Nope. 4 digits with 10 possibilities per digit = 10 x 10 x 10 x 10 = 10,000 possibilities.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Chaos Computer Club Bypasses Apple's Touch ID System (With Copy of Original Fingerprint)
- Thread starter MacRumors
- Start date
- Sort by reaction score
Nope. 4 digits with 10 possibilities per digit = 10 x 10 x 10 x 10 = 10,000 possibilities.
You do realize that the full document on CCC's site that goes into the process and how it was accomplished used a latent fingerprint left behind on an object.
As a police officer friend of mine once told me, lifting prints is "so easy even a cop can do it".
In point of fact, the only two accurate statements you made in this post are these:
Unfortunately, since none of the rest of your statements are, in any way related to those two facts, you still managed to get everything else wrong.
no real fact ? Besides that the biggest hackers club in europe showed it can be done .
You may be right or you may be wrong...deal with it.
I dont care either way , i just responded because some even refuse to consider it because its apple .
Two points.
First, on average you'll only have to try half of those combinations, so that's only about 160 hours or so.
Second, as others have pointed out in this thread, you can often get an idea of which digits are pressed most often by looking at the oil patterns on the screen of the phone. (In much the same way as you can get the fingerprint, but involving less equipment.)
That essentially reduces it to a 4x4x4x4 problem, which only takes a maximum of 256 combinations, putting it *firmly* into the same time frame as the fingerprint method described here. There's also the possibility of unobtrusively 'shoulder surfing' a 4-digit pass code. You can't really do that with a fingerprint.
The fingerprint is, when you factor everything in, about on par (but a little better) than a 4-digit PIN in the worst-case scenario, and potentially much better.
It's still much worse than a decent alphanumeric pass code, and shouldn't be considered hardened security by any measure.
The thief also would have to get the correct print off the phone, which complicates the process. There easily could be numerous prints, non of which may even be a needed portion for the correct print. And I tested the phone already on finger tips. I couldn't get the tip of my index finger to unlock my phone, even though that is the one I fully scanned in. And since most of our screen manipulation is with finger tips, that also complicates a thief's goal of getting a good scan.
The best security is passive security, that people don't get frustrated with and abandon, as so many do with passwords. And even when people do use passwords, they are frequently way too easy to guess - like simple patterns across the number pad, or "1 2 3 4" type stuff. Hard to imagine this making someone's phone more vulnerable. But hay, it's optional.
The best security is passive security, that people don't get frustrated with and abandon, as so many do with passwords. And even when people do use passwords, they are frequently way too easy to guess - like simple patterns across the number pad, or "1 2 3 4" type stuff. Hard to imagine this making someone's phone more vulnerable. But hay, it's optional.
Don't forget... the CCC experiment was in a controlled environment. The fingerprint was deliberately left on that beer bottle. And we don't know how long it took or how many tries it took to achieve the results.
Yes... the CCC proved it was possible to fool TouchID in this controlled experiment. That's step one.
Now I want to see them take someone's phone off the street and get a fingerprint from the phone itself.
You probably won't find such a clean fingerprint on a phone as the one that was purposely left on this bottle:
And who's to say that finger wasn't already taught?
(apologies if this is mentioned later in the thread - haven't made it through all of them and wanted to get my thought out)
It seems more likely the scanner is reading through the material.
This. The whole point is to get a more reliable "image" of the ridge patterns that you normally see on top.
AuthenTec's patents say that temperature and pulse checks are unreliable, especially in cold weather. Besides, it could take an extra second to find a single pulse. Who wants to wait that long?
Apparently yes, the same fingerprints can eventually come back from the deeper patterns underneath. This happens with bricklayers, people who work with lime, and even secretaries who handle a lot of paper.
Interestingly, the patterns you have for life, begin in a fetus at about 6-9 weeks, and are fully formed by 17 weeks. They're caused by layers of skin that grow at different rates and force the upper layers to convolute.
I think there are some unanswered questions with the method and its not clear if this could really be done with the iPhone in the real world.
With a normal biometric scanner, you place a specific part of your finger on the scanner. Thus, it makes it easier to defeat by working with that part of the print. Many are also setup to use a specific finger. In this case the person that setup the scanner also made the print and knew exactly which part to use. I don't know if the black dot, which is clearly shown before picking up the finger mold and after turning the finger over, is a marker to line up the finger exactly with the mold.
