The Chaos Computer Club's biometric hacking team has announced a successful attack on Apple's Iphone biometric fingerprint lock, using a variation on the traditional fingerprint-cloning technique. CCC's Starbug summarizes: "As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints."
The method follows the steps outlined in this how-to with materials that can be found in almost every household: First, the fingerprint of the enroled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.
"We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token", said Frank Rieger, spokesperson of the CCC. "The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access." Fingerprint biometrics in passports has been introduced in many countries despite the fact that by this global roll-out no security gain can be shown.
Chaos Computer Club breaks Apple TouchID
(via Hacker News)
Businesses like Adobe Stock use large, visible watermarks to deter copyright infringement; a new paper presented by Google Researchers to the Computer Vision and Pattern Recognition shows that these watermarks can be reliably detected and undetectably erased by software.
CJ Hunt was at the neo-Nazi rally in Charlottesville when he spotted this young man in white supremacist uniform (white polo and khakis) running away from counterdemonstrators, then turning abruptly and stripping off while insisting that he was not really a Nazi and had just shown up for fun.
Jose writes, “I was offended by Trump’s speech to the Boy Scouts. It’s a slippery slope and seemed so reminiscent of the past. I synchronized Adolf to deliver Trump’s remarks to show how close we are to repeating the past. It’s an ode to Chaplin’s City Lights and The Great Dictator.”
The Pry.Me Bottle Opener holds tens of thousands of times its own weight, and you can pick one up now from the Boing Boing Store.This remarkable keychain is considerably smaller than any of your keys, but don’t let that fool you: it can easily open any bottle, and could even tow a trailer full of […]
Guaranteeing your privacy online goes way beyond checking the “Do Not Track” option in your browser’s settings. To ensure that your internet activity is totally hidden from Internet Service Providers, advertisers, and other prying eyes, take a look at Windscribe’s VPN protection. It usually costs $7.50 per month, but you can get a 3-year subscription […]
This project management bundle will help you get organized and learn how to lead a team to success. You can pay what you want for these five courses when you pick them up from the Boing Boing Store.To help you become an invaluable asset for your company, this bundle includes a curated collection of professional […]