Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Chaos Computer Club Bypasses Apple's Touch ID System (With Copy of Original Fingerprint)
- Thread starter MacRumors
- Start date
- Sort by reaction score
I think that I have lost hope in humanity. Apple's Touch ID is used as a consumer security measure. If a thief wants to steal iPhones by lifting fingerprints off the phone (because the owner's prints will be on the f'n phone) then good for him. It will still prevent a lot more types of theft from happening since the process of fingerprint lifting and creating the means to fool the device isn't exactly something everyone can, or would want, to do. Get over it.
I'll give Samsung 6 months to release the highly inferior knock off that the Android fanboys will be praising (as probably original.) Oh, Samsung already stated that they're working on a 64-bit OS... SHOCKER!
I'll give Samsung 6 months to release the highly inferior knock off that the Android fanboys will be praising (as probably original.) Oh, Samsung already stated that they're working on a 64-bit OS... SHOCKER!
we're doomed
this morning on my walk to work, i did notice someone following me, i ditched my coffee cup, and did a quick left right left through the mall doubled back around to find the guy strangely fishing through the trash can for my coffee cup.......to be continued
calling it a bypass is a bit of a stretch, more like a much much longer way around the mountain.
this morning on my walk to work, i did notice someone following me, i ditched my coffee cup, and did a quick left right left through the mall doubled back around to find the guy strangely fishing through the trash can for my coffee cup.......to be continued
calling it a bypass is a bit of a stretch, more like a much much longer way around the mountain.
Also a fake finger print for a thief will only give access to the users data. The thief still needs the actual AppleID password to disable FindMyPhone Activation Lock.
The fingerprint scanner also locks down after 5 failed attempts and requires the pin code to be entered.
The fingerprint scanner also locks down after 5 failed attempts and requires the pin code to be entered.
You would of thought it Touch ID was the *real mcoy*, it could tell a living human finger from a fake (or printed) one...
Back to the drawing board Apple. Samsungs doing this finger print thing by the way, and guess what, this is their chance to flaw Apple in every respect. And i reckon Samsung will pull it off perfectly.
ok, i admit to this, but then its a also a longer way around the mountain for all by-passing too not just this.
Except that your fingerprints are not a secret. You leave them behind everywhere you go - and even if you are trying not to.
Fingerprints left behind are the downfall of millions.
Simple solution: use your pinky finger for lock/unlock.
Don't use your pinky finger on the screen = no readily available fingerprints to lift off the glass surface and scan.
Voila! The iPhone is totally secure...until someone hooks it up to a computer with the USB cable and hacks your goods... which is probably simpler then doing the whole scanner thing.
Don't use your pinky finger on the screen = no readily available fingerprints to lift off the glass surface and scan.
Voila! The iPhone is totally secure...until someone hooks it up to a computer with the USB cable and hacks your goods... which is probably simpler then doing the whole scanner thing.
You do realize that the fingerprints left behind have never been replicated so a reader would recognize them. They are made of oil and damage easily. A fingerprint analyst will look at 15-20 characteristics while a scanner will scan hundreds to thousands. Nor does a lifted print have anywhere near the DPI necessary to replicate.
Not to mention the complexity caused by the fact that you really need the mirror of the print to duplicate it.
On the plus side it should be easy to prove in court of law the fingerprint sensor is no more or no less evidence that you did something with your phone than a passcode is now.
Simply scan a body part that you can't lift a finger print off your beer bottle or coffee cup or door knob. Set a pass code.
I'm going to use my ....
There. Problem solved. All this flaming drama over the mountainous circumvention that's been climbed to access a phone. Your average crook isn't going to that effort unless is bloody simple!
Some people are complete knuckle heads. Really.
I'm going to use my ....
There. Problem solved. All this flaming drama over the mountainous circumvention that's been climbed to access a phone. Your average crook isn't going to that effort unless is bloody simple!
Some people are complete knuckle heads. Really.
You're standing in the kitchen on your office floor, having a great conversation over a coffee with that new intern. Let's face it, she's so beautiful.
You just put your mug in the dish washer.
Next morning you go to the restrooms, leaving your phone on the desk.
On the way out you meet your boss, who wants to have an immediate conversation with you.
An hour later, you return to your desk. The phone is gone. You try to remote wipe it, but it cannot be located.
Someone has unlocked it and put flight mode on.
You still had all the mails on it, exchanged with the lawyers regarding that new patent, that you wanted to obtain.
