Apple's Faceid -- a facial recognition tool that unlocks mobile devices -- has a countermeasure that is designed to prevent attackers from scanning an sleeping/unconscious (or dead) person's face to unlock their phone, by scanning the face for signs of consciousness.
These countermeasures have a weakness in how they perform proof-of-life checks on users who are wearing glasses: they seek out a white dot surrounded by a black area, and this can be spoofed just by putting the right combination of black and white tape on a pair of glasses and put them on your victim's face (presumably without waking them, assuming they are alive).
Researchers from Tencent demo'ed the attack at Black Hat last week and used it to unlock a phone and approve a cash transfer from the owner's Apple Pay account to their own.
The attack comes with obvious drawbacks – the victim must be unconscious, for one, and can’t wake up when the glasses are placed on their face. However, it does show the weaknesses behind the security and design of liveness detection and biometrics in general, researchers said.
In terms of mitigations, researchers suggested that biometrics manufacturers add identity authentication for native cameras and increase the weight of video and audio synthesis detection.
Biometrics Flaws Uncovered To Bypass Apple FaceID [Lindsey O'Donnell/Threatpost]
Anyone who’s ever gone to Burning Man is undoubtedly already familiar with the N95 mask, the particle filters that also protect from inhaling playa dust. And Burners are also familiar with “radical self expression.” So, it comes as no surprise that the happy mutants over at Burner-friendly Grassy Knoll Industries have taken it upon themselves […]
View this post on Instagram You don’t wanna miss *tomorrow’s post* it’ll be good. But for now this experimental piece inspired by John Cage. Been washing my hands so much in the basin—made me think of Water Music. My classic CR-78 and metal meets water. Our world, our habitat is a giant experiment! In geological […]
I have always been intrigued by the Gilbert U-238 Atomic Energy Lab Kit that was only sold for a year, starting in 1951. The kit included a Geiger counter, a Wilson cloud chamber, a spinthariscope, a electroscope, and a comic book in which Dagwood splits the atom. It also came with three sources of radiation […]
At this point, it’s every single person’s responsibility to reduce their own carbon footprint and transition to a more sustainable lifestyle. But if you consider the grim fact that the biggest culprit of greenhouse gas emissions from human activities in the U.S. is burning fossil fuels for electricity, things, like pivoting to metal straws and […]
Companies that don’t have their own in-house design teams (which means 99 percent of all companies these days) face lots of serious questions. Among those questions is how you keep up with all the design requirements of a 21st-century company without the personnel. It isn’t just a website or an annual product catalog anymore. It’s […]
In case you’re one of those computer shoppers who instinctively turns up their nose at the very mention of the word refurbished, here are a couple myths worth dispelling. Refurbished equals junk somebody didn’t want. While desktops, laptops, notebooks, Chromebooks and tablets marked as refurbished may have been unboxed at some point, meaning they can […]