Is it easier to buy a digital camera and a $120 infrared filter attachment or a 99 cent bag of gummy bears?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Hackers Trick Samsung Galaxy S8 Iris Recognition Using a Printed Photo and a Contact Lens
- Thread starter MacRumors
- Start date
- Sort by reaction score
Is it easier to buy a digital camera and a $120 infrared filter attachment or a 99 cent bag of gummy bears?
Hard to tell, I have the digital camera, filters and printer...but would have to buy the gummy bears.
The camera was set to night mode.
I don't plan on trying this because I don't like the idea of retina scanning anyway. It's almost ridiculous to have to look into your phone to unlock it. Pick it up, put your finger on the Touch ID sensor, and well, that's it
Night mode is usually just long exposure. What you really need is the ability to capture infrared, and most good cameras block IR these days.
Freezing the video, it looks like they used an old Sony Cybershot with Night Shot capability. That was a camera with a switch to remove the infrared cut out filter from its sensor path. I wonder if it was otherwise modified as well, since they took the picture in broad daylight and that would normally overwhelm its sensor with IR in that mode.
But I'm no expert. Any ghostbusters around here with IR camera experience?
Note that it's scanning the iris, which is the colorful front of the eye. Not the retina, which is the inside back of the eye.
Last edited:
This is the consequence of misuse of identity information as authentication information. Fingerprints or facial features or Iris patterns are identity information. They can't be used for authentication process alone. A secure authentication process needs two information: an identity information and a piece of secret info only that person who owns the identity knows.
Ignorance. And Your logic is false and completely skewed Sir. I can tell you the agency I am Employed with ONLY is deemed to use biometric security measurements by itself, nothing else would suffice. Period. As a matter of fact, the biometric Iris scanning capabilities are recalibrated every few months to ensure there are no discrepancies and rechecked. Iris scanning is our primary source, which is all time sensitive and encrypted, which also has fail safes. We have back up methods, but Biometric is solo used on its own.
No snark intended, Do you have any idea how many government agencies safe guard Themselves and use biometric scanning as a primary and you "Think" they should not be using any biometric by itself? The NSA would disagree with you on your flawed logic.
You see, security isn't perfect. Why? Because if you allow something to be exposed long enough where someone has the advantage to create the technology, that technology has the means to allow the technology to be available. How does some of the top security in the world be the best defense against what one is trying to hack? It's called being dynamic, which regularly requires change in pattern, behavior and regularities from being static. Complacency and stagnancy are the two biggest hurdles for ANY security to become exposed.
Some of the best security engineers in then world are designing other means to keep the biometric process refreshed and ever changing as we speak, because of the tools criminals have today.
Last edited:
What agency do you work for and what's your clearance?
Myself, I was a spook for NSA. TS/SCI+. I can't think of any place really secure where there wasn't layers you had to pass through. For example, I'd bet that at your place of work you at least have security at the front door.
However, that's all moot anyway. If it wasn't clear from the context, I was talking about security for a smartphone. I don't think having a single factor unlock method is smart in the case of a device that is used outside a secure area. That goes for political and business people too, if they keep any sensitive info onboard.
Last edited:
Yes. I am, and was aware that it does not scan the retina. My point was that I don't want to hold a phone up to my face to unlock it. I prefer the current Touch ID method - for convenience.
However, more options are better. With the phone on a desk, leaning toward the phone and having it unlock is preferable to touch id. Of course, if one doesn't like this method, they can turn it off.
Your response was arrogant, but I guess that's besides the point. What agency do you work for that would allow biometric unlocking as opposed to biometric in conjunction with passcode? I'm guessing here, but I would venture to say that if the courts ruled that a fingerprint is not protected, than neither would any of your other biometric information. Not too secure when the cops force you to open you eyes, and look into you phone to unlock it. On the other had, if biometric data was coupled with a passcode, current law prevents the authorities from forcing you to give up your passcode.
Run that by your security team in the "agency" you work for, and let me know what they say. I'm always open to being wrong, and probably more times than not, I am
[doublepost=1496064968][/doublepost]
Preferable for security or convenience? BTW, I agree that more options are better. I am also a paranoid kind of person, so I do prefer secure methods of unlocking devices.
All very good points, although I was referring to a Password, not a Pin.
There are inherent risks in using a mobile device in public, so if you are a target, someone WILL get into your device if they really want to.
Personally, I use the fingerprint reader/password combo, but to each his own.