Apple's Touch ID system, which was introduced in the iPhone 5s earlier this month, has officially been hacked. Following a video by Chaos Computer Club demonstrating how the exploit was achieved, the full process has been detailed in a new video by CCC member Starbug. It didn't take long at all for the new system, which is more of a convenience rather than a surefire security Fort Knox, to get bypassed, but it apparently shouldn't worry the average consumer, according to security expert Marc Rogers.
When the hack was initially achieved, CCC claimed it was super simple, attained through everyday and inexpensive office equipment. Turns out that's only partially true; it's important to put things in perspective. According to Rogers, much of the equipment required to complete the hack can cost "over a thousand dollars," and none of that equipment is likely to be just lying around your house. Things such as an image scanner, laser printer and a kit for etching PCBs, among other things.
"The reality is these flaws are not something that the average consumer should worry about," Rogers explained. "Why? Because exploiting them was anything but trivial. Hacking Touch ID relies upon a combination of skills, existing academic research and the patience of a Crime Scene Technician.
Here's how the process works: after lifting a perfectly unsmudged print (using cyanoacrylate fumes, fingerprint powder and fingerprint tape), the print must then be photographed, edited and printed onto transparency film. After that, the film must be converted to an actual usable print, either through a PCB board or a laser printer. Even when a perfect print was lifted, and then printed, it was often prone to failure, and very tricky to use.
"It is certainly not something your average street thief would be able to do, and even then, they would have to get lucky," Rogers said. "Don't forget you only get five attempts before Touch ID rejects all fingerprints requiring a PIN code to unlock [the iPhone 5s]," he added.
Rogers does admit that a "dedicated attack" could be executed, though none of us are likely that important for that to even be a worry. During Touch ID's announcement, Apple said the sensors used are capable of reading a user's sub-epidermal layers, so it's a little worrying a fake print could be used to bypass the system. Still, the fact that it has been hacked should deter the average person from using it, unless you've got some very, very important information to hide.
The Galaxy S20 Ultra's Space Zoom camera is amazing and a bit creepy
The Galaxy S20 Ultra supports up to 100X zoom, which Samsung calls Space Zoom, but is it any good? Can a phone really product usable photos at 100x zoom? We've got our Galaxy S20 Ultra already so join us to find out!
Win an iPhone, iPad and Apple Watch with the Reader's Choice giveaway!
What's the best phone of 2019? Is it the iPhone 11 Pro, Pixel 4 or OnePlus 7T? What about the best laptop, games console, tablet and more? Vote NOW in the Reader's Choice awards and win BIG in time for the holidays!
Here are the best products from IFA 2019!
Here are the products announced at IFA 2019 that were worthy of our Best of IFA 2019 awards. Also featuring MrMobile's single best product at the show!
Step into your favorite film with a pair of 3D glasses
Experience movies and video games in the most realistic way with a pair of 3D glasses. Our guide has the best to help you narrow down your choice.
