Chaos Computer Club Bypasses Apple's Touch ID System (With Copy of Original Fingerprint)

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Sep 22, 2013.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    The Chaos Computer Club claims to be able to bypass Apple's new Touch ID fingerprint sensor with a photo of the original user's fingerprint. The bypass is demonstrated in this short video:

    The system is detailed in a how to which requires obtaining the original user's fingerprint:
    Apple's new iPhone 5s includes a fingerprint sensor called TouchID, which can be used to unlock the iPhone as well as make purchases on the Apple iTunes store. Users, however, can continue to use a pin or password as an alternative to the fingerprint sensor -- though that is arguably even less secure than duplicating someone's fingerprint.

    Article Link: Chaos Computer Club Bypasses Apple's Touch ID System (With Copy of Original Fingerprint)
     
  2. macrumors 603

    Michaelgtrusa

    Joined:
    Oct 13, 2008
    Location:
    Everywhere And Nowhere
  3. macrumors 6502

    Joined:
    May 11, 2012
    #3
    Ouch.

    Impersonating a user by doing that would be very, very bad.
     
  4. Eddy Munn, Sep 22, 2013
    Last edited: Sep 22, 2013

    macrumors 6502

    Eddy Munn

    Joined:
    Dec 27, 2008
    #4
    Oh dear! At least they won't be ripping my fingers off any time soon.
    Of course it's ridiculous, maybe that wasn't apparent in what I said.
     
  5. macrumors 68030

    cmChimera

    Joined:
    Feb 12, 2010
  6. macrumors 6502

    syan48306

    Joined:
    Apr 15, 2010
    #6
    Honestly, kocking someone out and using their finger or holding them at gun point results in the same thing. No password, print or pin is safe. It's just a good way to minimize pesky intruders. That's all.
     
  7. macrumors regular

    Joined:
    Mar 24, 2008
  8. macrumors regular

    xDKP

    Joined:
    Feb 27, 2011
    Location:
    Denmark
    #8
    With that shaky a hand, he must be faking this!
     
  9. macrumors regular

    Joined:
    Aug 5, 2011
    #9
    So a 2400 DPI photograph of the fingerprint is required? I wouldn't call that 'bypassing'.

    This just in, every single passcode system bypassed by first acquiring user's passcode.
     
  10. arn
    macrumors god

    arn

    Staff Member

    Joined:
    Apr 9, 2001
    #10
    which is in itself ridiculous. Phones get stolen and then wiped and sold. You are not that precious a snowflake that someone who steals your phone, wants to read your texts. :)

    arn
     
  11. macrumors newbie

    Joined:
    Sep 21, 2012
    #11
    So it's that simple... :rolleyes:
     
  12. macrumors member

    Joined:
    Jan 16, 2004
    Location:
    Minnesota
    #12
    Huh? Haven't we known this is a way around these sensors?

    I have a way to bypass a password too...Look at the post-it of a users passwords and copy them down. Then type it into the iPhone to bypass the login.

    </sarcasm>
     
  13. macrumors 6502

    somethingelsefl

    Joined:
    Dec 22, 2008
    Location:
    Tampa, FL
    #13
    Still more secure than a 4-digit passcode...also, maybe this is new information...but NO security protocol is flawless, there is always room for improvement.

    I mean come on! The device is activation locked, fingerprint locked, and in a secure app environment...I don't see how people can say that Apple devices aren't the most secure consumer-level smartphones.
     
  14. macrumors 6502a

    Joined:
    Jun 9, 2013
    #14
    So much for the whole "it scans under your skin" explanation.
     
  15. macrumors regular

    Joined:
    Aug 5, 2011
    #15
    Shaky finger gave me anxiety.
     
  16. macrumors 65816

    TouchMint.com

    Joined:
    May 25, 2012
    Location:
    Phoenix
    #16
    Pretty intense process to purchase apps under my App Store account!
     
  17. macrumors 601

    goobot

    Joined:
    Jun 26, 2009
    Location:
    long island NY
    #17
    Wait, did they lift the print off the phone or actually photograph the guys finger? If it is a photograph then this means nothing...
     
  18. macrumors 6502a

    Joined:
    Nov 9, 2010
  19. macrumors 6502

    Joined:
    Sep 16, 2007
    Location:
    BFE, MI
    #19
    So as long as one has access to the actual finger and whatever the heck can take pics at 2400dpi, one can make a "working copy" of it. Seems easier to beat the **** out of someone for the 4-digit passcode.

    It's still pretty damn secure no matter what anyone says. The fact that the code is still a measly 4 digits is the weakest link of all.
     
  20. macrumors G5

    Rogifan

    Joined:
    Nov 14, 2011
    #20
    How is a 2400 DPI photograph of someones fingerprint an everyday item? I'm sorry but this is click bait pure and simple. :rolleyes:
     
  21. macrumors 68000

    illegalprelude

    Joined:
    Mar 10, 2005
    Location:
    Los Angeles, California
    #21
    So basically, you need a few thousand dollars, knowledge, and time to break into the device. Yes, this seems like a real threat for 99.5% of people :rolleyes:

    Unless you can place someone else's thumb and get through, TouchID works. Apple designed this for consumers, not to protect the countries nuclear facilities
     
  22. macrumors regular

    Joined:
    Oct 5, 2011
    #22
    Is he being held at gunpoint while doing this? Shaky...
     
  23. macrumors member

    Joined:
    May 2, 2011
    #23
    Came here to post this
     
  24. macrumors member

    Joined:
    Mar 11, 2011
    Location:
    London, UK
  25. macrumors G3

    QCassidy352

    Joined:
    Mar 20, 2003
    Location:
    San Francisco
    #25
    Well said. No security is perfect. Touch ID will still be a strong protection against most intruders.
     

Share This Page