fake finger hack looks pretty fake.

 

 

In the hypothetical case that this is method is not fake, the method is so complex it makes it totally impractical as this succinct comment on Google says "

 

Jay Tee 

"So tell me who is going to get a 2400 dpi picture of my finger...then print a 1200 dpi picture, after touching it up in photoshop. Then putting it on some kind of printed latex? The f..k?"

 

Then you also have to add graphite, clean up the image again, add super glue and  transfer it to thin transparent film, then put the film onto the Touch ID screen with your live finger which Touch ID previously learned. 


Edited by Secular Investor - 9/22/13 at 5:46pm
post #95 of 319
Quote:
Originally Posted by Gatorguy View Post

One of the security directors at DefCon claims to have replicated the process already.
On the iPhone 5S? And lets see this "claim" from start to finish in an uncontrolled environment.
post #96 of 319
Quote:
Originally Posted by 1983 View Post
 

 

Just go somewhere and relax, you rude zealot! I'm not going anywhere, and while I'm an Apple fan, I'm not going to shut up when they make the occasional mistake.

 

Except it's not a mistake. And rudeness is all some people understand when they make ridiculous statements. And since, from another thread, you already have your 5s we must assume you will continue to use the LESS secure 4 digit PIN instead of Touch ID. To do otherwise would be incredibly hypocritical of you.

post #97 of 319
Quote:
Originally Posted by meridian180 View Post

This video is misleading.

Assuming that the screen for setting up a second finger is the same as the first...

1. Notice he doesn't try the middle (unlocking) finger FIRST, to show that it CANNOT unlock the phone by itself.
2. Thus, the film he puts on his finger could be anything, because the middle finger could already be set up to unlock. The phone unlocks because it might already be set up.

And that doesn't even address if it's possible to get a complete enough print on a phone surface to photograph at the 2400dpi. Doubtful.

Way too much NOT shown in this clip.

 

Good point

post #98 of 319
Quote:
Originally Posted by Wings View Post

By the time a thief steals my phone, and SOMEHOW also gets my fingerprint (OK, maybe there's one unsmudged print left on my phone, but odds are 1-in-10 that it's my recorded print), and scans it at 2400dpi, prints it with a good printer at very high resolution, puts a layer of latex over it and WAITS for that to dry, I will have already set a passcode and/or wiped the phone. Not to mention I have activation lock enabled so he (or anyone he sells it to) would need my passcode to activate it.

Not worried. It's more than enough protection for little ole me.

 

Well, I'd say the odds are better than 1/10. You're probably going to use the thumb of the hand you hold the phone with for your Touch ID, and that thumb is likely to be touching your phone most of the time. 

 
Alternatively, if they can lift the print right off the touch sensor itself, they can be sure to have the right print!
post #99 of 319
Quote:
Originally Posted by Ramrod View Post

Quote:
Originally Posted by Slurpy View Post

 

There's so many falsities in your moronic, mindless troll post, that one does not know where to start. 
"Best and easiest"? Really? Easier than leaving my finger on the home button for a fraction of a second after clicking it? How the **** does that NOT improve user experience? Do you even know what that word means? Touch ID will be used hundreds of times a day by hundreds of millions of people. That does not qualify as a "gimmick". 
Better quality screen? Scientific tests have shown that the iPhone 5/5s screen is literally the best in the industry, by a dozen or so metrics. Larger? Thats simply your personal preference. 
 
The only gimmick is your post, which is asinine on so many levels. I have a Nexus 4. No, the pattern unlock is not the be-all-and-end-all of security. After getting used to touch ID, it seems like an obsolete, stone-age hassle. 

Again, what about the gloves in the winter time? Yeah, didn't think you cared to address that issue. Hmm.....

Unless you are one if the 10 people to buy capacitive gloves, your taking one off anyway...
post #100 of 319
If these "hackers" can show continuous, unedited footage of 11 people using this technique to unlock an iPhone 5S, then there MIGHT be some truth to this. Remember the iPhone's scanner can only remember 10 finger prints at one time. In my opinion, these CCC guys are just out to make a quick name for themselves and there's no truth to their claims. It looks to me that the fake finger print is not any thicker than a piece of scotch tape and the "hacker's" finger is being read through the fake finger print scan.

