ROFL! thanks for the chuckle. the hack in the video certainly raises some security issues with touch ID but what you are saying is just ridiculous.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Chaos Computer Club Bypasses Apple's Touch ID System (With Copy of Original Fingerprint)
- Thread starter MacRumors
- Start date
- Sort by reaction score
You are to blind "teknikal90"...passwords are secret and dynamic; fingerprints are public and permanent. If you dont tell anyone your password, no one will know what it is. If someone hacks your password, you can change it as many times as you want. Let me put it this way: if hackers get a hold of your thumbprint, they could use it to identify and impersonate you for the rest of your life.
We did not ask or some how wanted this Apple "innovation"...all what we wanted was a new iPhone with a bigger screen
Last edited:
I hope they show the ENTIRE process from beginning to end... including all the failed attempts at fingerprint collection.
I'm still not convinced that the result of this experiment is anything to freak out about.
I would take anything with a grain of salt what the hysterical Germans from those organizations come up with. Sure, there are always ways to trick systems and to forcefully gain access to such information. Lots of criminal energy involved you can do anything. People could take the stupid phone from you at gun point and ask for your code. Then what?
A bit more common sense in how we store information would be more important then dissecting stuff like this.
A bit more common sense in how we store information would be more important then dissecting stuff like this.
Yada, Yada, Yada.....
This technique has been around for a long time. It requires A GREAT DEAL OF EFFORT AND EXPERIENCE/MATERIALS.
Let the Haters Hate. This is not a "bypass." I'd love to know the number of failed images lifted prior to getting one to work.
Non issue. So much Hate. Simply unbelievable.
This technique has been around for a long time. It requires A GREAT DEAL OF EFFORT AND EXPERIENCE/MATERIALS.
Let the Haters Hate. This is not a "bypass." I'd love to know the number of failed images lifted prior to getting one to work.
Non issue. So much Hate. Simply unbelievable.
Ah but it generated 444 posts and counting so as far as MR is concerned it created the page views they wanted.
Yes...How does it feel to be used? I posted at least 6 times on this one. They are playing me like a violin.
Gee, didn't get the gold iPhone 5S you wanted?
Probably didnt roll up on Motorola for their horrible touch sensor on the Atrix, which is inferior to a very solid, legitimate feature in Touch ID. But I digress, why waste my effort with a troll like you...
Come on
Same thing happen when the dead bolt came out. Though we were safe then. Then some guy kicked the door in. but we still use dead bolts.
I scene that in every spy show and movies made. But who has the time. Please don't buy apps on my account. wait I would think if your phone got stolen you would wipe it ASAP. Here some tips, use a diff finger and don't let any take photos of you finger.
I got an idea for 7.1 thumb print, voice print, valid driver licenses and 18 dig password.
now stop looking faults and look at what it is, the best dam photo on the market!
Same thing happen when the dead bolt came out. Though we were safe then. Then some guy kicked the door in. but we still use dead bolts.
I scene that in every spy show and movies made. But who has the time. Please don't buy apps on my account. wait I would think if your phone got stolen you would wipe it ASAP. Here some tips, use a diff finger and don't let any take photos of you finger.
I got an idea for 7.1 thumb print, voice print, valid driver licenses and 18 dig password.
now stop looking faults and look at what it is, the best dam photo on the market!
Here is the truth. There are what, maybe several thousand Apple employees that may have a hand in development of iOS 7 at any time. And as soon as it's released, there are millions of wanna-be hackers looking to find one small exploit. Apple cannot possibly find, test, and close every exploit. It's not possible. So yeah, even the most sophisticated security systems in the world can be hacked. However, with this fingerprint method, here is my analogy.
Guy walks into the bank, asks for the key code to the vault (equivalent to guy needing to scan you finger). Guy inputs the keycode, unlocks vault, walks out with money (equivalent to guy using fake scanned fingerprint to unlock phone).
Too much needs to happen for this to be of real benefit to anyone. But it makes for great YouTube!
Bryan
----------
Hey, I know how to make this SUPER secure. Use your pinky to setup your phone, then cut off your damn pinky. Who needs it anyway? Now just use your 4 digit code. Done.
Bryan
Guy walks into the bank, asks for the key code to the vault (equivalent to guy needing to scan you finger). Guy inputs the keycode, unlocks vault, walks out with money (equivalent to guy using fake scanned fingerprint to unlock phone).
Too much needs to happen for this to be of real benefit to anyone. But it makes for great YouTube!
Bryan
----------
Hey, I know how to make this SUPER secure. Use your pinky to setup your phone, then cut off your damn pinky. Who needs it anyway? Now just use your 4 digit code. Done.
Bryan
+1. this is certainly potentially serious and a black eye to Apple because at the least they did claim that these kind of tricks won't work. But before freaking out I do want to know how long the whole process takes in practice (and not in a controlled environment) and how easy/hard it is to get a usable print off the phone itself. My ipod touch has so many overlapping and smudged prints I don't know if anything useful can be lifted off it at all. Also, it the procedure takes several hours then it's not a very big deal and can be easily mitigated by shortening the period of inactivity before a PIN is required to unlock the phone. But if it can be done quickly (say in about an hour) then this is a real problem IMO.
How about retina unlock? Oh christ, they'll take a 2400 dpi picture of my eye! Rats!
Bryan
Look, this is how bypassing this Touch ID system is done! Lifting a fingerprint off a glass bottle (or somewhere else on the screen) is going to be easier than cracking a 9+ digit alphanumeric passcode on an iPhone.
Using a 4 digit pin number? That can be cracked in a couple hours so don't even try it!
Using a 4 digit pin number? That can be cracked in a couple hours so don't even try it!
Exactly
Imagine being "that guy," who actually has this done to him out in the wild, and then hackers upload private pics to his Facebook page? I'd hate to be that guy.
All you need to so is look at where the front camera is. It's directly above the ear speaker. If it was a 4 or 4S it would be to the left of it.
It's not a 4S.
9+ digit alphanumeric passcode? Most people don't even turn on the simple 4 number lock...
What would the point be with TouchID if you would have to use the PIN the first time you use your phone after you wake up? You would have been asleep for several hours...
is it really that bad.
How long would it take the average person to create a working replica of the proper finger. If the iPhone is set up according to Apple instructions there's also a passcode set and after 48 hours of not unlocking the phone that passcode kicks in and the finger ID doesn't work until you put the passcode in.
Not to mention the issue of Find My iPhone. for most folks if they are without their phone for more than an hour they go into panic mode. Can you really ensure that said phone will not connect to any online systems to receive autowipe orders, thus removing all data from the phone and thanks to activation lock rendering it a brick.
You really think finding a phone with the users fingerprint on it is as rare as finding a car with the key in the ignition? And there's no need to reverse engineer anything, just need to follow a few steps to creat an image of the owners print.