Apple's Touch ID already bypassed with established 'fake finger' technique

191012141517

Comments

  • Reply 221 of 330
    mr omr o Posts: 1,046member

    What about combining the fingerprint sensor with the facetime camera? The facetime camera can make use of the face recognition software from iPhoto?

     

    The next iPhone should be called MI6 ;) Just joking, here's hoping for "iPhone" and "iPhone mini".

  • Reply 222 of 330
    Ah well, if you want to increase the difficulty to get your fingerprint, just use a left-hand finger if you are right-handed (and visa-versa) to unlock your iPhone.
    And/or use your pinky with your iPhone and start drinking your beer like a snob with your pinky in the air ...
  • Reply 223 of 330
    Omg not you too, macRUMORS posted this very misleading vid..,and you have a very misleading headline stating "established" when this is only a CLAIM, and, especially, very sketchy, not confirmed. You are adding credibility to a fear tactic. I'm about to dump all these crappy Mac forums, need to find one that doesn't post stupid crap like this just to get hits on your website. Ugh.

    iOS 7's new Activation Lockout feature invalidates this B.S., if it were valid to begin with.
  • Reply 224 of 330
    Well done hacker group in Germany. You have lived up to your reputation of being complete lifeless geeks.
  • Reply 225 of 330
    wingswings Posts: 261member
    Quote:
    Originally Posted by Gatorguy View Post





    True. There's already been at least one guy using his nipple to unlock his 5s, and another who used his nose. Even a cat's paw presumably works

     

    Yeah, but they first taught the 5S to recognize that body part as their "fingerprint".

  • Reply 226 of 330
    wingswings Posts: 261member
    Quote:
    Originally Posted by Secular Investor View Post



    Apple have already explained that the Touch ID cannot be fooled by a 2-D image because the sub-epidermal image it creates is 3-D not 2-D.



    Yet these Germans are claiming that a 2-D image on a thin transparent film fooled the Touch ID sensor

     

    You must have missed the part where they put a layer of latex over the printed print and used that. So, it did require a certain level of thickness and not just a simple 2D printout.

  • Reply 227 of 330
    gatorguygatorguy Posts: 23,302member
    wings wrote: »
    Yeah, but they first taught the 5S to recognize that body part as their "fingerprint".

    Well of course.
  • Reply 228 of 330
    wings wrote: »
    You must have missed the part where they put a layer of latex over the printed print and used that. So, it did require a certain level of thickness and not just a simple 2D printout.

    What i'm interested to know is whether a simple finger print lift from daily items that the user gets in contact with, provides enough data to create the 3D latex fingerprint copy
  • Reply 229 of 330
    Despite claims to the contrary, Apple iPhone 5s with Touch ID is highly secure for the following reasons:
    [LIST]
    [*] Touch ID requires a passcode for failback
    [*] The passcode is required after a reboot
    [*] The passcode is required after 48 hours of inactivity
    [*] The passcode is required after 5 failed authentication attempts
    [*] The owner can use Find my Phone to track the phone
    [*] The owner can use Remote Wipe
    [*] The iPhone provides fallback to Remote Wipe upon 10 unsuccessful authentication attempts
    [*] The iPhone provides fallback to iCloud account authentication after Remote Wipe
    [*] The iPhone has full disk encryption using 256 bit AES by default when a passcode is set
    [/LIST]
  • Reply 230 of 330

    That $365,000,000 was rather a waste of money. I thought Apple would do something clever with the technology; such as the user having to tap in a pattern of four (or so) different prints in a sequence of their choosing which would result in a far more complex (and secure) lock.

     

    P.s. If they didn't patent this idea I'm releasing it for free.

  • Reply 231 of 330
    hydrhydr Posts: 146member

    This isn´t pin vs. fingerprint though, as everyone is discussing. It´s password vs. fingerprint, as password is what I use to buy iTunes content with. Hopefully Apple can tweak it so it isn´t easily lifted, or they will have failure on their hands. Had high hopes for TouchID for future payment systems, this just cracked a huge hole in it.

