Chaos Computer Club Bypasses Apple's Touch ID System (With Copy of Original Fingerprint)

[MRSucks]

Right. The criminals and your nosy random friends/acquaintances are so interested and have the means to do this.

 

[unconncious]

I call bolderdash on this. As someone else had said. I want the to do the whole process and restore the phone to factory setting while filming and pull the fingerprinting BS and see if it works... he could have just program the other finger before filming to then claim he went around the security protocols

 

[benji888]

I just used scotch tape and lifted a print off a glass, put a little talcum powder on it, held it over the reader with my finger and presto, retarded iPhone sensor fooled as easy as 1,2,3. Sorry, but even a 4-digit pass code is safer than this stupid POS. Apparently, Tim Cook and company never watched a cheesy spy movie or an episode of McGyver in their entire lives or they'd know how ridiculously easy it is to fool fingerprint sensors and how unsafe it is to allow purchases using them as a pass code. Thanks, but no thanks.

Too many movies/crime shows. ...I guess this generation doesn't realize that movies and TV shows are not reality.

 

[iphoneclassic]

Given the size of the iPhone sensor, it only deals with partial fingerprints. So partials will do just fine.

Not only that being an entry level sensor it uses very few reference points. So you actually don't need a perfect copy of the finger.

 

[MRSucks]

This video is pure BS!!

People falling for this crap need to be banned using the internet.

 

[tkatz]

I don't see what the issue is. There are a bunch of other safe guards in the phone that makes this "hack" a non-issue. If the phone is rebooted or hasn't been unlocked by TouchID in 48 hours it reverts to the passcode. If the phone is wiped then it requires your Apple account to activate.

TouchID will prevent someone from picking up / stealing your phone and immediately accessing your data. By the time they'd have a chance to go through the process of "hacking" your finger print (ie by lifting it off the glass of the phone itself) the timeout would have already occurred, they would have shut it off to prevent wiping, or you would have already reported it stolen and initiated a wipe. At that point the other safe guards kick in and your data is safe.

 

[manu chao]

It's funny how the Apple fanboys try to deny the fact that it's pretty easy to bypass the security of their new gadget. I own Apple products myself so don't get me wrong. But the CCC isn't a joke that claims stuff they didn't test. You just need a fingerprint on a bottle or something like that. And as someone already pointed out. Most of your scanners do 2400 dpi so no problem.

Fingerprint sensors have been used as access features in lots of areas for quite a number of years. Unless you think the whole fingerprint sensor industry is a fake and is fooling all those using fingerprints as part of an identification, they must be of some use, otherwise the companies making those scanners wouldn't be able to sell anything.

Apple could have put a mechanical key lock in the phone. And people like you would complain that it is so easy to pick a lock that touting that as a feature is akin to fraud.

I really don't know what your point is:

1. That a fingerprint sensor adds very little security? (And every company or organisation using them are fools or just do it for show.)
2. That suspecting that the demonstration was faked can only stem from a reflex to defend anything Apple? That could be the case but you don't know if they had said the same thing if it had been a Google fingerprint sensor.

BTW, I see no reason to call this a fake. Not least since the same method has been used for many, many years with other fingerprint sensors. The only question here is whether this demonstration proves that Apple's sensor is not better than existing sensor. It suggests this but to really show that you need a much larger sample of fingers and faking methods.

 

[Kimiimacman]

Pay attention!!!!

Go back to the top on this thread. Look at the phone

It's a 4s

Not a 5s so the whole thing is fake

Give it up

 

[i.mac]

This video is pure BS!!

Agree.

I will program my 64 gb gold phone (in October apparently ) with my nose. Let them lift my nose 'finger print'.

 

[seble]

Do we have any proof that it simply isn't still reading the finger's fingerprint through the transparent plastic sheet?

Because the process they claim to use sounds like it would fool an optical fingerprint reader, which Touch ID isn't.

