Even without the lockout period, I don't think a 3D printed finger with metallic secret sauce will unlock the iPhone. We'll see, but that's my prediction.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Police Ask 3D Print Lab to Replicate Dead Man's Finger to Unlock Phone
- Thread starter MacRumors
- Start date
- Sort by reaction score
As I mentioned, and as the article mentions:
"The new rule requires a user to enter a passcode when an iPhone or iPad has met two conditions: the device has not been unlocked via a passcode for six days and has not been unlocked with Touch ID for the past eight hours."
"The previous five passcode requirements are: the device has been turned on or restarted, the device has not been unlocked for 48 hours, the device has received a remote lock command from Find My iPhone, five unsuccessful Touch ID attempts and adding new fingers to Touch ID."
You may or may not be correct about that, but assuming you are, people still care about what happens to others after their death. Many people have secrets that they wouldn't want exposed to family members regardless of if they were not around to actually observe it.
I can say without doubt, there is nothing that important on my phone that someone is going to go through the trouble of getting my thumb print and then having the technology and equipment to reproduce my finger, if they even think I use my thumb as the unlock.
If you go through that much trouble on my phone you are going to get an epic ton of trash emails and a bunch of contact information on people that you could have probably gotten out of a phone book or off of Facebook.
Lastly, if I'm dead, I'm fairly certain I don't care what someone gets off my phone, probably because of the fact that I am dead.
If you go through that much trouble on my phone you are going to get an epic ton of trash emails and a bunch of contact information on people that you could have probably gotten out of a phone book or off of Facebook.
Lastly, if I'm dead, I'm fairly certain I don't care what someone gets off my phone, probably because of the fact that I am dead.
It's already been done with a silicone finger
http://www.tested.com/tech/ios/486967-testing-apples-touch-id-fake-fingerprints/
Last edited:
Stop it. You're undermining a thief's childish rant with rational facts. How dare you?
If successful, this will lead to a whole new market for untrusting spouses.
Home fingerprint collection and mail order fake fingers.
Then a spouse will simply wait for their partner to walk away from their phone, pull out the fake finger, and start snooping.
Think it won't happen? Just wait.
And just imagine the financial losses with Apple Pay and a fake finger. Better keep a good eye on your phone around your boyfriend or girlfriend, or even coworkers. There's going to be a big market for fake fingers someday all thanks to Apple Pay.
Home fingerprint collection and mail order fake fingers.
Then a spouse will simply wait for their partner to walk away from their phone, pull out the fake finger, and start snooping.
Think it won't happen? Just wait.
And just imagine the financial losses with Apple Pay and a fake finger. Better keep a good eye on your phone around your boyfriend or girlfriend, or even coworkers. There's going to be a big market for fake fingers someday all thanks to Apple Pay.
When I take pictures with friends or family I send it to them the same day. There is absolutely no reason to hold on to pictures or videos you took with friends or family without sharing, unless you don't want to share which brings me back to my point. Oh and yes my gf knows the pin to my iPad so she can get in and get pics or videos if she needs to, but she doesn't because I already sent them to her.
[doublepost=1469239092][/doublepost]
You are correct, but I still don't want people going through my phone looking at things I didn't want them to see while I was alive. People's feelings might get hurt and then they'd wish they'd never looked into it, and had mind their own business.
If my missus gets access to my icloud I'd be dead. Already dead or soon to be, doesn't matter.
So now desperate crooks won't merely stop at chopping off your finger, they'll then proceed to gouge out your eyeball, lol
I doubt whether anything can be made so secure, that sooner or later human ingenuity (read: crooks), won't find a way around it.
Last edited:
Like 'finding' that huge bag of cocaine you 'accidentally dropped' as the police were trolling through your car/home/office.
My brother is a cop, and a horrible racist. No one can even begin to tell me that there aren't cops like him 'out there' shooting minorities (blacks) because they can. Put this into play for racist and power hungry police and prosecutors, and there is no end to the 'mischief' they can perpetrate.
