iPhone 5s Touch ID Safe?

 

The biometrics hacking team of the Chaos Computer Club (CCC) has successfully bypassed the biometric security of Apple's TouchID using easy everyday means. A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID.

http://www.ccc.de/en/updates/2013/ccc-breaks-apple-touchid

I'd say it's not easy to pull but it's doable. There can be many usable fingerprints on the phone itself.

Solution? Easy, use other body parts:
http://www.youtube.com/watch?v=4bG6cjaMZx0

hang on... my iPhone is ringing...
*unzip my pants*...

It's already be attempted...

Motorola tried this software enhanced feature...and miserably failed.

Always

There will always be a way to hack into anything. Ask the government.

--
ChefDon

Yup

ChefDon16 wrote:

There will always be a way to hack into anything. Ask the government.

I agree with this statement!

--
Nuvi 350 long gone, Nuvi 855LMT, Nuvi 2797LMT, SmartDrive 50 LMT-HD, 3790LMT now my daughters. Using Windows 10. DashCam A108C with GPS.

4-Digit Security?

So how secure does anyone think the four digit security code most people currently use is? As stated previously,any security system can be hacked. Like a lock on the doors to your home, they just keep the honest people honest. For simple security, Touch ID is a good tool.

--
Shooter N32 39 W97 25 VIA 1535TM, Lexus built-in, TomTom Go

imho

Shooter wrote:

So how secure does anyone think the four digit security code most people currently use is? As stated previously,any security system can be hacked. Like a lock on the doors to your home, they just keep the honest people honest. For simple security, Touch ID is a good tool.

Not only that, using a passcode is a pain for most people so they don't use them. With this, it makes it easy and fun so people will use it.

--
If you don't know where you are going, you might wind up someplace else. - Yogi Berra

.

I hope I never see someone unbuttoning their shirt so they can unlock their phone. smile

well

GadgetGuy2008 wrote:

I hope I never see someone unbuttoning their shirt so they can unlock their phone. smile

That would depend on the gender of the phone user wouldn't it?

--
"In order to be old and wise, one first must have been young and stupid."

~

Does anyone realize that the total time for this bunch to pull off this stunt was nearly 30 hours? They don't bother to make that very apparent in their demonstration...

--
*Keith* MacBook Pro *wifi iPad(2012) w/BadElf GPS & iPhone6 + Navigon*

No innovation in my mind.

No innovation in my mind. Needs to be enhanced before I would use the feature.

No way in Hell

As they can monitor your phone calls and your conversation too,when you use your finger print to actived the phone I am sure it is send somewhere.

This is one more reason to send more information about you to uncle sam for free.

way to go people..

~

Driver 38 wrote:

As they can monitor your phone calls and your conversation too,when you use your finger print to actived the phone I am sure it is send somewhere.

This is one more reason to send more information about you to uncle sam for free.

way to go people..

FUD.

Any cell phone can be monitored... and if the government wants your fingerprints, there are far easier ways to get them than to hack your new iPhone... and even then, they'd have to physically access the phone's system chip, then be able to decrypt the file storing the prints.

--
*Keith* MacBook Pro *wifi iPad(2012) w/BadElf GPS & iPhone6 + Navigon*

.

Box Car wrote:
GadgetGuy2008 wrote:

I hope I never see someone unbuttoning their shirt so they can unlock their phone. smile

That would depend on the gender of the phone user wouldn't it?

Not necessarily. There are quite a few of the opposite sex that I would definitely not want to see unbutton their shirt!!!

Better than most

Shooter wrote:

So how secure does anyone think the four digit security code most people currently use is? As stated previously,any security system can be hacked. Like a lock on the doors to your home, they just keep the honest people honest. For simple security, Touch ID is a good tool.

When you notice that probably 98% of the users have no security lock at all, the fingerprint method is a million times better than what they had (nothing).

I have a fingerprint reader on my HP laptop and love it. It's accurate enough that when I got a scratch on my fingertip if wouldn't accept it. I think it would be easier for someone to simply watch me key in my password than lift and duplicate my fingerprints.

+1

kch50428 wrote:
Driver 38 wrote:

As they can monitor your phone calls and your conversation too,when you use your finger print to actived the phone I am sure it is send somewhere.

This is one more reason to send more information about you to uncle sam for free.

way to go people..

FUD.

Any cell phone can be monitored... and if the government wants your fingerprints, there are far easier ways to get them than to hack your new iPhone... and even then, they'd have to physically access the phone's system chip, then be able to decrypt the file storing the prints.