Touch ID uses a radio-frequency capacitive sensor that only works with live body parts, as previously explained by Mashable.

to put this to the test I got a clear sticky note thing, the plastic 'cover' that you peel of a new iPhone and a sheet of paper. The thin clear sticky note (which was pink) allowed my FP to go through. The paper and the thicker plastic cover did not recognise my finger, says to me that it could just be reading the finger underneath...

 

[exilus]

For all we know, maybe the sensor is reading the fingerprint through the transparent film the same way it works with the sapphire coating... i would like to see an other person unlocking his phone with the fingerprint replica.

 

[i.mac]

Go back to the top on this thread. Look at the phone

It's a 4s

Give it up

I think you're right! I wonder if the phone dimensions could tell which phone is this?

 

[benji888]

I don't lock my phone to STOP someone from stealing it. (They don't know I've locked it). I lock my phone so someone stealing it doesn't get access to my data.

Even if they don't want my data, they could still screw with it:
- delete all my phone numbers / appointments / notes / etc. and it syncs across the cloud to all my devices
- they could post stuff to my Facebook/twitter
- call/ text people
- reset my bank account passwords (by getting them sent to my e-mail).

Gary

But, my point is, most thieves don't care about your information:

iPhones are primarily stolen for the money they can get selling them.

iOS 7's Activation Lock, activated by turning on Find My iPhone for the stolen idevice, prevents anyone from using that idevice without entering your Apple ID & password. It is bricked.

 

[MRSucks]

If you are too paranoid and will not use it for a long time or will be sleeping. Or surrounded by nosy friends / random strangers ... set it with passwords.

This technology, iPhone's 64-bit monsters and Slick & gorgeous looking iOS 7+ are set for life!

Apple just proved to be a giant disruptor!

 

[Tysknaden]

Not a fake

This CCC "Chaos Computer Club" is famous. It's like an institution. Since years.
You can be sure - the video is not a fake!

 

[SeattleMoose]

Anyone who wants to go to ALL that trouble to see a picture of my Grandma DESERVES to see her....LOL!!!

 

[snakes-]

I Have the Iphone 5S in Gold i am happy and this test here is stupid, if my phone get stolen i make remote delete and call the police before someone can hack my phone.

 

[Essex711]

For real?

What I am concerned about is that he didn't use someone else to use the fingerprint he scanned, such as someone would do when stealing another person's phone and print...

 

[windywalks]

I think you're right! I wonder if the phone dimensions could tell which phone is this?

The iPhone 4s camera isn't centered.

I wonder how much of this is true though and btw - this guys has some serious essential tremor going on.

 

[famous600]

This is the dumbest thing I have ever read. So you "bypass" the fingerprint sensor by the fingerprint? LOL isn't that what it's supposed to do?!?

 

[MRSucks]

Go back to the top on this thread. Look at the phone

It's a 4s

Not a 5s so the whole thing is fake

Give it up

Wake up call, for the trolls!

 

[HAudidoody]

Short comment...

If another fingerprint were registered, we'd have seen it listed in the setup screen for the fingerprint. Also, the print was rejected once, so we know the phone was locked.

Bottom line, fooling this thing wouldn't be a surprise. It's a mass-produced low-cost product.

 

[Thierry ba]

What a great technology Apple has built into Touch ID sensor. It can actually scan your fingerprints through the plastic film, WOW.

 

[mrbyu]

Go back to the top on this thread. Look at the phone

It's a 4s

Not a 5s so the whole thing is fake

Give it up

What are you talking about. It is clearly a 5S (or a 5 at least), just look at the edges, the 4/4S has a thin plastic band between the front panel and the metal frame (the 5/5S doesn't). Not to mention the position of the front camera, and the color of the sideframe.

 

[seble]

The sensor should included something that detects a human pulse.

Boy Apple is on a roll.

1) No iPhones 5S until sometime in October
2) Finger ID easily thwarted
3) Apple TV Bricking

Bad

Not going to be good for Apple stock tomorrow.

Um surely when the faux-print was placed on a real finger, it was placed on something with a pulse, a human one. That point is kinda moot.