Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

iphone fingerprint *security* thingy

Options
  • 22-09-2013 9:13pm
    #1
    AnCatDubh
    Registered Users Posts: 6,392 ✭✭✭


    Hah I thought, when I saw the photo of the little girl with her sleeping / passed out father on the chair swiping her dads' iphone, placing his finger on the sensor, and off with her to play angry birds (ingenious. clever girl).

    Then I saw something wvia twitter which made the point "It's plain stupid to use something you can't change and leave everywhere every day as a security token.". The related link was to a brief article and a youtube.

    I guess if you are a secret agent, such security mightn't fit the bill. Perhaps it's not too bad for mere regular joe's - though i'm not sure/convinced how much better it would be than the prvious options available on the platform. Whether you trust it being stored on the device never to be backdoored and ultimately cross referenced, is probably a different consideration. I also think, the perception being touted of such technology lauding its effectiveness as a secure environment may be very dangerous for the general populous who lets face it are still responding to emails from their bank to log on and update their account details.
    Tagged:


Comments

  • Options
    #2
    infodox
    Registered Users Posts: 126 ✭✭infodox


    It has been proven you can use a lifted print to bypass it by replicating the finger. I'll post the video up later.

    Turns out iPhone screens are also the perfect medium to lift a print off... Nice and smooth...


  • Options
    #3
    Capt'n Midnight
    Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 91,627 Mod ✭✭✭✭Capt'n Midnight


    from ylyl

    0694c52bdd62cb2927cba9710479147d.jpg


  • Options
    #4
    Capt'n Midnight
    Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 91,627 Mod ✭✭✭✭Capt'n Midnight


    Also this http://web.archive.org/web/20130923223622/http://istouchidhackedyet.com

    later with the video http://istouchidhackedyet.com/


  • Options
    #5
    Dude111
    Registered Users Posts: 1,771 ✭✭✭Dude111


    infodox wrote:
    It has been proven you can use a lifted print to bypass it by replicating the finger. I'll post the video up later.
    Interesting..... Possible to simulate an INVALID PRINT?? (That wont lead to anyone??)

    I think if someone must have one of these,they should know how to hide from its spying techniques!!


  • Options
    #6
    Capt'n Midnight
    Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 91,627 Mod ✭✭✭✭Capt'n Midnight


    Of course you don't need to use your own fingerprint

    This from 2008.
    http://www.theregister.co.uk/2008/03/30/german_interior_minister_fingerprint_appropriated/
    "The whole research has always been inspired by showing how insecure biometrics are, especially a biometric that you leave all over the place," said Karsten Nohl, a colleague of an amateur researcher going by the moniker Starbug, who engineered the hack. "It's basically like leaving the password to your computer everywhere you go without you being able to control it anymore."

    Even Mythbusters have beaten fingerprint security.



    OK apple aren't using fingerprints, but if you can measure someone's biometric you can probably copy it. At least with retina scans it's a little more difficult to grab. Though people have copied keys from 100m away with telephoto lenses so it's really down to what the optical resolution of a telescope is.


  • Advertisement
  • Options
    #7
    Khannie
    Registered Users Posts: 37,485 ✭✭✭✭Khannie


    Capt'n Midnight wrote: »
    Though people have copied keys from 100m away with telephoto lenses

    That's solid (and frightening) work. Have you a link?


  • Options
    #8
    Capt'n Midnight
    Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 91,627 Mod ✭✭✭✭Capt'n Midnight


    http://hackaday.com/2009/09/22/photographic-key-duplication/
    http://vision.ucsd.edu/~blaxton/sneakey.html

    top_pic.jpg
    The inlay shows the image that was used for decoding while the background provides a context for the extreme distances that our system can operate from. In this case the image was taken from 195 feet. This demonstration shows that a motivated attacker can covertly steal a victim's keys without fear of detection. The SNEAKEY system provides a compelling example of how digital computing techniques can breach the security of even physical analog systems in the real-world.

    http://vision.ucsd.edu/~blaxton/pagePapers/laxton_wang_savage_ccs2008.pdf
    These reults are highly robust and even at a distance
    of 100 feet, 7 out of 10 keys were precisely decoded within the
    first guess. All key shots taken at 100 feet were decoded within 3 guesses
    for longer distances it was less reliable due to camera shake etc, and they had to rely on the best picture.

    They didn't use techniques like lucky aperture that amateur astronomers use to bypass atmospheric turbulence. Some of the stuff done with that is just amazing.



    This is why keys in prisons sometimes have a spring loaded sleeve on them to prevent them being seen.


  • Options
    #9
    Khannie
    Registered Users Posts: 37,485 ✭✭✭✭Khannie


    Thanks for that. Very interesting.


Advertisement