If there is truth to it, then Apple has some BIG questions to answer. You can't dismiss this hack and argue that Apple is at no fault because of the default pass code protection (again, should it be true). Apple, being the maker of the world's best products (in my opinion), is widely in the public eye with their finger print technology and public trust is a very important thing to not betray in the consumer's eye.
post #101 of 319

If I stole an iPhone, I'd just wipe it and sell it, why bother with all this CSI stuff, as if the average robber is that sophisticated.

post #102 of 319
Quote:
Originally Posted by Tallest Skil View Post

“Hey. Hey, Ted. Can I get a picture of your fingerprints? What for? Oh, I… Uh… I have a fetish. Yeah, that’s it. I have a fetish for fingerprints. Both thumbs… work it, baby… Thanks. You wouldn’t happen to have any latex milk on you, either, 
would you? And can I hop on your laptop for a few minutes? You still have Photoshop on there, right?

Could you possibly learn to read? You don't need to take a picture of the original fingerprint (I.e., the finger). You leave fingerprints all over the place. He'll, I wouldn't be surprised if you could lift the needed print from the TouchID sensor itself. Or how about this simple scenario: "Hey Ted, you done with that bottled water? I'll throw it out for you." Simple.

And latex milk? How about simple wood glue? Or are there no home improvement stores, Walmarts, Targets, are any of the dozens of other stores that carry such a product in your version of the universe?

There isn't anything exotic needed for this security bypass despite your ridiculous need to make it seem that way. Yes, TouchID is a good deterrent for the common thief, but anyone who's going to go to this level is going to be set up with the commonly available gear required to pull it off quickly and easily.
post #103 of 319
Quote:
Originally Posted by tort View Post
 

 

Yes, actually I HAVE successfully unlocked my friend's phones with looking at the oil pattern. It doesn't take an idiot. An easy swipe to get rid of it? Please. My GNote keeps those oil marks on there even if I wipe it... So that point falls.

 

Give one reason why anyone would believe an anonymous poster claiming to do what you claim? 

post #104 of 319
Originally Posted by caliminius View Post
There isn’t anything exotic needed for this security bypass…

 

:lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol::lol:

 

Next you’ll claim having a quantum computer to break RSA 4096-bit isn’t “exotic”.

 
And latex milk? How about simple wood glue?

 

Guess you didn’t read the article.

 
…anyone who’s going to go to this level is going to be set up with the commonly available gear required to pull it off quickly and easily. 

 

Or they’re smart enough to just wait 48 hours and reset the phone.

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply
post #105 of 319
Quote:
Originally Posted by murman View Post
 

If I stole an iPhone, I'd just wipe it and sell it, why bother with all this CSI stuff, as if the average robber is that sophisticated.

 

I think the concern is not so much about the phone as the data on it and the ability to spend money with the phone (if there's a wallet account linked to it). My phone's insured with a modest deductible; I suspect that a lot of people (albeit maybe not most) with phones this expensive have some form of insurance cover. But the insurance doesn't protect you against data or identity theft. This is especially a worry for people who are using their phone for corporate stuff. 

post #106 of 319
Quote:
Originally Posted by Arlor View Post
 

 

Well, I'd say the odds are better than 1/10. You're probably going to use the thumb of the hand you hold the phone with for your Touch ID, and that thumb is likely to be touching your phone most of the time. 

 
Alternatively, if they can lift the print right off the touch sensor itself, they can be sure to have the right print!

 

Speculative nonsense from someone who doesn't have a clue. You sound like the typical conspiracy theorist. If someone handed you their iPhone you wouldn't know where to start but you spout concocted theories out your nether orifice with abandon. 

post #107 of 319

We all know, number codes can be hacked as well. How about following software patch?

