KitGuru KitGuru.net – Tech News | Hardware News | Hardware Reviews | IOS | Mobile | Gaming | Graphics Cards
It only took two days before Apple's fingerprint sensor got hacked. Germany's Chaos Computer Club cracked the protection around the Apple fingerprint sensor on the new iPhone 5S, only two days after the device went on sale worldwide.
The group posted on their site saying that their biometric hacking team took a fingerprint of the user photographed from a glass surface and then created a fake fingerprint which could be placed on a thin sheet of film and used like a real finger to unlock the iPhone.
The claim may have been easily dismissed in certain quarters, but the group uploaded a video as well to proof their success. The story will cause concern for many businesses who may have felt that the new fingerprint reader was a move forward in regards to keeping their mobile devices secure.
Starbug, a member of the Chaos Club said “This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided. In reality, Apple's sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake. As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.”
While this is not as severe as actually hacking the phone and extracting the fingerprint respresentation it proves that the methodology is not perfect.
[yframe url='http://www.youtube.com/watch?v=HM8b8d8kSNQ']
This is now the third security failing for Apple since the new phone and iOS7 were released last week. One found the Emergency Call screen can be used to place a call to any number, and another showed a flaw in iOS7 Control Centre to access photos and send emails.
The Chaos Computer Club detail how they unlocked the phone with a fake print. They took a fingerprint from glass. The print is made visible using graphite powder or a component of superglue and then photographed at high resolution to create a 2,400 ppi scan. That is then printed onto an overhead projector plastic slide using a laser print, forming a relief. This is then covered in wood glue and attached to a real finger.
Kitguru says: 2 days, must be a new record.
somethings wrong with your hand dude
really? great reporting, 3 security claims all of which are bullshit. 1 the phone in video is fake as its not 5S they forgot their extra hole thats not there between ear speaker and the left edge. Plus the ear speaker is the old one huge 5 S is much smaller and it shows cause the time on screen is half the size of the ear piece on 5S it is almost lined up. the flaw about the other 2 are settings. an emergency call to call an ICE number so you can call others to tell them of emergency. if it was only 911 it would be a 911 button only. not dial pad. the control center thing is also a setting allowing access on lock screen to those features . Um yeah something is wrong with his hand plus grease on phone makes it CRYSTAL clear. That phone is fake fake.