As to the prints they already have them if you ever served in the military.

--
"In order to be old and wise, one first must have been young and stupid."

Much ado about nothing

kch50428 wrote:

Does anyone realize that the total time for this bunch to pull off this stunt was nearly 30 hours? They don't bother to make that very apparent in their demonstration...

I was thinking myself that they would have to allow time for the latex to cure, etc.

Takes only 3 seconds to look over my shoulder or via a security camera to watch me type in a password. No method is perfect, nor 100% secure.

Well

FUD.

Any cell phone can be monitored... and if the government wants your fingerprints, there are far easier ways to get them than to hack your new iPhone... and even then, they'd have to physically access the phone's system chip, then be able to decrypt the file storing the prints

The way I see 1 more way easy out for them.

FUD..right? Kch?

ios7.2

Last night I got a notification that an update to 7.2 was available to remedy the problem

--
Nuvi 350 long gone, Nuvi 855LMT, Nuvi 2797LMT, SmartDrive 50 LMT-HD, 3790LMT now my daughters. Using Windows 10. DashCam A108C with GPS.

It's 7.0.2

Melaqueman wrote:

Last night I got a notification that an update to 7.2 was available to remedy the problem

The current iOS version for all devices is 7.0.2

--
*Keith* MacBook Pro *wifi iPad(2012) w/BadElf GPS & iPhone6 + Navigon*

Temp Solution

The patch will be temporary solution. hacker will find way around

new software also has

new software also has problems with encrypted email files and attachments.

--
John B - Garmin 765T

Steal an iphone? Steal the key.

Sure, it's easy enough, when you steal a iphone, to find a fingerprint on the case that you can use to unlock it. But it takes some work. That's why, whenever I steal an iPhone, I now take a finger to unlock it, just in case.

Patch

The patch was to fix a bug where access to the phone while locked could be obtained from the Control Panel. It has nothing to do with bypassing the fingerprint security.

--
Frank Nuvi 3597LMT 37.322760, -79.511267

You still need a passcode

You still need a passcode and it will hackable, one way or another. The Touch ID doesn't help increase or safeguard your phone, only help for marketing/advertising. Also third parties apps developer can't access the Touch ID.

Phone not needed

Quote:

FUD.

Any cell phone can be monitored... and if the government wants your fingerprints, there are far easier ways to get them than to hack your new iPhone... and even then, they'd have to physically access the phone's system chip, then be able to decrypt the file storing the prints.

Why would the government need your phone, all your information is already in the "cloud"? It's others you need protection from.

.

stevennguyen wrote:

You still need a passcode and it will be hackable, one way or another. The Touch ID doesn't help increase or safeguard your phone, only help for marketing/advertising. Also third parties apps developer can't access the Touch ID.

Sure it does for most people. The majority of people don't bother to passcode protect their smartphones but with this feature they will be more likely to.

--
If you don't know where you are going, you might wind up someplace else. - Yogi Berra

.

Frovingslosh wrote:

Sure, it's easy enough, when you steal a iphone, to find a fingerprint on the case that you can use to unlock it. But it takes some work. That's why, whenever I steal an iPhone, I now take a finger to unlock it, just in case.

Why would you want to steal an iPhone anyway! smile

(runs from room before the iPhone faithful can pelt him with rocks)

|

GadgetGuy2008 wrote:

Why would you want to steal an iPhone anyway! smile

(runs from room before the iPhone faithful can pelt him with rocks)

nobody wants to steal androids... razz

--
*Keith* MacBook Pro *wifi iPad(2012) w/BadElf GPS & iPhone6 + Navigon*

Deep Thoughts

Well, New York City police have special forces assigned to address iPhone thefts, because of the high demand. This is not the case with android devices. New York City has attributed the rise in theft statistics due to the iPhone and that thieves are targeting iPhones. Android apparently doesn't have that "problem". hehehe...

The fingerprint security feature was to help deter the theft of iPhones since the stolen device will not be usable by the common street thief. How many petty thieves do you think there are that can spend 30 hours reverse engineering a fingerprint to recover an iPhone? Many have probably already learned how to solve four digit pass codes, should a passcode actually be used.

--
GPSMAP64s, iPhone XR w/Garmin North America, Yaesu VX-8R w/GPS.

This is not the case with android (oh really?)

With all of the visually different cases being used for all brands of cell phones, I find it hard to believe that the average New York thief snatches a phone and then looks at it closely to determine the make and returns it if it is an Android device.