 

User swipes a finger, then user needs to swipe another finger not matching first finger - I mean you got 5 fingers ;-)

This wipes off first finger print. Now statistically chances of some lifting fingerprint and using it to unlock is much lower

 

And better yet - it can be made user defined parameter - 2 or 3 .. matches before you are let in

 

another potential software patch is after you get in with fingerprint, a mozilla of pictures is shown and you must click the correct image.

 

cheers!

post #108 of 319
Just checked out the video - AI shouldn't have even bothered with this one. No 'news' here except attention seekers, move on ...
post #109 of 319

You know, you could also cut off the person's finger and consider it a "hack". Really? Everything is crackable if you put enough thought and time into it. Serious, what is on someone's phone that would require going through that kind of process and... if I noticed my phone was missing, I'd put it on lock down requiring a passcode anyway.

 

Once thing they didn't cover is... TouchID can be programmed with up to five codes. So whose to say that the CSI staff that are doing this have the correct finger print? You have 10 fingers you know...

post #110 of 319
Quote:
Originally Posted by lkrupp View Post
 

Give one reason why anyone would believe an anonymous poster claiming to do what you claim? 

 

I've done it before.. I've done it with my friend's phones.. Just tell them you want to check out their phone if it has a pattern unlock, and boom lol. You're in. Not that hard. It's not impossible to do it..
post #111 of 319

Touch ID was designed to keep your wife from reading txt messages from your girlfriend while you are in the shower. If she suddenly orders a 2400 dpi laser film printer and a high resolution camera with a macro lens, then you might have something to worry about.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #112 of 319
Quote:
Originally Posted by lkrupp View Post
 

 

Speculative nonsense from someone who doesn't have a clue. You sound like the typical conspiracy theorist. If someone handed you their iPhone you wouldn't know where to start but you spout concocted theories out your nether orifice with abandon. 

 

I made a specific statistical claim -- a testable hypothesis even -- and then pointed out that you can be sure that the correct fingerprint (or whateverprint) is available in a specific place -- again a testable hypothesis. Conspiracy theories tend not be testable. 

 

I didn't say that the guys in the video could actually make it work. I advanced some testable considerations that I think are likely to be true if their method works.

 

In any case, your responses in this thread suggest that you're a more than a little overwrought over this issue. And impolite.

post #113 of 319
I simply don't understand how this can be possible if one takes Apple's "sub-epidermal" statement at face value. Watch the following video on Apple's site, starting at 1:20...

http://www.apple.com/iphone-5s/videos/#video-touch

The way I understood it when presented at the keynote was that it reads the print on the surface of the skin as well as penetrating deeper into the skin to ensure the print could not be faked.

I don't write this to attack Apple. I write this to know if any of you can explain in technical detail how Apple's sensor reads sub-epidermal details of one's finger.

Or could this be a bug that prevents the sub-epidermal scan from taking place?

Thanks.
post #114 of 319

If this had been a stolen phone this hack would not have worked because the finger print would have been invalidated in 48 hours.  Buyng your own phone and then take your sweet time to fake your own finger to crack it is not impressive.

 

 

By the time you fake a fingerprint for a stolen iPhone, the police would have located your with "Find my iPhone".

 

 

A lost or stolen iPhone can be easily wiped via iCloud.


Edited by AppleSauce007 - 9/22/13 at 6:31pm
post #115 of 319
Quote:
Originally Posted by lkrupp View Post

Take yourself and your "This is not good for Apple" nonsense and jump off a bridge. Apple never said anything remotely indicating this was unbeatable. YOU and your ilk blew it up into something it wasn't. You tell me which is easier to hack, a 4 digit PIN or Touch ID. You tell me how ANY device is secure once someone has physical possession of it.  YOU tell me how your ex-wife or girlfriend is going to do this. YOU tell me how the common thief is going to accomplish this. It's a step UP from the PIN and not a gimmick. Lots of people run around with no lock code at all because they don't like punching numbers. Touch ID will let them have some real security because it's easy to use.

I'll tell you what. When I get my iPhone 5s I'll let you have it and YOU into it hack it. And let's put some serious money up too. Otherwise shut up.
 
