Apple Hackers Rate iPhone 5s Security - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
Apple Hackers Rate iPhone 5s Security
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Richard
50%
50%
Richard,
User Rank: Apprentice
9/21/2013 | 3:32:10 AM
re: Apple Hackers Rate iPhone 5s Security
melgross - please take a moment or two to watch my videos on my initial attempts to defeat the sensor on Fortinet's blog.

I have gotten the "new" capacitance sensor to recognize a gelatin finger, enroll it, and use it to unlock the phone.

Further, I have been able to get a gelatin finger to be rejected by the phone as an "unrecognized print"... which means my initial comments about the capacitance sensor being "dumb" was correct.

Now as far as getting the phone to unlock with a replicated print of a live finger... well, I'm still hacking away at it. :)
Mathew
50%
50%
Mathew,
User Rank: Moderator
9/17/2013 | 10:25:22 AM
re: Apple Hackers Rate iPhone 5s Security
No answers yet on the Exchange compatibility question -- we'll need to get our hands on iOS 7 to see how Apple has implemented Exchange ActiveSync. But working with Exchange typically requires a bona fide password. For that reason, as noted by the interviewee, many people report difficulty getting Android swipe unlock to work with Exchange ActiveSync. It remains to be seen if Apple -- or a third party -- will find some way of bridging the password-to-fingerprint gap.
Richard
50%
50%
Richard,
User Rank: Apprentice
9/16/2013 | 5:24:46 PM
re: Apple Hackers Rate iPhone 5s Security
For the record, I was referring only to the metal ring around the sensor that detects a finger, not the sensor that reads the print. That *is* a "dumb" sensor that can be defeated.

Also, I counter your statement that the sensor reads the subdermal layer - it does not. It reads the subepidermal layer. There *is* a difference.
melgross
50%
50%
melgross,
User Rank: Ninja
9/14/2013 | 2:52:31 PM
re: Apple Hackers Rate iPhone 5s Security
Just goes to show how most posters don't know what they're talking about, or whether they even bother to read the entire article. It seems to even be questionable as to whether they understand the article even if they do read it.

But just as a point of clarification, 3D printers can't print to silicone (it's not silicon). Even if they could (though some VERY expensive new models use a variant), the resolution of 3D printers that aren't priced in the multiple 100's of thousands don't have the 550ppi resolution to be able to print out an accurate fingerprint. And, of course, they can't print out the capacitance patterns, or even know them.
melgross
50%
50%
melgross,
User Rank: Ninja
9/14/2013 | 2:50:59 PM
re: Apple Hackers Rate iPhone 5s Security
Yes, it's optional.
melgross
50%
50%
melgross,
User Rank: Ninja
9/14/2013 | 2:50:22 PM
re: Apple Hackers Rate iPhone 5s Security
I would just like to say that Mr. Henderson has never attempted to break the security of the new capacitance sensors. And possibly doesn't even understand the way they work. This sensor, at least, doesn't simply detect the overall field of capacitance as does a capacitance touch screen. It reads the capacitance pattern of the sub dermal layer. That's impossible to fake with a simple capacitance.
Laurianne
50%
50%
Laurianne,
User Rank: Author
9/14/2013 | 12:21:44 PM
re: Apple Hackers Rate iPhone 5s Security
Mat, can you clarify the Exchange compatibility issue? Thanks
aaronAshfield
50%
50%
aaronAshfield,
User Rank: Guru
9/14/2013 | 12:21:08 PM
re: Apple Hackers Rate iPhone 5s Security
Hackers, here is an attack that works:
1- Take a piece of tape
2- Place it on the iPhone button, and take the fingerprint
3- Send it to a 3D printer and print if on silicon
4- Use the silicon finger for access
greatdott!
50%
50%
greatdott!,
User Rank: Apprentice
9/13/2013 | 9:57:27 PM
re: Apple Hackers Rate iPhone 5s Security
Is the fingerprint scanner additive to a passcode in an Exchange EAS environment, or entirely incompatible? That is, can a user also employ the scanner if she is already using an Exchange EAS-compatible passcode?

Your unnamed "network operations specialist"'s quote suggests full incompatibility: "'... the fingerprint reader is not compatible with Exchange EAS,' he said."
David F. Carr
50%
50%
David F. Carr,
User Rank: Author
9/13/2013 | 7:13:24 PM
re: Apple Hackers Rate iPhone 5s Security
Is using the fingerprint scanner optional? I wonder if consumers will trust the technology. I know my wife used to have trouble with the fingerprint scanners at Disney never reading her fingerprint the same way twice, making the tech less of a convenience.
Page 1 / 2   >   >>


2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
News
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
Slideshows
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
News
Northwestern Mutual CIO: Riding Out the Pandemic
Jessica Davis, Senior Editor, Enterprise Apps,  10/7/2020
Register for InformationWeek Newsletters
Video
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll