If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Buzzfeed)   If you predicted three days before the iPhone fingerprint scanner was hacked, step up and claim your prize   (buzzfeed.com) divider line 57
    More: Interesting, iPhone, Fingerprint recognition, sensors, fingerprints, Chaos Computer Club  
•       •       •

2801 clicks; posted to Geek » on 23 Sep 2013 at 2:37 AM (41 weeks ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



57 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

First | « | 1 | 2 | » | Last | Show all
 
2013-09-23 02:40:28 AM
First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone.

Seems like it would be easier to just club the owner into unconsciousness and use their finger.
 
Xai
2013-09-23 02:50:17 AM

fusillade762: First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone.

Seems like it would be easier to just club the owner into unconsciousness and use their finger.


not really since the whole point is that you could use that fingerprint to unlock it forever since there is no way to ever change it. It's not like they could ring apple and get it changed or locked out...
 
2013-09-23 02:50:59 AM
/first item in the Newsline
 
2013-09-23 02:51:45 AM

Xai: fusillade762: First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone.

Seems like it would be easier to just club the owner into unconsciousness and use their finger.

not really since the whole point is that you could use that fingerprint to unlock it forever since there is no way to ever change it. It's not like they could ring apple and get it changed or locked out...


so you're saying "club them and take a high resolution photograph of their finger"?
 
2013-09-23 02:52:41 AM
www.gannett-cdn.com
/grumble
 
2013-09-23 03:25:02 AM
I'm surprised it took that long
 
2013-09-23 03:30:44 AM
i.imgur.com
Why don't the users just rinse the fingerprints off their iPhones, so people can't copy them?
 
2013-09-23 03:40:54 AM
This is why all phones need a full DNA scanner.
 
2013-09-23 04:29:03 AM
The video of that child crying about iOS 7 irritated me. Everyone always tells me "it's different when they are your children" but I don't see how that's possible. The sound of a whiny, inconsolable child is about the worst sound on the planet. I'm just glad I don't have any of my own.
 
2013-09-23 05:02:52 AM
So Dog just needs a scanner and a printer to go with it is all.

31.media.tumblr.com
 
2013-09-23 05:08:56 AM
First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone.

...so, just a more involved version of one of the "beat the fingerprint scanner" tricks the Mythbusters tried. One of those same tricks that was being derided in other iPhone threads as totally not ever working against the iPhone fingerprint scanner, because it was such a different and better kind of scanner.

I'm just going to sit in my corner and giggle for a bit.
 
2013-09-23 05:37:47 AM

Lachwen: First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone.

...so, just a more involved version of one of the "beat the fingerprint scanner" tricks the Mythbusters tried. One of those same tricks that was being derided in other iPhone threads as totally not ever working against the iPhone fingerprint scanner, because it was such a different and better kind of scanner.

I'm just going to sit in my corner and giggle for a bit.


Yeah, this seems like one of those things they'd do on Burn Notice.  Overly complicated, not likely to work, but somehow in that universe it works every time.
 
2013-09-23 05:43:49 AM

Shadowknight: Lachwen: First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone.

...so, just a more involved version of one of the "beat the fingerprint scanner" tricks the Mythbusters tried. One of those same tricks that was being derided in other iPhone threads as totally not ever working against the iPhone fingerprint scanner, because it was such a different and better kind of scanner.

I'm just going to sit in my corner and giggle for a bit.

Yeah, this seems like one of those things they'd do on Burn Notice.  Overly complicated, not likely to work, but somehow in that universe it works every time.


Michael Weston is an advanced being. Don't question it.
 
2013-09-23 05:44:54 AM
It's actually is very likely to work. In fact, it probably always works, because it's hard to beat physics. It's not that hard to make a false fingerprint using this technique, and once you get it, how the scanner is supposed to differentiate a perfect faximile from real deal?
 
2013-09-23 06:02:03 AM

GreenAdder: [i.imgur.com image 793x1500]
Why don't the users just rinse the fingerprints off their iPhones, so people can't copy them?


Oh, look. Someone hangs around 4chan.
 
2013-09-23 06:14:49 AM
I call fake.  He didn't show us how many fingers were already registered at the start of the video.
 
2013-09-23 06:15:58 AM

Gordon Bennett: So Dog just needs a scanner and a printer to go with it is all.

[31.media.tumblr.com image 423x750]


It does recognize dog paws.  and cat paws.  Even human nipples.
 
2013-09-23 06:17:40 AM
it's hard to imagine a situation in which photographing someone's fingerprint in high resolution is easier than finding out their four-digit PIN

IDK, the method seems pretty damn simple. I wonder if anyone tried a 3D printer to skip a step yet....
 
2013-09-23 06:52:03 AM

Xai: fusillade762: First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone.

Seems like it would be easier to just club the owner into unconsciousness and use their finger.

not really since the whole point is that you could use that fingerprint to unlock it forever since there is no way to ever change it. It's not like they could ring apple and get it changed or locked out...


Club them, unlock it with their fingerprint, add your own fingerprint. Much easier & cheaper to club'em.
 
2013-09-23 07:00:55 AM

SpdrJay: This is why all phones need a full DNA scanner.


"My voice is my passport. Verify me."
 
2013-09-23 07:33:40 AM

Grahor


how the scanner is supposed to differentiate a perfect faximile from real deal?


facsimile
 
2013-09-23 07:37:16 AM
I want to get one of those phones and train it too unlock when I scan the helmet of my shlong.
 
2013-09-23 07:41:57 AM

SpdrJay: This is why all phones need a full DNA scanner.


Apple fanboys are already jerking off on it anyway.
 
2013-09-23 07:50:43 AM

OregonVet: it's hard to imagine a situation in which photographing someone's fingerprint in high resolution is easier than finding out their four-digit PIN

IDK, the method seems pretty damn simple. I wonder if anyone tried a 3D printer to skip a step yet....


I bet it you just put some box on the street with a hole in it and a sign that said "insert finger here", a sizeable number of people would do it.
Then you use BTLE to detect their phone to match it up to the fingerprint later on when you steal it.
 
2013-09-23 07:52:44 AM

the_rhino: I want to get one of those phones and train it too unlock when I scan the helmet of my shlong.


One of my Android-using facebook friends joked about that this morning and I almost did it, but decided it might get awkward to announce to all my friends that I was sticking my wiener on my phone.
But, fark is different.  I'll give it a shot after work and let you know how it goes.
 
2013-09-23 08:04:04 AM
Apparenty the claims that only a live finger could be used to unlock the phone were false.
 
2013-09-23 08:06:34 AM

serial_crusher: OregonVet: it's hard to imagine a situation in which photographing someone's fingerprint in high resolution is easier than finding out their four-digit PIN

IDK, the method seems pretty damn simple. I wonder if anyone tried a 3D printer to skip a step yet....

I bet it you just put some box on the street with a hole in it and a sign that said "insert finger here", a sizeable number of people would do it.
Then you use BTLE to detect their phone to match it up to the fingerprint later on when you steal it.


i.imgur.com
 
2013-09-23 08:24:57 AM

doloresonthedottedline: Michael Weston is an advanced being. Don't question it.


I usually didn't. I loved that show. Even when it was repetitive (oh look, he's found another layer of the conspiracy that burned him, and the CIA thinks he's a traitor AGAIN), I still loved it.  No matter how improbable their plans.  And the way it ended would be a perfect set up for a spin off, or continuation, with Sam and Jessie going off and doing their own thing. 

Which I would watch, if for nothing else than more chin jokes at Bruce's expense.
 
2013-09-23 08:32:21 AM

fusillade762: First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone.

Seems like it would be easier to just club the owner into unconsciousness and use their finger.


This is an immense improvement over how we used to bypass biometric readers.

www.geekalerts.com
 
2013-09-23 08:59:21 AM
I still think the most common way these will be bypassed is jealous/paranoid/nosy people using their partners finger when they are asleep to unlock their phone so they can read the texts etc.
 
2013-09-23 09:16:44 AM

serial_crusher: Gordon Bennett: So Dog just needs a scanner and a printer to go with it is all.

[31.media.tumblr.com image 423x750]

It does recognize dog paws.  and cat paws.  Even human nipples.


So this is why God gave men nipples. That's some very forward thinking.
 
2013-09-23 09:21:44 AM
First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone.

Oh great!  Now any meth addict on the street can steal an iPhone and break into it.
 
2013-09-23 09:22:15 AM
the bottom line: you'd really, really, really have to want to get inside somebody's phone to resort to the mission impossible-style tactics described in the article.

when really it's just to stop your mom finding the dick pics you texted to your girlfriend if she inadvertently finds your phone lying around.
 
2013-09-23 10:15:35 AM
I think more people should give Apple the finger.


and then move to Android.  be smart. go Android.
 
2013-09-23 10:17:24 AM

SpdrJay: This is why all phones need a full DNA scanner.



no.

Apple is in the pre design stage of anal probing technology on a phone.  they want to know why these dumbasses keep racing to their stores to buy their overpriced, overvalued phones.
 
2013-09-23 10:18:52 AM
my phone doesn't even have a pass lock
 
2013-09-23 10:19:55 AM

DubyaHater: The video of that child crying about iOS 7 irritated me. Everyone always tells me "it's different when they are your children" but I don't see how that's possible. The sound of a whiny, inconsolable child is about the worst sound on the planet. I'm just glad I don't have any of my own.



this Nation has a child fetish.  course, the reason is that advertisers know who their future (and current - since kids have alot of influence on what daddy/mommy buys) consumers will be.  advertisers brainwash americans into thinking that the whole reason for existance on earth is to have kids.

and dumb ass americans fall for it.
 
2013-09-23 10:21:26 AM

Linux_Yes: I think more people should give Apple the finger.


and then move to Android.  be smart. go Android.


We're getting ready to move back to the States in a month from our overseas stationing, so my wife just got back from her "house hunting leave."  While over there, she decided to talk to Verizon, buy some phones, and set up a plan so we have one as soon as we land Stateside.  

While we were over here, we have had little prepaid "drug dealer" phones, because a foreigner getting a data plan is more trouble than it's worth.  To supplement my mobile internet needs, I have just carried an iPod Touch for the last three years, because free wifi is plentiful in Europe. But man, I hate this thing.  Sure, it plays music and podcasts fine, but it crashes on every other program I try to use (an electronic Spanish/English dictionary should not be that stressful) and so locked down I can't change anything I really want to change.  

So, when asked what I wanted, I told her the Galaxy S4.  She bought the iPhone, because she figured she's used the iPod this long so there's no learning curve.  She's played with her's quite a bit, but when she played with mine she fell in love.  She keeps telling me she's going to steal it from me when we get back.  

Apple doesn't do anything bad.  I just find it mediocre.
 
2013-09-23 10:22:01 AM

AdamK: my phone doesn't even have a pass lock



b-b-b-but what if the terrorists get access to it???   ahhhhhhhhhhhhhhhhh!    lock it up!   you are destroying america!!!
 
2013-09-23 10:23:13 AM

Shadowknight: Linux_Yes: I think more people should give Apple the finger.


and then move to Android.  be smart. go Android.

We're getting ready to move back to the States in a month from our overseas stationing, so my wife just got back from her "house hunting leave."  While over there, she decided to talk to Verizon, buy some phones, and set up a plan so we have one as soon as we land Stateside.  

While we were over here, we have had little prepaid "drug dealer" phones, because a foreigner getting a data plan is more trouble than it's worth.  To supplement my mobile internet needs, I have just carried an iPod Touch for the last three years, because free wifi is plentiful in Europe. But man, I hate this thing.  Sure, it plays music and podcasts fine, but it crashes on every other program I try to use (an electronic Spanish/English dictionary should not be that stressful) and so locked down I can't change anything I really want to change.  

So, when asked what I wanted, I told her the Galaxy S4.  She bought the iPhone, because she figured she's used the iPod this long so there's no learning curve.  She's played with her's quite a bit, but when she played with mine she fell in love.  She keeps telling me she's going to steal it from me when we get back.  

Apple doesn't do anything bad.  I just find it mediocre.



true.  they do make a decent product, i won't deny it.  but its way overrated and they charge a premium for it because everyone thinks its the finest products in the land.

if they only knew...........
 
2013-09-23 10:24:01 AM

OregonVet: it's hard to imagine a situation in which photographing someone's fingerprint in high resolution is easier than finding out their four-digit PIN


Er... high resolution cameras are widely available and people leave fingerprints everywhere they go.  It's not exactly difficult.

If you already have their iphone, there's probably a pretty good chance you can lift a print right off the phone itself.
 
2013-09-23 10:57:27 AM
You guys all know this is not new right?  I know everyone is all talking about it due to the iphone, but this type of bypass is at least two decades old for fingerprint scanners.
 
2013-09-23 11:18:55 AM

Linux_Yes: and then move to Android.  be smart. go Android.


So - go from one broke auth system to another?  At least Apple updates their phones.  Which is more than you can say for most carriers attempting to run android.
 
2013-09-23 11:24:06 AM

BafflerMeal: You guys all know this is not new right?  I know everyone is all talking about it due to the iphone, but this type of bypass is at least two decades old for fingerprint scanners.


Yes, I'm sure everyone was completely unaware of that, which is why absolutely nobody has referenced any common print-reader bypass mechanisms, such as gummybears, in the thread so far.  We would be lost without you.

The significant point, here, is that this particular reader was alleged to be new and advanced and not so trivially defeated.
 
2013-09-23 11:25:28 AM

China White Tea: BafflerMeal: You guys all know this is not new right?  I know everyone is all talking about it due to the iphone, but this type of bypass is at least two decades old for fingerprint scanners.

Yes, I'm sure everyone was completely unaware of that, which is why absolutely nobody has referenced any common print-reader bypass mechanisms, such as gummybears, in the thread so far.  We would be lost without you.

The significant point, here, is that this particular reader was alleged to be new and advanced and not so trivially defeated.



Man, those cornflakes must be soggy.
 
2013-09-23 11:36:20 AM
That's not an "iPhone hack" that's just plain old traditional "lifting a fingerprint and using it to fake-out a finger-print scanner".  That's like spy-movie 101.

And since it's a very spy-movie kind of thing, that also means it's impossible to replicate on a large scale, totally impractical for anyone but celebrities or political figures, and not really worth worrying about.

That said, I'd be much happier if it had a 2-phase authenticator: fingerprint first, then keyed in numeric code.  That way you couldn't screw around with someone's phone when they're passed out on the couch.
 
2013-09-23 11:48:00 AM

cefm: That's not an "iPhone hack" that's just plain old traditional "lifting a fingerprint and using it to fake-out a finger-print scanner".  That's like spy-movie 101.

And since it's a very spy-movie kind of thing, that also means it's impossible to replicate on a large scale, totally impractical for anyone but celebrities or political figures, and not really worth worrying about.

That said, I'd be much happier if it had a 2-phase authenticator: fingerprint first, then keyed in numeric code.  That way you couldn't screw around with someone's phone when they're passed out on the couch.


If you're going to do that why not just have the password, or an unlock pattern like my HTC? Why bother with the fingerprint?
 
2013-09-23 12:02:01 PM
The prize was also hacked.

www.hwdyk.com
 
2013-09-23 12:08:04 PM

SpdrJay: This is why all phones need a full DNA scanner.


Great, so now I gotta jack it to unlock my phone.
 
2013-09-23 12:58:26 PM

gingerjet: Linux_Yes: and then move to Android.  be smart. go Android.

So - go from one broke auth system to another?  At least Apple updates their phones.  Which is more than you can say for most carriers attempting to run android.


I guess Android is ok if you're on a budget or whatever but most of my friends with Androids spend a lot of time literally biatching at their phone. I'm finally getting a new iPhone because (some) apps being released aren't compatible with my still-functioning 3GS.
 
Displayed 50 of 57 comments

First | « | 1 | 2 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report