Menu

Topics

TV Programs

Connect

Local

your local region

National

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

Calendar

Calendar

Search

Quick Search

  •  
  •  
  •  
  •  
  •  
  •  

Trending Now

  •  
     
  •  
     
  •  
     
  •  
     
  •  
     
  •  
     

Add Global News to Home Screen

Instructions:

  1. Press the share icon on your browser
  2. Select Add to Home Screen
  3. Press Add

Comments

Want to discuss? Please read our Commenting Policy first.

Video link
Headline link
Advertisement
Consumer

How the iPhone 5S fingerprint scanner was hacked

By Erika Tucker Global News
Posted September 24, 2013 11:29 am
2 min read
iPhone 5S fingerprint
AP Photo/Ng Han Guan
Share this item via WhatsApp

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

TORONTO – Two days after the iPhone 5S hit the shelves, German hacking group Chaos Computer Club hacked the TouchID fingerprint scan.

How did they do it? According to the CCC website:

  • fingerprint of the user is photographed with 2400 dpi resolution
  • image is cleaned up, inverted and laser-printed with 1200 dpi onto transparent sheet with a thick toner setting
  • pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet
  • after it cures, thin latex sheet is lifted from the sheet, breathed on (to make it a tiny bit moist) and then placed onto the sensor to unlock the phone

Watch the video here:

The post said the CCC’s biometrics hacking team was responsible, with a hacker nicknamed Starbug finding the key.

Story continues below advertisement

“We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token,” said Frank Rieger, spokesperson of the CCC, in a statement on Saturday.

Breaking news from Canada and around the world sent to your email, as it happens.

The group also noted this hacking method has been around for years; the difference is they needed a higher resolution for their fake because Apple’s sensor has a higher resolution than previous sensors.

The hack was announced on IsTouchIDHackedYet.com along with the prize of thousands of dollars and some bitcoin, which will be donated to CCC-Berlin spinoff Raumfahrtagentur (no word if the Bourbon and other bottles of booze will be donated).

U.K. computer security researcher Nick DePetrillo was one of the bounty donors, and tweeted the following Monday afternoon:

https://twitter.com/nickdepetrillo/status/382203755673837569
Story continues below advertisement

Fellow computer security expert Robert Graham wrote a blog post Monday on what the hack means.

Graham believes that while it’s not too much trouble for a private investigator or a kid with lots of time on his hands, TouchID “isn’t completely useless.” He said many people don’t bother to enter a 4-digit PIN to lock their phone, so if people are using Touch ID security instead of none, it’s a good thing.

He also suggested a way to prevent the hack: use your ring or pinky finger since you use those less, which means they’re the most difficult to retrieve from the surface of your phone or other surfaces you touch.

Related News
© 2013 Shaw Media

Sponsored content

AdChoices