Just go away and play with yourself.

PED should quote this verbatim on CNN Money.
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
post #116 of 319

Hopefully my earlier comment clarifies something for you:

 

Gather 'round children, gather 'round.

 

Watch me debunk this.

 

Let me first start out by bringing out the fact that this sensor DOES scan the sub epidermal layers of your skin(which means it scans multiple layers of your skin to ensure it's yours).

 

Keep that fact in mind..

Now, when watching the video, you can see the person obviously successfully registering his finger print(his index finger), and it works quite well and very fast.

Then look at the finger print he copied. Notice how he used the same print, from the same finger, on the same person? Interesting.. Let's see where this is going..

 

Now, the sensor works by detecting your finger touching the steel band, so it's capacitive. When he puts the paper on the sensor, it clearly does nothing, but when he puts the SAME finger that he used for the print.. It magically unlocks. Why?

 

The sensor is reading the print through multiple layers, it is merely treating the paper as another layer of skin, therefore, it unlocks.

 

 

Until I see this German folk do the same thing, with a different print copied, and use another different person who is using a different finger to "fake" this, I call BS.

 

I'm not as easily conned by them, and just for a side note, it seems all they're doing is scamming the people who are offering bounties for this. Being a computer club full of guys, imagine what they would buy $16k worth of..

 

Debunked, and I'll be using the sensor because so far, it has not been hacked/faked.

post #117 of 319
Congratulations to the submitter that said in the time it would take to go through the proces the phone would be wiped. Correct me if I'm wrong. The person who cracks the phone shouldn't be able to gain access unless he or she has the ID and the passcode.
post #118 of 319
Quote:
Originally Posted by JDW View Post

I simply don't understand how this can be possible if one takes Apple's "sub-epidermal" statement at face value. Watch the following video on Apple's site, starting at 1:20...

http://www.apple.com/iphone-5s/videos/#video-touch

The way I understood it when presented at the keynote was that it reads the print on the surface of the skin as well as penetrating deeper into the skin to ensure the print could not be faked.

I don't write this to attack Apple. I write this to know if any of you can explain in technical detail how Apple's sensor reads sub-epidermal details of one's finger.

Or could this be a bug that prevents the sub-epidermal scan from taking place?

Thanks.

 

It's already established that you can, for example, read somebody's pulse from a cell phone camera, by sensing very rapid changes in skin tone. And that's from several feet away. It wouldn't surprise me if the sensor can read through a bit of skin. Skin is translucent, after all.

 

Now, as to what exactly they're measuring under the skin (e.g. what skin structures or formations under there are stable enough to reliably detect over time), I have no idea. But I doubt Apple would say it if it's just not true at all.

post #119 of 319
Quote:
Originally Posted by 1983 View Post
 

 

Yes, but Apple wanted much more from this technology over the long run. That seems to be quashed now. 

 

Not necessarily. Fingerprint recognition in connection with retina scans or some other technique can still work. I agree, though, that companies may be spooked out of allowing Touch ID instead of a pass code on their enterprise profiles. The silly thing, though, is that pass codes can be deduced by looking at where the fingerprints or wear is on the screen. 

post #120 of 319
Quote:
Originally Posted by Arlor View Post
 

 

It's already established that you can, for example, read somebody's pulse from a cell phone camera, by sensing very rapid changes in skin tone. And that's from several feet away. It wouldn't surprise me if the sensor can read through a bit of skin. Skin is translucent, after all.

 

Now, as to what exactly they're measuring under the skin (e.g. what skin structures or formations under there are stable enough to reliably detect over time), I have no idea. But I doubt Apple would say it if it's just not true at all.

 Probably the sub-epidurmal stuff is meant to make it quicker to read fingerprints. Remember the remarkable thing about Touch ID is its accuracy. I always had issues with fingerprint recognition systems in the past.

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • Apple's Touch ID already bypassed with established 'fake finger' technique
AppleInsider › Forums › Mobile › iPhone › Apple's Touch ID already bypassed with established 'fake finger' technique