Comments
Apple Hackers Rate iPhone 5s Security
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Richard
50%
50%
Richard,
User Rank: Apprentice
9/21/2013 | 3:32:10 AM
re: Apple Hackers Rate iPhone 5s Security
melgross - please take a moment or two to watch my videos on my initial attempts to defeat the sensor on Fortinet's blog.

I have gotten the "new" capacitance sensor to recognize a gelatin finger, enroll it, and use it to unlock the phone.

Further, I have been able to get a gelatin finger to be rejected by the phone as an "unrecognized print"... which means my initial comments about the capacitance sensor being "dumb" was correct.

Now as far as getting the phone to unlock with a replicated print of a live finger... well, I'm still hacking away at it. :)
Mathew
50%
50%
Mathew,
User Rank: Moderator
9/17/2013 | 10:25:22 AM
re: Apple Hackers Rate iPhone 5s Security
No answers yet on the Exchange compatibility question -- we'll need to get our hands on iOS 7 to see how Apple has implemented Exchange ActiveSync. But working with Exchange typically requires a bona fide password. For that reason, as noted by the interviewee, many people report difficulty getting Android swipe unlock to work with Exchange ActiveSync. It remains to be seen if Apple -- or a third party -- will find some way of bridging the password-to-fingerprint gap.
Richard
50%
50%
Richard,
User Rank: Apprentice
9/16/2013 | 5:24:46 PM
re: Apple Hackers Rate iPhone 5s Security
For the record, I was referring only to the metal ring around the sensor that detects a finger, not the sensor that reads the print. That *is* a "dumb" sensor that can be defeated.

Also, I counter your statement that the sensor reads the subdermal layer - it does not. It reads the subepidermal layer. There *is* a difference.
melgross
50%
50%
melgross,
User Rank: Ninja
9/14/2013 | 2:52:31 PM
re: Apple Hackers Rate iPhone 5s Security
Just goes to show how most posters don't know what they're talking about, or whether they even bother to read the entire article. It seems to even be questionable as to whether they understand the article even if they do read it.

But just as a point of clarification, 3D printers can't print to silicone (it's not silicon). Even if they could (though some VERY expensive new models use a variant), the resolution of 3D printers that aren't priced in the multiple 100's of thousands don't have the 550ppi resolution to be able to print out an accurate fingerprint. And, of course, they can't print out the capacitance patterns, or even know them.
melgross
50%
50%
melgross,
User Rank: Ninja
9/14/2013 | 2:50:59 PM
re: Apple Hackers Rate iPhone 5s Security
Yes, it's optional.
melgross
50%
50%
melgross,
User Rank: Ninja
9/14/2013 | 2:50:22 PM
re: Apple Hackers Rate iPhone 5s Security
I would just like to say that Mr. Henderson has never attempted to break the security of the new capacitance sensors. And possibly doesn't even understand the way they work. This sensor, at least, doesn't simply detect the overall field of capacitance as does a capacitance touch screen. It reads the capacitance pattern of the sub dermal layer. That's impossible to fake with a simple capacitance.
Laurianne
50%
50%
Laurianne,
User Rank: Author
9/14/2013 | 12:21:44 PM
re: Apple Hackers Rate iPhone 5s Security
Mat, can you clarify the Exchange compatibility issue? Thanks
aaronAshfield
50%
50%
aaronAshfield,
User Rank: Apprentice
9/14/2013 | 12:21:08 PM
re: Apple Hackers Rate iPhone 5s Security
Hackers, here is an attack that works:
1- Take a piece of tape
2- Place it on the iPhone button, and take the fingerprint
3- Send it to a 3D printer and print if on silicon
4- Use the silicon finger for access
greatdott!
50%
50%
greatdott!,
User Rank: Apprentice
9/13/2013 | 9:57:27 PM
re: Apple Hackers Rate iPhone 5s Security
Is the fingerprint scanner additive to a passcode in an Exchange EAS environment, or entirely incompatible? That is, can a user also employ the scanner if she is already using an Exchange EAS-compatible passcode?

Your unnamed "network operations specialist"'s quote suggests full incompatibility: "'... the fingerprint reader is not compatible with Exchange EAS,' he said."
David F. Carr
50%
50%
David F. Carr,
User Rank: Author
9/13/2013 | 7:13:24 PM
re: Apple Hackers Rate iPhone 5s Security
Is using the fingerprint scanner optional? I wonder if consumers will trust the technology. I know my wife used to have trouble with the fingerprint scanners at Disney never reading her fingerprint the same way twice, making the tech less of a convenience.
Page 1 / 2   >   >>


The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.