The Chaos Computer Club's biometric hacking team has announced a successful attack on Apple's Iphone biometric fingerprint lock, using a variation on the traditional fingerprint-cloning technique. CCC's Starbug summarizes: "As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints."
The method follows the steps outlined in this how-to with materials that can be found in almost every household: First, the fingerprint of the enroled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.
"We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token", said Frank Rieger, spokesperson of the CCC. "The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access." Fingerprint biometrics in passports has been introduced in many countries despite the fact that by this global roll-out no security gain can be shown.
Chaos Computer Club breaks Apple TouchID
(via Hacker News)
As Theresa May continues to pilot the United Kingdom toward a catastrophic, epochal collision with the Brexit iceberg -- even as her ministers are busy slashing every available lifeboat -- Politics Joe have released a flat-out brilliant video casting the PM and her Minister for Ghastly Cosplay Jacob Rees-Mogg (that is, "Snoop Mogg") as the […]
Every 90 minutes, the office phones of all five FCC Commissioners rings and John Oliver's voice comes out of it, demanding that they take action on robocalls, reversing FCC Chairman (and former Verizon exec) Ajit Pai's policy of relying on carriers to self-police their anti-robocall measures, and heading off his plan to gut the existing, […]
Months of student strikes have roiled the UK as pupils across the country have refused to go to class while demanding action on climate change, inspired by Swedish student Greta Thunberg's one-person strike at the Swedish Parliament.
Big companies want automation on a big scale. Doing that means diving into the tricky world of machine learning and data science. And no matter what platform you’ll be implementing it on, you can learn how with the Machine Learning & Data Science Certification Training Bundle. In 48 hours and through eight courses, this bundle […]
Big systems need tight security – and the experts who can implement it. Cisco Networking Systems are the go-to providers for network infrastructure, but maintaining it takes a lot of up-to-date knowledge. If you want that knowledge right from the source, there’s an online course that can get you certified painlessly: The Foundational Cisco CCNA […]
Computer slowing down? There are a ton of reasons why that might be, especially if your unit has a few years on it. Junk files and programs can accumulate over time, some even left over from otherwise uninstalled software. This virtual debris can slow your PC down dramatically, but there’s a surprisingly quick fix. Lauded […]