In the hypothetical case that this is method is not fake, the method is so complex it makes it totally impractical as this succinct comment on Google says "
"So? tell me who is going to get a 2400 dpi picture of my finger...then print a 1200 dpi picture, after touching it up in photoshop. Then putting it on some kind of printed latex? The f..k?"
Then you also have to add graphite, clean up the image again, add super glue and transfer it to thin transparent film, then put the film onto the Touch ID screen with your live finger which Touch ID previously learned.
Just go somewhere and relax, you rude zealot! I'm not going anywhere, and while I'm an Apple fan, I'm not going to shut up when they make the occasional mistake.
Except it's not a mistake. And rudeness is all some people understand when they make ridiculous statements. And since, from another thread, you already have your 5s we must assume you will continue to use the LESS secure 4 digit PIN instead of Touch ID. To do otherwise would be incredibly hypocritical of you.
Assuming that the screen for setting up a second finger is the same as the first...
1. Notice he doesn't try the middle (unlocking) finger FIRST, to show that it CANNOT unlock the phone by itself.
2. Thus, the film he puts on his finger could be anything, because the middle finger could already be set up to unlock. The phone unlocks because it might already be set up.
And that doesn't even address if it's possible to get a complete enough print on a phone surface to photograph at the 2400dpi. Doubtful.
By the time a thief steals my phone, and SOMEHOW also gets my fingerprint (OK, maybe there's one unsmudged print left on my phone, but odds are 1-in-10 that it's my recorded print), and scans it at 2400dpi, prints it with a good printer at very high resolution, puts a layer of latex over it and WAITS for that to dry, I will have already set a passcode and/or wiped the phone. Not to mention I have activation lock enabled so he (or anyone he sells it to) would need my passcode to activate it.
Not worried. It's more than enough protection for little ole me.
Well, I'd say the odds are better than 1/10. You're probably going to use the thumb of the hand you hold the phone with for your Touch ID, and that thumb is likely to be touching your phone most of the time.
Alternatively, if they can lift the print right off the touch sensor itself, they can be sure to have the right print!
There's so many falsities in your moronic, mindless troll post, that one does not know where to start.
"Best and easiest"? Really? Easier than leaving my finger on the home button for a fraction of a second after clicking it? How the **** does that NOT improve user experience? Do you even know what that word means? Touch ID will be used hundreds of times a day by hundreds of millions of people. That does not qualify as a "gimmick".
Better quality screen? Scientific tests have shown that the iPhone 5/5s screen is literally the best in the industry, by a dozen or so metrics. Larger? Thats simply your personal preference.
The only gimmick is your post, which is asinine on so many levels. I have a Nexus 4. No, the pattern unlock is not the be-all-and-end-all of security. After getting used to touch ID, it seems like an obsolete, stone-age hassle.
Again, what about the gloves in the winter time? Yeah, didn't think you cared to address that issue. Hmm.....
Unless you are one if the 10 people to buy capacitive gloves, your taking one off anyway...
If these "hackers" can show continuous, unedited footage of 11 people using this technique to unlock an iPhone 5S, then there MIGHT be some truth to this. Remember the iPhone's scanner can only remember 10 finger prints at one time. In my opinion, these CCC guys are just out to make a quick name for themselves and there's no truth to their claims. It looks to me that the fake finger print is not any thicker than a piece of scotch tape and the "hacker's" finger is being read through the fake finger print scan.
If there is truth to it, then Apple has some BIG questions to answer. You can't dismiss this hack and argue that Apple is at no fault because of the default pass code protection (again, should it be true). Apple, being the maker of the world's best products (in my opinion), is widely in the public eye with their finger print technology and public trust is a very important thing to not betray in the consumer's eye.
[quote name="Tallest Skil" url="/t/159692/apples-touch-id-already-bypassed-with-established-fake-finger-technique/80#post_2403067"] “Hey. Hey, Ted. Can I get a picture of your fingerprints? What for? Oh, I… Uh… I have a fetish. Yeah, that’s it. I have a fetish for fingerprints. Both thumbs… work it, baby… Thanks. You wouldn’t happen to have any latex milk on you, either, would you? And can I hop on your laptop for a few minutes? You still have Photoshop on there, right?
Could you possibly learn to read? You don't need to take a picture of the original fingerprint (I.e., the finger). You leave fingerprints all over the place. He'll, I wouldn't be surprised if you could lift the needed print from the TouchID sensor itself. Or how about this simple scenario: "Hey Ted, you done with that bottled water? I'll throw it out for you." Simple.
And latex milk? How about simple wood glue? Or are there no home improvement stores, Walmarts, Targets, are any of the dozens of other stores that carry such a product in your version of the universe?
There isn't anything exotic needed for this security bypass despite your ridiculous need to make it seem that way. Yes, TouchID is a good deterrent for the common thief, but anyone who's going to go to this level is going to be set up with the commonly available gear required to pull it off quickly and easily.
