Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
iPhone Newsforums, a part of the
09-23-2013, 06:32 PM #1
Apple's Touch ID System Bypassed by Hacker Group in Germany
A hacker group in Germany claims to have defeated Apple’s new Touch ID biometric security system by using a modified fingerprint lifting and “fake finger” creation technique. According to a detailed walkthrough of the bypass provided by the group’s biometric hacking team, the iPhone 5S’ Touch ID hardware is, in effect, merely a higher resolution version of existing sensors. This means the system can be defeated using common fingerprint lifting techniques, although it should be noted that this needs to be done at a more refined level. The bypass is demonstrated in the short video below:
The system is detailed in a method which requires obtaining the original user’s fingerprint. The following was said regarding the method:
First, the fingerprint of the enroled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.
CCC spokesman Frank Reiger said the following regarding the whole ordeal:
We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token. The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access.
09-23-2013, 06:45 PM #2
The process to hack the fingerprint sensor is absurd. Might as well cut off the persons finger
09-23-2013, 06:47 PM #3
Um, so who's to say they didn't register that finger before hand and the sensor was detecting it through the clear plastic? It's supposed to be reading the live dermis layer under the dead epidermis layer. This video doesn't prove anything to me so far.
09-23-2013, 07:00 PM #4
Not to take anything away from the group and the hard work they put into this, but your average iPhone thief is not going to have the time or ability to follow you around and hope you touch something so that he/she can lift your fingerprint and make a wax finger. Your average thief is looking to make a quick buck. Not to mention, who is to say that the iphone owner used his index finger or thumb for Touch ID? Maybe he used his pinky on his non dominant hand?
09-23-2013, 07:10 PM #5
You can unlock their phone? Congrats. But when I track you via find my iPhone (because you can't disable that with a fingerprint) I'll keep in mind you went the extra mile to lift my print and steal my phone.
09-23-2013, 07:12 PM #6
Not to mention how easy it is to look while someone types there code in. The fingerprint idea still serves the purpose it was intended to do. Everyone likes to nitpick everything apple does but u don't hear about any one trying to hack an S4 which I'm sure is as easy as an iPhone.
09-23-2013, 07:27 PM #7
The Following User Says Thank You to Beeb For This Useful Post:
09-23-2013, 07:46 PM #8
09-23-2013, 07:52 PM #9
Honestly. Who gives a s***? That's way too much work for a person. If they really want in they'll just restore as new. Easy as that.
The Following User Says Thank You to PokemonDesigner For This Useful Post:
09-23-2013, 07:53 PM #10
Restoring at all requires find my iPhone to be off. That is only possible with your apple id password.
09-23-2013, 08:02 PM #11
Between this and lock activation, I think Apple has effectively rendered the value of a stolen iPhone as nothing more than a pricey paperweight. The real question is how long will this take to trickle down to thieves and how many thieves will start incorporating "disable find my phone b-fo I smoke a fool" into their repertoire.They can have my jailbreak when they pry it from my cold dead fingers.
09-23-2013, 08:04 PM #12
If somebody can "hack" my finger print (or hack entire finger off), then they can have all my data well deserved lol
09-23-2013, 08:33 PM #13
If you need help, drop me a message.
09-23-2013, 08:43 PM #14
09-23-2013, 08:50 PM #15
Well the winner of the 16k worth of booze, an iPhone 5c and porn is a group of germans and they USED A TRANSPARENT PIECE OF PLASTIC!!!!!!!!!!!!!!1
09-24-2013, 01:20 AM #16Absurdity in the Details
The idea, technology, and implementation of TouchID is extremely impressive for consumer electronics. Other personal computing technologies such as notebooks used fingerprint scanners to secure the device, but nothing as intricate and revolutionary as hardware based security on one the most mobile technologies in the world.
Having said that, yes, these "hackers" found a way to supposedly circumvent this technology, but not by hacking and using more ingenuity than most thieves would find irrevocably useless in that line of criminal activity. One could argue that a thief's best and worst friend is time. The less time it takes to steal, the less time to get caught.
My fear was the hardware protocol being secure enough to protect the data used to store and implement fingerprints. I would want peace-of-mind knowing that the information is three things: 1. Exceedingly improbable to access, 2. Secured by more than the standard encryption, and 3. If all else, the data, if miraculously retrieved, could not be reversed engineered (or at the very least, make it nearly impossible and not worth it).
As with most technology, there may be security geniuses testing those three variables to circumvent TouchID, but I'd like to think that they are testing vulnerabilities in order to help protect the consumers. Lofty? Yes. But we can hold onto hope.
09-24-2013, 01:28 AM #17
I'm going to scan my big toe, good luck trying to get a photograph of that!
09-24-2013, 02:35 AM #18
this guys got the major case of the shakes.. maybe he should go easy on the crack..
09-24-2013, 05:59 AM #19
09-24-2013, 06:48 AM #20