Was this a new mold they made or are they using one from an experiment done years ago? THis is important since it would dispel the notion they make that this can easily be done with common household materials. Not to mention it doesn't prove its reproducible. But, at this point I'll give the benefit of the doubt.
However, in order to see if this has merit in the real world, you need the following experiment:
1) Control would be having 1 person setup the fingerprint scanner in secret. Not indicating which finger or part of the finger was used. Then leave a perfect print on the iPhone glass of the finger, whole part. Then another person uses the methods outlined to create a fake print. That person has to then try using that fake to unlock the phone. They have 5 or is it 6 chances to unlock it by picking the correct spot on the fake to unlock.
2) Now for a realworld test. Have a random user setup the iPhone with fingerprint authentication and use the phone normally for a few days. Now try and pull a print or as many prints as you can and repeat the test. Odds of you picking a usable print, never the less a perfect print, containing the correct finger with the correct detail of the part used to setup the device is probably close to zero. While you could get prints off a wine glass or other method, you still have to know which finger and hopefully get the right spot within the requisite number of tries before you are SOL and the passcode kicks in.
3) Now you need to look at hundreds or thousands of iPhone 5S's that have been in use and see what the percentage of perfect usable prints (those that exactly match the specific finger and area) are avail to even lift from the device(s). I imagine this is going to be close to zero. This is based on knowing exactly which finger and spot was used so it should be easy to determine. This will tell you how likely in the real world it would be to do this. A controlled environment is one thing. THe real world is another.
Yes you can get a print from other means but a typical random thief/robbery would only have access to the device. A person specifically targeting a user would have improved odds if they did surveillance on a target to ascertain which finger(s) were used to unlock the device and which general area was placed on the button, ala what CCC appeared to have proved in their "hack". However, like CCC, you would more than likely try to obtain said fingerprint before accessing the device, since it is unlikely to get the perfect print you need on the device itself when stolen.
With a normal biometric scanner, you place a specific part of your finger on the scanner. Thus, it makes it easier to defeat by working with that part of the print. Many are also setup to use a specific finger. In this case the person that setup the scanner also made the print and knew exactly which part to use. I don't know if the black dot, which is clearly shown before picking up the finger mold and after turning the finger over, is a marker to line up the finger exactly with the mold.
Was this a new mold they made or are they using one from an experiment done years ago? THis is important since it would dispel the notion they make that this can easily be done with common household materials. Not to mention it doesn't prove its reproducible. But, at this point I'll give the benefit of the doubt.
However, in order to see if this has merit in the real world, you need the following experiment:
1) Control would be having 1 person setup the fingerprint scanner in secret. Not indicating which finger or part of the finger was used. Then leave a perfect print on the iPhone glass of the finger, whole part. Then another person uses the methods outlined to create a fake print. That person has to then try using that fake to unlock the phone. They have 5 or is it 6 chances to unlock it by picking the correct spot on the fake to unlock.
2) Now for a realworld test. Have a random user setup the iPhone with fingerprint authentication and use the phone normally for a few days. Now try and pull a print or as many prints as you can and repeat the test. Odds of you picking a usable print, never the less a perfect print, containing the correct finger with the correct detail of the part used to setup the device is probably close to zero. While you could get prints off a wine glass or other method, you still have to know which finger and hopefully get the right spot within the requisite number of tries before you are SOL and the passcode kicks in.
3) Now you need to look at hundreds or thousands of iPhone 5S's that have been in use and see what the percentage of perfect usable prints (those that exactly match the specific finger and area) are avail to even lift from the device(s). I imagine this is going to be close to zero. This is based on knowing exactly which finger and spot was used so it should be easy to determine. This will tell you how likely in the real world it would be to do this. A controlled environment is one thing. THe real world is another.
Yes you can get a print from other means but a typical random thief/robbery would only have access to the device. A person specifically targeting a user would have improved odds if they did surveillance on a target to ascertain which finger(s) were used to unlock the device and which general area was placed on the button, ala what CCC appeared to have proved in their "hack". However, like CCC, you would more than likely try to obtain said fingerprint before accessing the device, since it is unlikely to get the perfect print you need on the device itself when stolen.