Yes, actually I HAVE successfully unlocked my friend's phones with looking at the oil pattern. It doesn't take an idiot. An easy swipe to get rid of it? Please. My GNote keeps those oil marks on there even if I wipe it... So that point falls.
Give one reason why anyone would believe an anonymous poster claiming to do what you claim?
If I stole an iPhone, I'd just wipe it and sell it, why bother with all this CSI stuff, as if the average robber is that sophisticated.
I think the concern is not so much about the phone as the data on it and the ability to spend money with the phone (if there's a wallet account linked to it). My phone's insured with a modest deductible; I suspect that a lot of people (albeit maybe not most) with phones this expensive have some form of insurance cover. But the insurance doesn't protect you against data or identity theft. This is especially a worry for people who are using their phone for corporate stuff.
Well, I'd say the odds are better than 1/10. You're probably going to use the thumb of the hand you hold the phone with for your Touch ID, and that thumb is likely to be touching your phone most of the time.
Alternatively, if they can lift the print right off the touch sensor itself, they can be sure to have the right print!
Speculative nonsense from someone who doesn't have a clue. You sound like the typical conspiracy theorist. If someone handed you their iPhone you wouldn't know where to start but you spout concocted theories out your nether orifice with abandon.
You know, you could also cut off the person's finger and consider it a "hack". Really? Everything is crackable if you put enough thought and time into it. Serious, what is on someone's phone that would require going through that kind of process and... if I noticed my phone was missing, I'd put it on lock down requiring a passcode anyway.
Once thing they didn't cover is... TouchID can be programmed with up to five codes. So whose to say that the CSI staff that are doing this have the correct finger print? You have 10 fingers you know...
Give one reason why anyone would believe an anonymous poster claiming to do what you claim?
I've done it before.. I've done it with my friend's phones.. Just tell them you want to check out their phone if it has a pattern unlock, and boom lol. You're in. Not that hard. It's not impossible to do it..
Touch ID was designed to keep your wife from reading txt messages from your girlfriend while you are in the shower. If she suddenly orders a 2400 dpi laser film printer and a high resolution camera with a macro lens, then you might have something to worry about.
Speculative nonsense from someone who doesn't have a clue. You sound like the typical conspiracy theorist. If someone handed you their iPhone you wouldn't know where to start but you spout concocted theories out your nether orifice with abandon.
I made a specific statistical claim -- a testable hypothesis even -- and then pointed out that you can be sure that the correct fingerprint (or whateverprint) is available in a specific place -- again a testable hypothesis. Conspiracy theories tend not be testable.
I didn't say that the guys in the video could actually make it work. I advanced some testable considerations that I think are likely to be true if their method works.
In any case, your responses in this thread suggest that you're a more than a little overwrought over this issue. And impolite.
Comments
Are you really in any sort of position to be pulling this (perpetually meaningless) card?
Oh the irony, buddy, THAT was MY point I was making to him/her. How do you not understand that? lol.
Read through the full convo before jumping the gun.
Fake finger hack looks pretty fake.
In the hypothetical case that this is method is not fake, the method is so complex it makes it totally impractical as this succinct comment on Google says "
Jay Tee
"So? tell me who is going to get a 2400 dpi picture of my finger...then print a 1200 dpi picture, after touching it up in photoshop. Then putting it on some kind of printed latex? The f..k?"
Then you also have to add graphite, clean up the image again, add super glue and transfer it to thin transparent film, then put the film onto the Touch ID screen with your live finger which Touch ID previously learned.
Just go somewhere and relax, you rude zealot! I'm not going anywhere, and while I'm an Apple fan, I'm not going to shut up when they make the occasional mistake.
Except it's not a mistake. And rudeness is all some people understand when they make ridiculous statements. And since, from another thread, you already have your 5s we must assume you will continue to use the LESS secure 4 digit PIN instead of Touch ID. To do otherwise would be incredibly hypocritical of you.
This video is misleading.
Assuming that the screen for setting up a second finger is the same as the first...
1. Notice he doesn't try the middle (unlocking) finger FIRST, to show that it CANNOT unlock the phone by itself.
2. Thus, the film he puts on his finger could be anything, because the middle finger could already be set up to unlock. The phone unlocks because it might already be set up.
And that doesn't even address if it's possible to get a complete enough print on a phone surface to photograph at the 2400dpi. Doubtful.
Way too much NOT shown in this clip.
Good point
By the time a thief steals my phone, and SOMEHOW also gets my fingerprint (OK, maybe there's one unsmudged print left on my phone, but odds are 1-in-10 that it's my recorded print), and scans it at 2400dpi, prints it with a good printer at very high resolution, puts a layer of latex over it and WAITS for that to dry, I will have already set a passcode and/or wiped the phone. Not to mention I have activation lock enabled so he (or anyone he sells it to) would need my passcode to activate it.
Not worried. It's more than enough protection for little ole me.
