So why are they talking as if any old person can do the hack? There is no need to improve something that is as perfect as it can be. It doesn't change the fact it's better than any consumer system on the market!
Probability of it happening aside, "any old person" CAN do the hack. It's not rocket science. It's basically doing stuff that thousands of teens have done in years past with homebrew circuit boards and model making.
I saw it first reported around the turn of the century when our company checked into using fingerprints for ID, and decided against it. (Fingerprint readers are good for convenience, but are not an ideal security system.)
Around 2002, a Japanese security researcher used the techniques to fool a commercial sensor with a fake finger. The next year, the Chaos Computer Club (the same one that hacked the iPhone 5s)
announced that they had made a wearable fake print that could be used in public.
So it's an old technique. Heck, it might even be easier to find a section of a print to use on the iPhone than other sensors, as TouchID apparently only scans an 88x88 pixel 500 PPI area, which is about 1/5" square.
You need a passcode to change anything on the phone to make it yours. I can't foresee any reason other than information on the device that would make this hack even worthwhile?
That was true before Apple Pay. Now your evil kids or roommate can take their time to make a decent finger from your prints around the house, and use it to buy things with your phone. Just pray that it's not child porn or something. Figure the odds of you proving that it was not your finger that was used to authenticate.
This article seems like scare mongering and goading a response to a non-issue.
It's not a
total non-issue, but yes, it should be a very rare event. Unless someone comes out with a "
Just send a print and $19.95 to us and we'll send you back a finger" service
Wouldn't it be easier to steal someone's credit card than it would be to get someone's phone and fingerprint?
Absolutely. Unless you were trying to incriminate someone, by making it seem they either bought something or were somewhere. Then TouchID is ideal. Again, this scenario is more likely to show up on a TV show than in real life.