Forums >
Off-Topic Discussion >
Bounty Offered To Anyone Who Hacks iPhone Thumb ID
Wye wrote: Sep 19 13 08:57 am Link Lohkee wrote: Low-tech solutions are always the killer. I can't tell you how much resources have been spent on trying to secure images and video (my previous employer had the major movie studios as clients, and they were super-paranoid about their movie trailers, posters, etc). We spent fortunes hiring companies like InstallShield, and other outfits out of places like Israel to create solutions, but I would always remind my bosses that its still a simple matter to grab a camera and take a photo of an image displayed on a computer screen, thus defeating the latest 6-figure "solution" they had just bought and bragged to clients about. Sep 19 13 09:00 am Link Lightcraft Studio wrote: Nope. Apple paid $350 million last year for the company that created the technology behind Touch ID. You don't spend that kind of money for pre-existing technoogy. Sep 19 13 10:41 am Link Let There Be Light wrote: Not necessarily true at all. There is a huge difference between a truly new technology, and developing a custom sensor that utilizes existing technology in some unique package (like a button). Huge. From what I've been able to see (and I haven't really looked that hard in all honesty), they are using capacitance to image the print. Translation: Using old technology in a (sorta) new way. Sep 19 13 12:24 pm Link Lohkee wrote: AuthenTec is the one they most recently purchased (14 months ago) Sep 19 13 12:30 pm Link Wye wrote: Yep. It appears that you are correct. Sep 19 13 12:32 pm Link It's not as if fingerprint scanners can't be spoofed. Biometric Devices and Fingerprint Spoofing (January 2006) http://www2.washjeff.edu/users/aholland … index.html Aussie Kids Foil Finger Scanner With Gummi Bears http://it.slashdot.org/story/10/10/28/0 … ummi-bears MythBusters Fingerprint Scanners Are Unbeatable --- Finding: BUSTED http://dsc.discovery.com/tv-shows/mythb … atable.htm http://blogs.technet.com/b/steriley/arc … 57845.aspx Could iPhone 5S Thieves Chop Off Fingers To Hack Fingerprint Scanner? http://www.huffingtonpost.co.uk/2013/09 … 1378887488 "When J Paul Getty III, the heir to the family fortune, was kidnapped in Italy in 1973 an envelope containing his ear was sent as part of a $3m ransom demand." Sep 19 13 01:06 pm Link Michael Bots wrote: What I find hilarious about all the people claiming "he'll cut off your finger and do that!" is that a) a threat of chopping off a finger would be enough to make me want to give up my PIN and b) why would they even need to chop it off? They have me.. and my phone.. just grab my hand and touch my finger to my phone. Why is the chopping off required? Sep 19 13 01:18 pm Link Wye wrote: Whoa, DUDE! You just read my mind Sep 19 13 01:21 pm Link Lohkee wrote: Yes, it would be terrible to be in an accident where you cut your finger too badly for it to be used, however someone pointed out that it could still be used to call 911. Sep 19 13 01:34 pm Link Wye wrote: Except it's already been done -- Sep 19 13 01:36 pm Link Supposedly the iPhone won't work even with a severed finger and that needs to get out there if true. http://www.ign.com/articles/2013/09/17/ … ed-fingers However, some crooks "who think it might work" are ones I wouldn't put it past them to try it. Just knock 'em down and out, cut, and run as they've done for expensive rings in the past. If it is defeatable that way, this won't go well as some countries think even a severed head is cool. Sep 19 13 01:37 pm Link Michael Bots wrote: A car is not a phone. Sep 19 13 01:43 pm Link Lohkee wrote: This is actually a plus for the fingerprint authentication. Sep 19 13 01:51 pm Link Good Egg Productions wrote: That's really quite an assumption. It also doesn't address the issue of people who don't have prints, or those who, because of their work, routinely distort their prints via injury. What do you suggest then? Sep 19 13 02:01 pm Link Lohkee wrote: They just enter the passcode like always. Sep 19 13 02:28 pm Link Wye wrote: My question was in the context of an incapacitated person. Sep 19 13 02:34 pm Link Lohkee wrote: Then they have to wait until they are no longer incapacitated. Sep 19 13 02:41 pm Link Is that legal? Sep 19 13 02:43 pm Link It's just so funny they would be soooo worried about "user" security instead of making em inoperable n useless if reproted stolen. A dead useless phone is not worth stealing! hahahaha Just leave it to some 12 year old to figure out in a week.... fingerprints will be a thing of the past along with every other measure they came up with so far. KISS Sep 19 13 02:58 pm Link The F-Stop wrote: Not being an Iphone user I'm not positive, but I do believe the owner can wipe/deactivate the phone remotely. Perhaps an Iphone person can chime in on this. Sep 19 13 03:04 pm