Sunday, September 22, 2013

TouchID already cracked from the iPhone 5S by CCC - WinFuture

hackers security experts have already pointed to the introduction of the new iPhone from Apple 5S that the use of the fingerprint authentication is not a good idea -. using right now as evidenced

Hackers starbug by the Chaos Computer Club (CCC) was successfully demonstrated how this access lock can overturn easily now. Sure enough, a fingerprint that was photographed from a glass surface. This is an artificial “finger” was create that gives an attacker access to the iPhone.

Apple had emphasized at the product launch, the new system should be much safer than existing fingerprint reader how to known from notebooks, for example, for a long time.

“In fact, the sensor of Apple only has a higher resolution than previous sensors. We only had to increase the granularity of our art finger a little bit,” said starbug. Needed for the hack to the CCC just simple things which can be found in virtually every household. The photo of the fingerprint was created with a resolution of 2400 dpi. The photo is then adjusted on the computer, inverted and printed by laser printer with at least 1,200 dpi on a transparency film.

Skin-colored latex milk or white wood glue is then applied to the image. By the pressure lines creates a fingerprint image in the deposited material. After drying, the counterfeit finger can be removed. This is moistened slightly by breathe on him. Then you can unlock the iPhone with the Atrappe.

“For years we have warned repeatedly against the use of fingerprints for access control., We leave fingerprints everywhere, and it is a breeze to create fake fingers of it,” the hacker went on to from. “It’s just a stupid idea to use something as an everyday security token that you leave every day at many places almost endless.”

iPhone users the tip is given not to save sensitive data with your fingerprint, but to use a password. It’s not just that the fingerprint can be easily faked. Also, it was said, one could easily be forced to unlock his phone when you get arrested. To force a person to abandon a secure password, on the other hand is a lot more than just keep the phone from his hands in handcuffs difficult.

The introduction of the technology by Apple can also be forged, through the relative ease of future further cause problems – because the company wants to use the sensor not only for the release of the smartphone, making extensive personal data would already be open in doubt, but also for various further applications to the Web.

No comments:

Post a Comment