Apple's iPhone 5S fingerprint scanner hacked after just TWO days!!!

Apple's iPhone 5S fingerprint scanner hacked after just TWO days - using a copy of a print made from a photo

Link

It took just two days and a small collection of everyday household items for a group of German hackers to bypass the fingerprint sensor on an Apple iPhone 5S.

Chaos Computer Club, based in Berlin, took a high-resolution photograph of a fingerprint from the side of a glass.

They then scanned it, before laser printing it onto a transparent sheet and covering it in woodglue. Once the glue had dried, they peeled off the print copy and pressed it on the scanner.

During the launch, Apple claimed the new iPhone with a fingerprint sensor was 'much more secure than previous fingerprint technology.'

Hackers became so keen to prove the tech giant wrong that a security researcher called Nick DePetrillo even set up an online race to be the first to bypass the technology.

He was offering £10,000, alcohol and other prizes for anyone who could hack Apple's new range of security features.

The German hacker, nicknamed Starbug, said: 'In reality, Apple's sensor has just a higher resolution compared to the sensors so far.

'So we only needed to ramp up the resolution of our fake'

'As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.'

Chaos Computer Club first published the steps taken to bypass fingerprint scanners in 2004 and they claim that it uses everyday household items - meaning anyone can do it.

Not sure if this as posted before...so I apologize in advance if it has.

Technology, privacy, and security....three things we can love and hate at the same time.

The new Apple phone has been smashing record sales, and with the new pitch that fingerprint ID may be a great thing for the user, the one thing in the media and on ATS has been the conspiracy behind NSA and your privacy.

Now, it seems that hacking, even though not a new thing, will be even a bigger threat if would-be thieves got a hold of your phone and sold the fingerprint to 'higher-up' thieves. Imagine that your personal marking, a finger print, could also be used at crime scenes and your finger print was caught there. Could you imagine the implications of such a hack?

What about future banking and other technologies where you would be using a fingerprint scanner to access your personal information. Something tells me more stories like this hack will be coming up in the media in the near future....

Edit:

The only thing that would keep the iPhone not getting hacked by these hackers would be a retinal eye scanner...but that would be one expensive phone!

for anyone that has worked in the hardware and/or software fields of tech, this is not shocking. what is shocking is that there are millions who still make public, what should be private.

Another way to "hack" into the iPhone:

ANOTHER bug in Apple's new iOS 7 software means a call can be made from a LOCKED phone by repeatedly hitting one of the buttons

Link 2

Apple's new iOS 7 software is just days old, but already the electronics giant is having to swat bugs away from it.

Earlier this week a user posted a video showing how it was possible to sidestep the passcode security system and gain access to the photo gallery. Now someone has discovered that calls can be made on a locked phone by simply pressing one of the buttons lots of times.

Karam Daoud, 27, from the West Bank city of Ramallah, posted a video on YouTube in which he demonstrates that a user merely has to press 'emergency' on the lock screen, dial a number then press the 'call' button multiple times in rapid succession to put the call through.

iOS 7 Security Bug - Apple - Emergency Dial in the Lock Screen


How to get full access to photo gallery bypassing the passcode on any iDevice with iOS7 final.


So how are you feeling about the new iPhone now?

The fingerprint scanner is going to be a huge headache down the road for Apple. Just wait until someone's phone is hacked and have money stolen from their bank account.

I like Apple products, but this just doesn't seem like a good idea.

As I told a friend of mine that is going ga-ga over the whole finger print concept, not only does the NSA have access to your personal information but now they'll have every ones finger prints in the data base as well.

That kinda busted his bubble.
So will this hacking story, can't wait to tell him. hee-hee

Thanks for the heads up, never would I be so gullible to believe any thing is hack proof.
And I have never liked the idea of 'finger prints' floating around Verizon, Sprint, AT&T, etc. when their info is being scanned all the time by TPTB.

S&F


[P.S. Not to mention I'm not really an Apple fan either......]

Can't you turn the fingerprint scanner off? Does it have to be enabled at all times?

More juicy info about that scanner:

http://_national_report_dot_net_/apple-iphone-5s-fingerprint-database/

And to the person that asked if it can be turned off, yes it can. But who is to say even though the phone isnt using the feature that its not still scanning fingerprints.

MystikMushroom
Can't you turn the fingerprint scanner off? Does it have to be enabled at all times?

I thought of this too while watching these vids. The hack where you can get into the music and camrea doesn't seem like a hack, just a way to get access to your music or camera without having to unlike your personal information in the phone for some mugger to use. Imagine you leave a bar, and want to play itunes, or take a picture. You don't unlock the phone for anyone who may try and approach you or have your phone. What information is stored in the cameras gallery, that is all on the user for their own security as to what is in that folder. Keep them in something that locks them behind a password as well; many apps for this. Keep Safe is a good one.

Skywatcher2011
Apple's iPhone 5S fingerprint scanner hacked after just TWO days - using a copy of a print made from a photo

Link

It took just two days and a small collection of everyday household items for a group of German hackers to bypass the fingerprint sensor on an Apple iPhone 5S.

Chaos Computer Club, based in Berlin, took a high-resolution photograph of a fingerprint from the side of a glass.

