Apple's Faceid -- a facial recognition tool that unlocks mobile devices -- has a countermeasure that is designed to prevent attackers from scanning an sleeping/unconscious (or dead) person's face to unlock their phone, by scanning the face for signs of consciousness.
These countermeasures have a weakness in how they perform proof-of-life checks on users who are wearing glasses: they seek out a white dot surrounded by a black area, and this can be spoofed just by putting the right combination of black and white tape on a pair of glasses and put them on your victim's face (presumably without waking them, assuming they are alive).
Researchers from Tencent demo'ed the attack at Black Hat last week and used it to unlock a phone and approve a cash transfer from the owner's Apple Pay account to their own.
The attack comes with obvious drawbacks – the victim must be unconscious, for one, and can’t wake up when the glasses are placed on their face. However, it does show the weaknesses behind the security and design of liveness detection and biometrics in general, researchers said.
In terms of mitigations, researchers suggested that biometrics manufacturers add identity authentication for native cameras and increase the weight of video and audio synthesis detection.
Biometrics Flaws Uncovered To Bypass Apple FaceID [Lindsey O'Donnell/Threatpost]
Infuriate your racist Facebook uncle this Thanksgiving with a Leopard RBG shirt.
It's hard to believe, but the latest installment of McMansion Hell's (previously) tour through the architectural monstrosities of America's tastleless elites is even better than the previous ones -- possibly that's because in this edition, editor/critic Kate Wagner is visiting Virginia's Fairfax and Loudoun Counties, these being affluent DC suburbs where beltway bandits and other […]
Earlier this year, Boing Boing favorite artist Darren Cullen (previously) and Gavin Grindon created a Museum of Neoliberalism in Brighton, England -- now, he's fundraising to open it up again in London for six months.
The more you use your computer, the more it becomes possible for others to use it too. Where there are anti-virus systems, there are hackers looking for a way to get around them. That’s why it’s important to get software that doesn’t just passively scout for viruses in the background. The folks behind GlassWire have […]
Knowledge is power. It’s a cliché, but sometimes things turn into a cliché because they’re true. If you’re making your way through the world of business and entrepreneurship, it only makes sense to read about the insights of people who have climbed that ladder before you. Trouble is, the modern workday doesn’t leave a lot […]
As much as some of us fear the loss of our jobs to robots, there’s one job we’re pretty sure they are welcome to: vacuuming. There’s nothing quite like kicking back and watching a robot vacuum do one of the most time-consuming tasks on the household chore list. And there are few ‘bots that do […]