Link My understanding is that the thumbprint reader/unlocking mechanism aspect of it is software anyway. If you can bypass the physical thumbprint scanner hardware and inject a photo/impression of the thumbprint into the software, then it should work. WIFI that thing. Of course, in this day and age, who really needs to go all James Bond with a thumbscanner? Who wants to steal your porn collection? Sep 19 13 03:04 pm Link The F-Stop wrote: they've done that. It's called activation lock. If you set your phone to lost and wipe it then (apparently... I haven't tried it) the phone can't be re-activated without your Apple ID password. Sep 19 13 03:29 pm Link hahahaha Apple ID... here in NYC, the biggest of Apples, there are so many of those "Mr Clean" reported stolen phones, we sell em in vending machines now.. sorry we only take cash or gold. hahahahhahha Sep 19 13 08:22 pm Link The F-Stop wrote: What? Sep 19 13 08:25 pm Link The last thing I want is someone registering my fingerprint. Whether it is Apple or government. Sep 19 13 08:40 pm Link Lohkee wrote: BTW, key-loggers are old school. Now you just hack the unsecured accelerometer on your iphone thats been sitting on your desk next to your keyboard all day recording the vibrations of your key strokes. Sep 19 13 11:54 pm Link Technology is great. When I upgrade from the 4S, the fingerprint security feature will be cool but meh. I don't have top secret information on my phone. I wouldn't be with anyone who would disrespect my privacy anyway. Unless you're working for the government, who is going to really care about your business unless information can take you to court/jail/prison? If that's the case, not to swift leaving all of that on your phone. This new feature probably works best for the regular guy with something to hide (or to show off to them). Sep 20 13 06:14 am Link The F-Stop wrote: Psst.. the activation lock is a new feature.. nobody had it before wednesday. It should seriously deter theft once thieves know it's a pain in the ass to try and actually use a stolen iPhone. Sep 20 13 06:36 am Link Wye wrote: I like it for this reason. Plus, it's kinda cool in a Tron/Futuristic way. Sep 20 13 06:40 am Link Jules NYC wrote: Strange as it may seem, a simple email address can be worth a lot to the right people as it is a very useful attack vector. Sep 20 13 06:50 am Link Lohkee wrote: Sure. Sep 20 13 06:58 am Link Lohkee wrote: I think that the need for physical access to make such an attack is where these sorts of things fall down. Sep 20 13 07:03 am Link In the NY Post iPhone recognizes cat’s pawprints http://nypost.com/2013/09/19/rabid-appl … w-iphones/ Sep 20 13 07:03 am Link Michael Bots wrote: That techcrunch article (http://techcrunch.com/2013/09/19/watch- … int-sensor) is a fabrication. Sep 20 13 07:05 am Link Wye wrote: LOL Sep 20 13 07:12 am Link iOS 7 Lock Screen Vulnerability Discovered Which Gives Access To Photos And Social Sharing, Apple Is Working On Fix http://techcrunch.com/2013/09/19/ios-7- … l-sharing/ iOS 7 Bug Lets Anyone Bypass iPhone's Lockscreen To Hijack Photos, Email, Or Twitter http://www.forbes.com/sites/andygreenbe … r-twitter/ ----------------------------------------------------------------------------------- Apple iOS 7 iPhone 5S Commercial (spoof) https://www.youtube.com/watch?v=oSJqBJ1TF-E Sep 20 13 07:21 am Link Michael Bots wrote: The lock screen bug seems very difficult to replicate but does seem genuine. Can be stopped by turning off access to the control center in the lock screen. Sep 20 13 07:31 am Link Apple's iOS7 Update Fixes 80 Security Bugs http://threatpost.com/apples-ios-7-upda … ugs/102356 "We are one day in and Apple’s sleek new mobile operating system, iOS 7, has been dissected to death – the colors, the similarities to Android’s OS, the amount of time it took some users to download the update from Apple’s servers. Those talking points aside, the update also brought a slew of bug fixes, 80 in total, to devices that should appease Apple users with security concerns." Sep 20 13 07:35 am Link Wye wrote: And I think you make a good point. The problem with security in general is that most people don't think in terms of how the "innocent" stuff on their devices can be used against them or its value to the right someone. The whole "who would care about my stuff" attitude has long been a tough nut to crack for security folks. Like you, I am not particularly worried about being actively targeted, but I still take measures to protect my data (full disk encryption + encrypted backups) for other reasons (such as some dirt-bag robbing my house when Hue and I are out of town). For example, I have shot many fine art nudes for people who would be devastated if they were to become public so I take these steps to ensure their privacy in case of a mishap more than anything else. Sep 20 13 07:46 am Link |