Every company or organisation that uses fingerprints as a security element is doing this merely to "give tech junkies another target toy play with"?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Chaos Computer Club Bypasses Apple's Touch ID System (With Copy of Original Fingerprint)
- Thread starter MacRumors
- Start date
- Sort by reaction score
Every company or organisation that uses fingerprints as a security element is doing this merely to "give tech junkies another target toy play with"?
Replicate what? Motorola Atrix? Because that's exactly what Apple replicated. They tried to fool people into thinking that they did something more than the conventional fingerprint scanner but this experiment exposed their lies.
And FYI, there were reports in the news that Samsung was preparing fingerprint scanner too (people found some relevant APIs)
Not even printed. We took a picture of my friend who had this feautre on his phone, on my iPhone I then presented the picture of him on my iPhone to his phone, boom it unlocked.
You are embarrassed for the whole fingerprint sensor industry which for years has been selling products with no real value?
Maybe you should have googled the term 'fingerprint faking' before you bought it. But you should also return any phone that uses a passcode because if somebody can get your fingerprints, they probably can also look over your shoulder when you type the passcode in.
Exactly.
Also... you can make a copy of my house key and get into my house.
Nothing is secure!
last time i checked you can register up to 5 fingers(not all at the same time).. what makes you think he didnt register that middle finger already ?
Because if others cannot replicate it, the CCC would have a big egg on their face like 60 Minutes had it when they published the faked George Bush National Guard service documents. If you know for sure that you will be found out when lying, most people don't lie.
It would be more secure to use your little finger for authentication since that is less likely to leave a full print on your phone.
Unless your a high profile then the chances of hackers going to this trouble on YOUR phone is completely unlikely. If you are a high profile then you would be advised to turn the simple 4 digit pass code off and use a more secure code.
Unless your a high profile then the chances of hackers going to this trouble on YOUR phone is completely unlikely. If you are a high profile then you would be advised to turn the simple 4 digit pass code off and use a more secure code.
So it's that simple...
LOL...but the devil in the details are usually left out by the trollers, certain tech writers..once this news hits the net.
You can not lift the print of the home button. As explained in the how to. Second, for purchases the fingerprint is additional security, the first time it needs the password. It is also extremely unlikely that you get this far (to make purchases) as by the time you get to the point that you actually get into the phone it more then likely has been wiped and bricked.
What makes you think that Apple overlooked it? Because they didn't put a footnote under their fingerprint sensor description saying that it is possible to fake fingerprints? Does every lock you buy come with a big disclaimer that almost all locks can be picked or keys can get duplicated?
So it's that simple...
Yes, and all this will happen out on the street or at the mall. To really test this they should have used a different persons finger. Since it's the same guy that already has his print on the phone, how do we know it's not just reading his print through the latex? Seems very flakey at best.
I'm not surprise by this simple hack, however Apple should've done lots of research how to hack iPhone in every possible ways by using hardware and software.
People out there aren't fools
Any lock is a 100% joke because it can be picked? All these snake-oil lock manufacturers.
Not to mention that a simple 4 digit passcode can be guessed within 28 "work-hours", if you can try 1 combination in every 10 seconds (that's not a hard quest). If we take the average 8 working hours, your top secret passcode can be guessed in less then 4 days. Are you frightened now?
You don't have to be an expert to understand the basics.
I understand the electronics, I've read multiple sensor patents (including AuthenTec's), and I've spent more than a few hours over the past few months researching the technology and how to fool it. Everything I said is easily verifiable, especially if you have a similar EE/CS background.
--
That said, I think that this demo is a poor one. For all we know, it's just someone making moves to an app or pre-edited video on the phone.
Pay attention. He used his index finger to enrol and placed the film with the imprint with his middle finger onto the sensor. No fakery.
I thought the sensor was supposed to read the skin layer behind the fingerprint
Yes, did you notice that it's the same guy whose print is already on the phone who is using the latex image? It could be that the sensor is reading through the latex and reading his original fingerprint. To really verify this they should have used someone else's finger.
Just watched the video again. Looks like he did only have 1 finger registered. I don't know why people think its a 4. It's a 5s space gray clear as day. Looks at the camera position and the home button is clearly the reader.
Even if it's real I'm not concerned. Like I said it would only be an issue if someone is able to pull a print off the phone and use it.
Even if it's real I'm not concerned. Like I said it would only be an issue if someone is able to pull a print off the phone and use it.
I'm not too surprised it was hacked, but a bit surprised it took only 2 days. This is going to get a lot of press, and I'm guessing it will scare companies away from allowing the Touch ID to be used instead of a password. It might also set back Touch ID's rollout as a payment mechanism outside the App Store and iTunes. After all, a hacker might be able to pull a workable fingerprint from the button itself.
Last edited:
Again it shows he only has 1 finger registered and he used a different finger with the latex. Watch it again.
Show me the video where they use a different person's finger instead of the same one who has his fingerprint already on the phone to unlock it. I think the sensor is reading through the latex image and reading his original print.