It took just two days and a small collection of everyday household items for a group of German hackers to bypass the fingerprint sensor on an Apple iPhone 5S.
Chaos Computer Club, based in Berlin, took a high-resolution photograph of a fingerprint from the side of a glass.
They then scanned it, before laser printing it onto a transparent sheet and covering it in woodglue. Once the glue had dried, they peeled off the print copy and pressed it on the scanner.
No, it’s not awkward. That biometrics are kind of a stupid form of security (and fingerprints even more so) has been known by reasonably well-informed people for decades. This is just more media reporting on stuff they don’t actually understand. On the upside, it provides an opportunity for Al Franken to publicly beclown himself.
Fingerprint scanners are for convenience, not security.
Hot melt works for copying fingerprints too.
Now, I was in the market for a phone. I discovered that the Blackberry is -not- even faintly secure anymore, the NSA is all over it. Thus disappeared my last reason for not buying an Apple. If I’m going to be hacked and tracked no matter what, the phone may as well do all the stuff I want it to do.
So I got the 5C. Which is pretty cool, as phones go. I didn’t get the better/faster/awesomer 5S specifically because of the fingerprint thing.
Because I don’t trust them.
Here’s an interesting datum for all you tinfoil hat wearing types (myself included). In the info regarding Location Services on my iPad, it tells you that you can turn it on and off. Then it says this: “For safety purposes, however, your iPad’s location information may be used for emergency calls to aid response efforts regardless of whether you enable Location Services.” Verbatim from the Location Services and Privacy blurb on my iPad. Which is WiFi only, just to be clear.
Which means my friends that the device communicates its location to Apple NO MATTER WHAT YOU DO. It keeps that info in a file in memory, and sends it along periodically. Apple then keeps it in a server someplace, and does whatever Apple does with such things. NSA gets it all off the cell towers directly for phones, but not WiFi. I’d be astounded if they don’t get the full Apple take for WiFi directly from Apple. In fact I’d be astounded if they don’t have their own secure racks with armed guards right in the Apple server farm.
So I just turned it on. May as well get some use out of it, if they’re tracking me anyway. Because I can always just give it to somebody else for the day and let them run around with it. Screws up the tracking.
Now with the 5S, it knows who is using it by the fingerprint reader. Normally they can only locate the phone, but now they can actually verify that YOU are holding the phone.
Unless of course you go to the ridiculous lengths of making a fake fingerprint out of glue or hot-melt or some such. Then you can fool it. But who’s going to do that, really? Professional dirtbags, obviously. Everyone else will just play along.
So here we have a technology which can and does track the mundane population, but can’t track the dangerous and/or crooked people that the government is supposed to be trying to find and stop.
In whose best interests is this?
Android isn’t any better.
http://arstechnica.com/security/2013/07/does-nsa-know-your-wifi-password-android-backups-may-give-it-to-them/
They can probably correlate it with all the WiFi data they scooped with the street view vehicles.
I agree with Daniel Ream. The fingerprint scanner is not meant to be infallible. Neither is the usual passcode, which can be viewed by people looking over your shoulder.
Someone serious about security might use both. But even then it is still not infallible.
Yeah well, besides the advantages of the 1 room schoolhouse, growing up with rural party lines makes discretion on a hello-phone second nature…..ya alas assume somebody is list’nin….
I see have some women of LV Louis Vuitton hair broc LV Louis Vuitton hures and see on being located on to pare off the man LV Purses of small advertisement of telegraph pole, see handing LV Purses over of intersections on duty Jing and also ran into two colleagues of unit.I originally wanted to go to Su rather the electric ap Louis Vuitton p