Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Chaos Computer Club Bypasses Apple's Touch ID System (With Copy of Original Fingerprint)

goobot said:
Wait, did they lift the print off the phone or actually photograph the guys finger? If it is a photograph then this means nothing...
Click to expand...

I just used scotch tape and lifted a print off a glass, put a little talcum powder on it, held it over the reader with my finger and presto, retarded iPhone sensor fooled as easy as 1,2,3. Sorry, but even a 4-digit pass code is safer than this stupid POS. Apparently, Tim Cook and company never watched a cheesy spy movie or an episode of McGyver in their entire lives or they'd know how ridiculously easy it is to fool fingerprint sensors and how unsafe it is to allow purchases using them as a pass code. Thanks, but no thanks. :rolleyes:
 
ChrisA said:
Yes, as I wrote above, you simply "dust" the entire iPhone then place it in a 2400 DPI scanner. Now you have a 2400 DPI photo of the last person to use the phone's fingerprints.

Yes. It is worth the hassle. For two hours of work you get to sell a phone for like $200. Or maybe even better, there is credit card or paypal info on the phone.
Click to expand...

Highly unlikely that this will work. First of all, you have to know the finger used to unlock the phone. Second, you will find out, that it will be to 99% not a finger you have on the phone, because you hold the phone in one hand while unlocking it with a finger of your OTHER hand.

So, to get the right fingerprint you have to know if the owner is a right or left handed and which of the fingers he/she is using. All that in a VERY small timeframe as the phone will be wiped and probably locked forever any minute.

Even IF you get into the phone, what now? You can not reset it without the possibly VERY complicated password. So it is still unsellable.
Any pay pal or CC accounts you find will need also passwords to get into.

No, I think the iPhone5S will be very quickly very unattractive to thieves.
 
Apple's fix:

It is your fault. Don't touch everything, your finger is meant to be used only with Touch ID. Also don't let others photograph your finger.

As a standard operating procedure, use latex gloves always except when you are using our Bling IP5S.
 
what does this prove?

In reality it could be that

1. The piece of wet material he places on his finger, is already coded into the fingerprint scanner.

2. It scans through the wet material and recognizes his finger that he already programmed in.

3. That they are right, but I doubt it.
 
MagnusVonMagnum said:
I just used scotch tape and lifted a print off a glass, put a little talcum powder on it, held it over the reader with my finger and presto, retarded iPhone sensor fooled as easy as 1,2,3. Sorry, but even a 4-digit pass code is safer than this stupid POS. Apparently, Tim Cook and company never watched a cheesy spy movie or an episode of McGyver in their entire lives or they'd know how ridiculously easy it is to fool fingerprint sensors and how unsafe it is to allow purchases using them as a pass code. Thanks, but no thanks. :rolleyes:
Click to expand...
Prove it !!!!!!!
 
This is stupid. It is no different with a criminal with a gun on your head forcing you to type the password.

Yeah, everyone's fingerprints copy are stored everywhere.

Stop this paranoia BS already.
 
I just don't think they will be able to get a clear enough print off the phone to scan and use. If this happens I will eat my words.



hwojtek said:
It is. An off the shelf home scanner does 9600 dpi without interpolation, a basic laser printer and some glue are also everyday items.



Stealing the phone with a TOUCHSCREEN is essentially everything that is needed. It's damn too easy to scan the phone in order to obtain excellent fingerprints. Look at the way you are holding the phone. And scan the back side.
Click to expand...
 
Kirb112 said:
So what. Let's not forget that it requires a clean, super-high resolution image of the user's fingertip.
Click to expand...

No... it requires a clean, super-high resolution image of the user's fingerprint

You can take a picture of their fingerprint on a beer bottle.

Or at least that's what this article is telling me.
 
Eriamjh1138@DAN said:
So as long as one has access to the actual finger and whatever the heck can take pics at 2400dpi, one can make a "working copy" of it. Seems easier to beat the **** out of someone for the 4-digit passcode.

It's still pretty damn secure no matter what anyone says. The fact that the code is still a measly 4 digits is the weakest link of all.
Click to expand...

That's just the default. If you turn simple pass code of, which why wouldn't you if you have a 5s, you can have a complex pass code.
 
ChrisA said:
Yes. It is worth the hassle. For two hours of work you get to sell a phone for like $200. Or maybe even better, there is credit card or paypal info on the phone.
Click to expand...

Nope. How do you plan to disable Find My iPhone without the four-digit passcode? It's not possible.

Also, within two hours the phone could easily be disabled.

ALSO, you won't find credit card or PayPal information on the device unless you happen to know the passwords for those accounts - no credit card company will release an app that is unlocked by fingerprint data. And no credit card company makes an app that keeps the user logged in for longer than 2 hours of inactivity.
 
notabadname said:
Get back to me when you produce the same result off of a randomly collected phone. Real prints don't look like a scene from CSI or this test. They are smudged, partials and generally less than "pristine". And, since most people don't manipulate the device with their thumb, but will likely use that one for their ID, you could have the simplest solution thwart your printing and glue efforts.
Click to expand...