  • Reply 232 of 330
    mauszmausz Posts: 243member
    Quote:
    Originally Posted by Rayz View Post

     

    To begin with, the equipment and effort required is beyond just about every casual  out most iPhone users will ever encounter.

     


     

    Any scanner will do 2400x4800 scanning, and most laser printers can do 1200 dpi printing. That leaves the transparent laser printer media which I still have (used for the old-fashioned overhead-projector) and the woodglue. So no special equipment needed.

     

    Note : They state a 2400dpi photograph, not scan... Don't know if that makes a difference.

  • Reply 233 of 330
    hydr wrote: »
    This isn´t pin vs. fingerprint though, as everyone is discussing. It´s password vs. fingerprint, as password is what I use to buy iTunes content with. Hopefully Apple can tweak it so it isn´t easily lifted, or they will have failure on their hands. Had high hopes for TouchID for future payment systems, this just cracked a huge hole in it.

    No.

    For approximately half of all iPhone users this is nothing versus authentication which is a vast improvement.

    Apple could quickly and easily improve security for mobile payments and likely will.
  • Reply 234 of 330
    Quote:
    Originally Posted by ReiszRie View Post





    What i'm interested to know is whether a simple finger print lift from daily items that the user gets in contact with, provides enough data to create the 3D latex fingerprint copy

     

    Exactly! I doubt that very much. So if... and if at all, any of this claim is remotely true, this is a very valid point. Whenever I see some fingerprints on any surface, they tend to be smeared and after a lot of photoshopping, they would need to be run against a FP database to be verified and only after positive match you might have some confidence to have obtained a valid fingerprint. But what if the owner used the pinky to unlock his device (as some people here already suggested)? All that hell of a trouble for nothing.

    So much to the title "Apple's iTouchID already bypassed.....".


     


    Totally crap.


     


    Anyhow apart from elevated security I am more exited about the advanced ease of use this feature implements into iOS7.
  • Reply 235 of 330

    Now if someone steals my iPhone he would have to come back to get my fingerprint. Come on! of course he was able to crack it. He had all the time in the world to get the mold of his own finger. If someone steals your iPhone, he won't be able to unlock it unless he has a high resolution image of your fingerprint, and how the heck is he going to get it?

  • Reply 236 of 330
    Damn it! Now I have to store my nuclear launch codes somewhere else!! lol
  • Reply 237 of 330
    Quote:

    Originally Posted by Bloodshotrollin'red View Post

     

    That $365,000,000 was rather a waste of money. I thought Apple would do something clever with the technology; such as the user having to tap in a pattern of four (or so) different prints in a sequence of their choosing which would result in a far more complex (and secure) lock.

     

    P.s. If they didn't patent this idea I'm releasing it for free.


     

    This is a funny Idea with the 4 prints in a case where there is high security required. But to simply unlock my iPhone in a most convenient way one simple print is more secure than enough. It is certainly more secure then what 95% of iPhone users do right now.

  • Reply 238 of 330
    Quote:

    Originally Posted by markguam View Post



    Damn it! Now I have to store my nuclear launch codes somewhere else!! lol

     

    So we all have to assume, that you got your 5s already!

     


    jealous!  :grumble:
  • Reply 239 of 330
    matrix07matrix07 Posts: 1,993member
    Quote:

    Originally Posted by markguam View Post



    Damn it! Now I have to store my nuclear launch codes somewhere else!! lol

     

    Yeah, I guess we're doomed somehow. 

    :smokey:

     

     

  • Reply 240 of 330
    As said previously the TouchID compliments and doesn't fully replace authentication on the iPhone.

    Could someone take the time to go through and hack a computer? Sure... Could someone take the time to brute force a simple 10 character passcode on your iPhone? Yep.

    A simple analogy to put in retrospect - putting a lock on your house's front door. Could someone pick the lock? Maybe. Could I easily break a window on the side of the house or kick down the door and come right in? Yea. It's another layer of security that deters theft. Just like what the TouchID is doing.

    I don't understand why people are getting so heated on this. Any phone can be hacked one way or another if you have the right resources available. I don't see many folks going out and spending the time to rig up such a mock up unless they are determined thief or hacker.
Sign In or Register to comment.