You just put your mug in the dish washer.
Next morning you go to the restrooms, leaving your phone on the desk.
On the way out you meet your boss, who wants to have an immediate conversation with you.
An hour later, you return to your desk. The phone is gone. You try to remote wipe it, but it cannot be located.
Someone has unlocked it and put flight mode on.
You still had all the mails on it, exchanged with the lawyers regarding that new patent, that you wanted to obtain.
You must be a comedy writer. Of course Samsung will copy Apple. That's the cornerstone of their mobile business, after all.
Even if this video is not a fake, (it's veracity is far from certain) what average iPhone thief is going to go through all that trouble to steal your phone? The answer is none. Much ado about nothing.
Even if this video is not a fake, (it's veracity is far from certain) what average iPhone thief is going to go through all that trouble to steal your phone? The answer is none. Much ado about nothing.
Ah but it generated 444 posts and counting so as far as MR is concerned it created the page views they wanted.
I guess he was nervous, first time in front of the camera? Can someone explain how a person is going to let you take their fingerprints firstly, then let you walk away with their phone so you can go and try this trick? As they say, in the lab anything is possible. But real world? Please.
Bryan
Bryan
Sorry Mack but if you're gullible enough to believe girls aren't smart and can't be crooks that's your problem.
As I said scan a body part you don't readily use to lift a beer bottle, cup or turn a door knob!
Again, problem solved.
Fairly sure there isn't even a 100ppi image of my fingerprint anyone can gather, let alone one that is 2100ppi. Secondly, the video doesn't show full navigation into the enrollment process (well enough for my liking).
What do the screens look like when adding an additional finger, versus what is shown? (sorry I don't have a 5s, and the display demo at the stores don't show normal TouchID preferences.) . Is there any way to confirm that his middle finger was not previously enrolled?
Good luck obtaining that from my phone
A) I have a case that is highly difficult to get fingerprints off of (material is not smooth)
B) I would register a finger I never use holding the phone, nor in normal operation of the touch interface .
C) on the given finger I would register, I would only register a portion of that digit, that normally wouldn't come into contact with my Phone (or anything else I am holding). You can (it takes some effort) only register part of your finger. the Software makes it hard, but you can get away with registering only one side of your fingerprint if you choose to do so.
That said, Most people won't think outside of the box, and will go with the easiest way to unlock their phones. I will (when I get a 5S, or 6), likely keep my complex passcodes, and use a partial fingerprint for TouchID.
What do the screens look like when adding an additional finger, versus what is shown? (sorry I don't have a 5s, and the display demo at the stores don't show normal TouchID preferences.) . Is there any way to confirm that his middle finger was not previously enrolled?
Good luck obtaining that from my phone
A) I have a case that is highly difficult to get fingerprints off of (material is not smooth)
B) I would register a finger I never use holding the phone, nor in normal operation of the touch interface
. C) on the given finger I would register, I would only register a portion of that digit, that normally wouldn't come into contact with my Phone (or anything else I am holding). You can (it takes some effort) only register part of your finger. the Software makes it hard, but you can get away with registering only one side of your fingerprint if you choose to do so.
That said, Most people won't think outside of the box, and will go with the easiest way to unlock their phones. I will (when I get a 5S, or 6), likely keep my complex passcodes, and use a partial fingerprint for TouchID.
So a bunch of nerds in their parents basement with no lives managed to do something that is so absurd and over-the-top that Apple should somehow be worried... ok.
This operation would not be difficult for a gang of phone thieves to pull off. Fortunately you'd have plenty of time to wipe the contents of your iCloud account and deactivate your payment method for iTunes. Thieves still could not sell your phone because of activation lock.
The idea of a passcode is for Joe off the street not to be able to access your phone, not this.
I could care less.
I could care less.
I thought everyone knew that Apple was the R&D arm of Samsung. Samsung will just rename it ID Touch, wrap it in a plastic shell with a 6 inch screen and call it innovation.
Bryan
I'm just going to walk up to every car in the parking lot until I find one with keys in the ignition. Then, I'm going to go through the hassle of reverse engineering the locking system works, so I can open the door, but then realize that I can't break the lock system on this one. So I continue my search. Oh, and this is all after I just robbed a bank and have the cops running after me.
Do you see how that wouldn't be worth my time? Theives will just avoid iPhones for the most part.
Yep to the first quote and yep to the second.
Imitation is simply the greatest form of flattery.