They then scanned it, before laser printing it onto a transparent sheet and covering it in woodglue. Once the glue had dried, they peeled off the print copy and pressed it on the scanner.

During the launch, Apple claimed the new iPhone with a fingerprint sensor was 'much more secure than previous fingerprint technology.'

Hackers became so keen to prove the tech giant wrong that a security researcher called Nick DePetrillo even set up an online race to be the first to bypass the technology.

He was offering £10,000, alcohol and other prizes for anyone who could hack Apple's new range of security features.

The German hacker, nicknamed Starbug, said: 'In reality, Apple's sensor has just a higher resolution compared to the sensors so far.

'So we only needed to ramp up the resolution of our fake'

'As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.'

Chaos Computer Club first published the steps taken to bypass fingerprint scanners in 2004 and they claim that it uses everyday household items - meaning anyone can do it.

What a joke, they should have used iris instead lol

The Bot

When I first heard that Apple was putting a fingerprint scanner in their new phones, I knew that this has nothing to do with the users security.

I am assuming that every time you scan your fingerprint that information is stored somewhere on apple's servers for law enforcement or the FED's have access too I have no proof of this but I'm just making an wildcard assumption.

A lot of people are breaking their necks buying this phone but I believe in the future its going to hurt them instead having their best interest.

This phone needs some more research and what's really behind this scanner. I don't think it has nothing to do with protecting your privacy or your information.

reply to post by Skywatcher2011


The truth is, one of my friends pointed out, that the iPhone uses a touch screen - so all you have to do is lift a print from there.

snarky412
As I told a friend of mine that is going ga-ga over the whole finger print concept, not only does the NSA have access to your personal information but now they'll have every ones finger prints in the data base as well.

That is definitely true. And reality follows that pattern anyway - even if the government somehow isn't planning on using this for a fingerprint database yet, it will probably do it secretly eventually and then openly after that.

As a matter of fact, I think it is safe to assume that the future has no privacy unless someone is going out of their way to "encrypt" their information (notebooks, for example, under the mattress, DVD's in a safe, or a locked USB drive with something similar to a bike lock on it)

My friend has an EMP failsafe he can detonate by pressing a keystroke combination, for example, in case he needs to fry his P.C.

reply to post by Skywatcher2011


BRB...I have to call my daughter before she goes and spends her hard earned money on this product...did not read whole thread yet....Damn...

reply to post by Skywatcher2011


You could also supposedly disable it with voice control via Siri. This seemed to have been done on the release day.

reply to post by Skywatcher2011


I know its very fashionable on ATS to ` bash apple `

but lets have a reality check here

1 - the technique may work under controlled conditions - but doing it ` in the wild ` is a different issue

first they have to ` aquire ` a print from the correct finger - of the 10 availiable - then they have to make the print dummy - THEN get your phone

there are ways to increase ` finger print security `

a quick and very dirty experiment with various glass objects and graphite powder indicates to me - that little finger , left hand leaves the worst prints - for being partial / smudged and right thumb , right 2nd finger the best

guess which print this munkie would use if he had an iphone 5s ?

finally - to be brutally honest - this munkie [ if it had the urge to hack a iphone 5s ] would be taser the victim , use his own finger to activate the scanner - walk away with full access simples

though apple could have made this a lot harder - just by including heat / capacitance double checking to the scanner

ignorant_ape
I know its very fashionable on ATS to ` bash apple `

but lets have a reality check here

Agreed.
Its like not a single person actual read the news article, and it was the usual mindless ATS knee jerk responding of the sensationalist headline.
No hacking of the phone actually took place.

All that happened here is that somebody tested it with a copy of the fingerprint.
No hacking of the phone actually took place.

reply to post by alfa1


yup - and talking of sensationalist headlines :

" hacked in just 2 days "

my response is - why did the steps described take 2 days ??????

seriously folks - they didn't actually do anything new - read the steps [ summarised below ]

photograph fingerprint on glass

2 photoshop image to enhance clarity [ photoshop skills and thus time / task vary wildly , I am crap at PS - but I think I could trace a print with required fidelity using illustrator in about 1 hour - cos my illustrator skills far outstrip my PS skills ]

3 print image on transparent media

4 make cast of fingerprint with latex

5 allow cast to cure [ this is only the second step that has more than a " seconds " duration - and I have 1 hour cure latex ]

6 apply cast to fingerprint sensor

2 days ?????????

Really is everything called hacking now? Its an analog approach not really hacking IMO.
In that sense, I can crack almost any new phone, laptop or computer in a second or two.... With a hammer.
Sigh

alfa1

ignorant_ape
I know its very fashionable on ATS to ` bash apple `

but lets have a reality check here

Agreed.
Its like not a single person actual read the news article, and it was the usual mindless ATS knee jerk responding of the sensationalist headline.
No hacking of the phone actually took place.

All that happened here is that somebody tested it with a copy of the fingerprint.
No hacking of the phone actually took place.

Exactly, and then the 'turn it off' crowd.

2 iphone 5's.

1 with print scanner, 1 without.
1 costs more, 1 costs less.
ATS buy the expensive one with scanner, then turn it off.

Lmao, well played apple... well played.

How to milk silly people.

Oo