Given the size of the iPhone sensor, it only deals with partial fingerprints. So partials will do just fine.

"most people don't manipulate the device with their thumb". Really? Perhaps most Android users don't do that but according to Apple most iPhone users do just that. Just watch their commercial.
 
MagnusVonMagnum said:
I just used scotch tape and lifted a print off a glass, put a little talcum powder on it, held it over the reader with my finger and presto, retarded iPhone sensor fooled as easy as 1,2,3. Sorry, but even a 4-digit pass code is safer than this stupid POS. Apparently, Tim Cook and company never watched a cheesy spy movie or an episode of McGyver in their entire lives or they'd know how ridiculously easy it is to fool fingerprint sensors and how unsafe it is to allow purchases using them as a pass code. Thanks, but no thanks. :rolleyes:
Click to expand...

did you really?!
if that's true that would be quite something. however, no offense but I won't take your word on this without a video proof.
 
MagnusVonMagnum said:
I just used scotch tape and lifted a print off a glass, put a little talcum powder on it, held it over the reader with my finger and presto, retarded iPhone sensor fooled as easy as 1,2,3. Sorry, but even a 4-digit pass code is safer than this stupid POS. Apparently, Tim Cook and company never watched a cheesy spy movie or an episode of McGyver in their entire lives or they'd know how ridiculously easy it is to fool fingerprint sensors and how unsafe it is to allow purchases using them as a pass code. Thanks, but no thanks. :rolleyes:
Click to expand...

Sure you did lol
 
jinspin said:
Your fingerprint is already on home button. So if they can lift fingerprint off the home button like police detective and scan it that is your key right there. Does not seem like it would take too long. Not looking good for Apple. Sorry to say it is Fingergate and future of mobile transactions using fingerprint scanning going down drain!
Click to expand...

ChrisA said:
A simple three step process to unlock ANY iPhone

  1. Get stolen iPhone
  2. Lift a finger print from the back of the iPhone or from the glass (Most iPhone users do not wear gloves and leave finger prints all of the glass and the backs of their iPhones
  3. Use the lifted finger print to unlock the phone.

You don't even need access to the user or even need to know who owns the phone because the owner likely left the "un-lock key" all over the phone in multiple places
Click to expand...
1) Turn on Find My iPhone and Activation Lock requires Apple ID & password to use it, it is effectively bricked: http://support.apple.com/kb/HT5818

2) The supposed process used here, if you read the how-to, which is NOT shown in the video (see link at top of Thread), the fingerprint is pulled from glass, and makes a mess, something that can't be done from the iPhone as there will likely be a screen protector (not glass), or, if none, the coating on iPhone glass smudges fingerprint, prevents this process...even if I am wrong, it would wreck the the iPhone's touch screen, making it useless. ...If it could have been taken from the iPhone, they would have shown this in the instructions. So, NO, you can't just lift a fingerprint from the iPhone.

3) Home button: did you even glance at the process in how-to link in original post of this thread? They're not going to get it from the home button, it will be useless.

4) Let's see the person's face doing this, and show us how he obtained and made the fake in a legitimate how to video. This is bunk.
 
Chlloret said:
Highly unlikely that this will work. First of all, you have to know the finger used to unlock the phone. Second, you will find out, that it will be to 99% not a finger you have on the phone, because you hold the phone in one hand while unlocking it with a finger of your OTHER hand.

So, to get the right fingerprint you have to know if the owner is a right or left handed and which of the fingers he/she is using. All that in a VERY small timeframe as the phone will be wiped and probably locked forever any minute.

Even IF you get into the phone, what now? You can not reset it without the possibly VERY complicated password. So it is still unsellable.
Any pay pal or CC accounts you find will need also passwords to get into.

No, I think the iPhone5S will be very quickly very unattractive to thieves.
Click to expand...

umm why dust whole phone when you can just dust the print on home button. That is print most likely stored on phone. Again Apple's big plan is to use fingerprint tech for online and store purchases and not just logging in. Hacks like this leaves big holes and risks in their plans.
 
If third party folks with much nothing to do (samedung) replicate this, then is what it is.

However, as someone said earlier, if your so precious a snowflake to warrant this, the you're already in trouble any how...
 
iphoneclassic said:
Apple's fix:

It is your fault. Don't touch everything, your finger is meant to be used only with Touch ID. Also don't let others photograph your finger.

As a standard operating procedure, use latex gloves always except when you are using our Bling IP5S.
Click to expand...

It doesn't need any "fix"...

Nothing is unbreakable. The Mythbusters guys also bypassed top-notch fingerprint locks (see: http://www.youtube.com/watch?v=3Hji3kp_i9k), I'm pretty sure they could do that with the Touch ID too.

But as long as a perfect quality "sample" from your fingerprint is needed, I wouldn't call that a real danger.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back