Not to mention how expensive this is for the already cash strapped states run by tax cut happy governors. I'm sure this isn't cheap, to do this. And the police have finger prints from all kinds of sources. There is a vast database of fingerprints out there, and now they seem to be able to exploit that at will?
Orwell was right. He just got the dates a bit wrong...
[doublepost=1469276328][/doublepost]
A simple fix for that would be to stop being naughty...
Ahh, but the lens clouds over time, or so I've been told. Plus the retina dies, and loses its appearance. Soon there will be little incubators to keep gouged out eyes alive?
I make sure my SO has all of my passwords. If I should leave this earth suddenly there is important information that has to reviewed and acted upon. And threads like this make me want to turn off touch id. lol
There's a very simple method. Let's say your passcode is 9876 (easy to remember). You think of a random number (let's say 3910). Write 3910 on a piece of paper that you keep safely at your home. Subtract 9876 minus 3910 = 5966. Give that number to your parents, or your kids, or your brother or sister.
When the passcode is needed, the parents pick up the piece of paper from your home and add the two numbers. 3910 + 5966 = 9876 = passcode. Neither the piece of paper nor the number that your parents have give the slightest hint to the passcode. (If you picked a random number larger than your passcode, add 10,000 to your passcode before you calculate the number to give to your parents. And when they add the numbers, they drop the leading digit. And it works of course with any length passcode).
Here's another method: You use an eight digit passcode. Then you give the first five digits to your parents. If the police wants to get into your phone, and your parents agree, there are now 1,000 combinations to try, which can be done by hand in two hours. That's also a fine method if you have kids, and you want their phones to be safe, while having the ability to get in if you really want - but not easily, so your kids can trust you.
[doublepost=1469286381][/doublepost]
Kidnapping is a major crime. If you are kidnapped, your fingerprints taken, and then they turn up at a murder scene, the police will know to look for a person who had a motive and means to commit the murder, plus a means to kidnap you. That should make solving both crimes a lot easier.
The latter method probably wouldn't work well since after a handful incorrect attempts there would be lockouts involved (and potentially more than that, like data being wiped).
I would like to see Apple Implement an optional preference that would activate Three Factor Authentication.
This would activate a secondary passcode that would have to be entered every time your fingerprint was used to unlock the device. The secondary password could be user selectable to be one, two, three, or four digits.
If you fail to get the secondary passcode correct on the first or second (user selectable) try than iOS would be lockdowned until the primary password is entered using that currently existing rules.
This would allow paranoid people to have a much higher level security on their device. Technically adept thieves would have only a one in 10 chance of breaking in with a fake finger and hitting a single digit on your phone without looking every time it is unlocked would be easy especially if Apple makes the numeric keyboard nice and large.
When activated it would also be safe to get rid of the eight hour and six day resets thus making it more likely that the primary password will be very long and complex since it will no longer be used very often.
I always thought that three factor authentication ( something you have:iPhone, something you are:fingerprint, something you know:A one or two digit code) backed up by a complex password that would activate on the first failure would be a great way to protect my personal data.
I know this would be for everyone which is why it should be an option
This would activate a secondary passcode that would have to be entered every time your fingerprint was used to unlock the device. The secondary password could be user selectable to be one, two, three, or four digits.
If you fail to get the secondary passcode correct on the first or second (user selectable) try than iOS would be lockdowned until the primary password is entered using that currently existing rules.
This would allow paranoid people to have a much higher level security on their device. Technically adept thieves would have only a one in 10 chance of breaking in with a fake finger and hitting a single digit on your phone without looking every time it is unlocked would be easy especially if Apple makes the numeric keyboard nice and large.
When activated it would also be safe to get rid of the eight hour and six day resets thus making it more likely that the primary password will be very long and complex since it will no longer be used very often.
I always thought that three factor authentication ( something you have:iPhone, something you are:fingerprint, something you know:A one or two digit code) backed up by a complex password that would activate on the first failure would be a great way to protect my personal data.
I know this would be for everyone which is why it should be an option
Only when you turn that feature on. With an eight digit passcode, there is no need for an automatic erase at all.