Here's a video showing putting five fingerprints into one slot:
http://www.youtube.com/watch?v=3Qasx0NUDRw
I'm not insinuating that CCC is tricking us... but this video shows how you can have multiple fingerprints saved on the phone and it looks like you only have one fingerprint saved.
If true... this might explain how he unlocked his phone with his middle finger even though he appeared to only have his index finger saved.
So it's just something to think about... I don't know which video to believe now!
http://www.youtube.com/watch?v=3Qasx0NUDRw
I'm not insinuating that CCC is tricking us... but this video shows how you can have multiple fingerprints saved on the phone and it looks like you only have one fingerprint saved.
If true... this might explain how he unlocked his phone with his middle finger even though he appeared to only have his index finger saved.
So it's just something to think about... I don't know which video to believe now!
If you have 4 smudges on screen it would suggest that each digit in the pin is different so wouldn't that come down to 4 x3 x2 x1 = 24 Combinations?
You could run those in under an hour.
Nipple-unlock. No this is apparently not a joke :
http://www.lemonde.fr/technologies/...on-iphone-avec-ses-tetons_3482986_651865.html
(video isn't in french)
http://www.lemonde.fr/technologies/...on-iphone-avec-ses-tetons_3482986_651865.html
(video isn't in french)
is this the guy who hacked the touch ID?
https://blog.lookout.com/blog/2013/09/23/why-i-hacked-apples-touchid-and-still-think-it-is-awesome/
https://blog.lookout.com/blog/2013/09/23/why-i-hacked-apples-touchid-and-still-think-it-is-awesome/
Remember when people discovered that it was trivial to figure out an Android unlock pattern by inspecting the oil smear pattern on the screen? How often do you think thieves actually do that?
But nothing compares to the embarrassment of Samsungs facial recognition which can be defeated with a photograph.
Get back to me when somebody figures out how to bypass touchid using only the fingerprints on the device, within 30 minutes or so.
----------
Yup... If you can see the smudges, you only have to try a fraction of the total combinations. In fact you have nearly a 50/50 shot of guessing the right combo before you reach the 10 attempt limit.
Experiment, please
Can someone with an iPhone 5S in front of them please confirm or deny this thesis by a simple experiment. Does your print still register when you cover it in a few layers of cling film, for example?
Can someone with an iPhone 5S in front of them please confirm or deny this thesis by a simple experiment. Does your print still register when you cover it in a few layers of cling film, for example?
This confirms or disproves nothing.
Their is no reason to believe a respected group such as CCC would go around faking something like this. Really people, get real.
It is far more likely that they found a way around apple finger print system. Albeit a very convoluted way, that might not work well in the real world.
Get real, indeed.
I've never heard of the CCC before now, so unlike yourself, I have a myriad of reasons to question the veracity of their claims.
And to offer a counter-point, I say that it is far more likely that they are a "hacker club" of linux-neckbeards who'd just love to be a spoiler on Apple's fancy new technology, even if it meant fudging the numbers a little bit.
This is all fake! He still used his finger the whole time. The sensor in the phone is very sensitive and will see right through that latex. If he would of used something other than his FINGER you might have something. Also, why is he shaking so bad? What is he afraid of?
Well, so much for this being huge news, and crushing AAPL stock today. Turns out Tim Cook's announcement of record breaking iPhone sales and massive ios7 adoption overshadowed the whole deal. Smart man, Tim!
Get real, indeed.
I've never heard of the CCC before now, so unlike yourself, I have a myriad of reasons to question the veracity of their claims.
And to offer a counter-point, I say that it is far more likely that they are a "hacker club" of linux-neckbeards who'd just love to be a spoiler on Apple's fancy new technology, even if it meant fudging the numbers a little bit.
I have heard of them, and unless you have proof they faked what they did, then you have nothing. Their is again zero reason to believe it is fake.
You can't go around screaming fake just because you don't want it to be real.
----------
Get some glasses to fix those broken eyes of yours.
Oh please. What about the fact that the CCC is a highly reputable hacker organisation whose experts work in parliamentary commissions? And the member who demonstrated the Touch ID hack has worked with sensors like this one for at least 10 years. It seems ridiculous to insinuate that they would risk their reputation for this.
Also: Touch ID hack verified as legit (cnet.com).