Well, I'd say the odds are better than 1/10. You're probably going to use the thumb of the hand you hold the phone with for your Touch ID, and that thumb is likely to be touching your phone most of the time.
Unless you are one if the 10 people to buy capacitive gloves, your taking one off anyway...
If there is truth to it, then Apple has some BIG questions to answer. You can't dismiss this hack and argue that Apple is at no fault because of the default pass code protection (again, should it be true). Apple, being the maker of the world's best products (in my opinion), is widely in the public eye with their finger print technology and public trust is a very important thing to not betray in the consumer's eye.
If I stole an iPhone, I'd just wipe it and sell it, why bother with all this CSI stuff, as if the average robber is that sophisticated.
“Hey. Hey, Ted. Can I get a picture of your fingerprints? What for? Oh, I… Uh… I have a fetish. Yeah, that’s it. I have a fetish for fingerprints. Both thumbs… work it, baby… Thanks. You wouldn’t happen to have any latex milk on you, either,
would you? And can I hop on your laptop for a few minutes? You still have Photoshop on there, right?
Could you possibly learn to read? You don't need to take a picture of the original fingerprint (I.e., the finger). You leave fingerprints all over the place. He'll, I wouldn't be surprised if you could lift the needed print from the TouchID sensor itself. Or how about this simple scenario: "Hey Ted, you done with that bottled water? I'll throw it out for you." Simple.
And latex milk? How about simple wood glue? Or are there no home improvement stores, Walmarts, Targets, are any of the dozens of other stores that carry such a product in your version of the universe?
There isn't anything exotic needed for this security bypass despite your ridiculous need to make it seem that way. Yes, TouchID is a good deterrent for the common thief, but anyone who's going to go to this level is going to be set up with the commonly available gear required to pull it off quickly and easily.
Yes, actually I HAVE successfully unlocked my friend's phones with looking at the oil pattern. It doesn't take an idiot. An easy swipe to get rid of it? Please. My GNote keeps those oil marks on there even if I wipe it... So that point falls.
Give one reason why anyone would believe an anonymous poster claiming to do what you claim?
Next you’ll claim having a quantum computer to break RSA 4096-bit isn’t “exotic”.
Guess you didn’t read the article.
Or they’re smart enough to just wait 48 hours and reset the phone.
If I stole an iPhone, I'd just wipe it and sell it, why bother with all this CSI stuff, as if the average robber is that sophisticated.
I think the concern is not so much about the phone as the data on it and the ability to spend money with the phone (if there's a wallet account linked to it). My phone's insured with a modest deductible; I suspect that a lot of people (albeit maybe not most) with phones this expensive have some form of insurance cover. But the insurance doesn't protect you against data or identity theft. This is especially a worry for people who are using their phone for corporate stuff.
Well, I'd say the odds are better than 1/10. You're probably going to use the thumb of the hand you hold the phone with for your Touch ID, and that thumb is likely to be touching your phone most of the time.
Speculative nonsense from someone who doesn't have a clue. You sound like the typical conspiracy theorist. If someone handed you their iPhone you wouldn't know where to start but you spout concocted theories out your nether orifice with abandon.
We all know, number codes can be hacked as well. How about following software patch?
User swipes a finger, then user needs to swipe another finger not matching first finger - I mean you got 5 fingers ;-)
This wipes off first finger print. Now statistically chances of some lifting fingerprint and using it to unlock is much lower
And better yet - it can be made user defined parameter - 2 or 3 .. matches before you are let in
another potential software patch is after you get in with fingerprint, a mozilla of pictures is shown and you must click the correct image.
cheers!
You know, you could also cut off the person's finger and consider it a "hack". Really? Everything is crackable if you put enough thought and time into it. Serious, what is on someone's phone that would require going through that kind of process and... if I noticed my phone was missing, I'd put it on lock down requiring a passcode anyway.
Once thing they didn't cover is... TouchID can be programmed with up to five codes. So whose to say that the CSI staff that are doing this have the correct finger print? You have 10 fingers you know...
Give one reason why anyone would believe an anonymous poster claiming to do what you claim?
Touch ID was designed to keep your wife from reading txt messages from your girlfriend while you are in the shower. If she suddenly orders a 2400 dpi laser film printer and a high resolution camera with a macro lens, then you might have something to worry about.
Speculative nonsense from someone who doesn't have a clue. You sound like the typical conspiracy theorist. If someone handed you their iPhone you wouldn't know where to start but you spout concocted theories out your nether orifice with abandon.
I made a specific statistical claim -- a testable hypothesis even -- and then pointed out that you can be sure that the correct fingerprint (or whateverprint) is available in a specific place -- again a testable hypothesis. Conspiracy theories tend not be testable.
I didn't say that the guys in the video could actually make it work. I advanced some testable considerations that I think are likely to be true if their method works.
In any case, your responses in this thread suggest that you're a more than a little overwrought over this issue. And impolite.