Sure, the erase part might not apply, but the longer and longer lockouts would, making the guessing practically an improbable task (short of being lucky and guessing the right combination early on).
[doublepost=1469378182][/doublepost]This is obviously a case of precedents. Whether or not they can get into this phone does not matter. What does is if they can get the courts comfortable with utilizing fingerprints and use this case for funding and problem-solving to make it happen. Once it has along with a court order to search your property i.e. a search warrant, they will show up at your house with a premade fingerprint ready to search your phone as well. If you cut a small circle of tape and place it on your fingerprint scanner it no longer works this is my suggestion. Do not use your fingerprint scanner on your phone. Use an extended password and give it to only people you trust.
Police in Michigan are reportedly attempting to use a 3D model of a fingerprint to unlock a murder victim's phone and reveal clues that could help solve an open case.
Fusion reports that the investigation is still ongoing, therefore details remain murky, but essentially instead of requesting that the phone manufacturer unlocks the murder victim's handset, officers have asked computer scientists at Michigan State University to create a 3D printed replica of the victim's fingers so they can do it themselves.
The victim's body was apparently too decayed for a fingerprint to be directly applied to the phone, but the police already had a scan of the victim's prints from when the man was arrested in a previous case.
Most fingerprint readers like Apple's Touch ID are capacitive, meaning they use electric circuits that close when human skin comes into contact with them, which generates the image of the print.
However, a 3D printed finger doesn't possess the conductivity that human skin does. So, to circumvent the problem, engineers coated the printed fingers in a thin layer of metallic particles so that the fingerprint scanner can read them.
Currently it's unclear whether the method works, as the designers haven't yet delivered the printed fingers to the police to attempt to unlock the victim's phone.
Another potential stumbling block is that if the phone in question is an iPhone, then police may come up against a passcode screen, since newer Apple handsets request a passcode if the fingerprint unlock hasn't been used within eight hours and the code hasn't been entered in six days.
But if the technology is a success, then theoretically the authorities could use it on cases involving living suspects by applying for a court order.
Fusion notes that the courts draw a distinction between a fingerprint password and a memorized one. "Courts generally draw a line between the 'contents of the mind' (which is protected) and 'tangible' bodily evidence like blood, DNA, and fingerprints (which is not)," said Bryan Choi, a security, law and technology researcher.
So while a memorized password might be protected by the Fifth Amendment which protects against self-incrimination, a fingerprint isn't. Indeed, in 2014, a court in Virginia ruled that a suspect can be required to unlock their phone using their fingerprint.
Therefore if a suspect is at large but the police have their phone in hand and their fingerprints on record, there's nothing to say that the method could be used to unlock the device in the owner's absence.
Choi argues that in this day and age, phones should be considered extensions of the mind and therefore protected under the Fifth Amendment and not just the Fourth Amendment (protection against illegal search and seizure).
"We offload so many of our personal thoughts, moments, tics, and habits to our cellphones," Choi told Fusion. "Having those contents aired in court feels like having your innermost thoughts extracted and spilled unwillingly in public."
Article Link: Police Ask 3D Print Lab to Replicate Dead Man's Finger to Unlock Phone
In college, I had a friend who had a 54 character password. He had a routine he went through to log in. He said that it would be impossible for anyone to watch him logging, and replicate the process, as he also had scripted backspaces into the 'performance'. Until someone did it. Given the high cost of forgetting the passcode, and my increasing age makes me want to 'Keep It Simple Stupid'...
But, yes, I can see where that would rock. The auto erase feature seems to me to be the perfect weapon someone could use on a 'person they don't like'. Double edged swords do cut both ways...
In curious now, how did someone do it?In college, I had a friend who had a 54 character password. He had a routine he went through to log in. He said that it would be impossible for anyone to watch him logging, and replicate the process, as he also had scripted backspaces into the 'performance'. Until someone did it. Given the high cost of forgetting the passcode, and my increasing age makes me want to 'Keep It Simple Stupid'...
But, yes, I can see where that would rock. The auto erase feature seems to me to be the perfect weapon someone could use on a 'person they don't like'. Double edged swords do cut both ways...