iPhone5S TouchID – Hacked

The generous slew of pledged rewards go to Starbug of the Chaos Computer Club  from Germany.

Starbug of CCC Hacks iPhone5S Touch ID

Starbug of CCC Hacks iPhone5S Touch ID

A few days before Apple released the iPhone5S, security researchers Nick Depetrillo, Robert David Graham, et al. challenged other security researchers and hackers to hack Apple’s new security measure, Touch ID, a fingerprint sensor (here’s a link to that blog post if you want to read the details). The announcement was made on Twitter, with a guide line, and the rewards were pledged by various techies all over the world on a website.

The contest started when Apple released the iPhone 5S on September 20th. The hackers say the sensor for the Touch ID is identical to any other sensor. Bypassing the system can be done very easily with everyday tools. All you need is a camera, a laser printer, and some wood glue.

1. Enroll a fingerprint

2. Photograph the enrolled user’s fingerprint with 2400 dpi resolution

3. Clean up the image, invert, print the fingerprint on a transparent sheet with a thick toner setting, with 1200 dpi resolution

4. Smear woodglue over the print on the transparent sheet. Wait until the woodglue cures.

5. Lift the woodglue print carefully, breathe onto it to add moisture (just enough to replicate moisture on a human body)

6. Place print on the sensor and unlock the enrolled user’s iPhone 5S

Roboscan offers our congratulations to Starbug for successfully hacking Apple’s security method without cutting off any limbs or taking advantage of the user. How do you think this information will influence the future of security measure development?

Related Reading: http://gizmodo.com/hackers-iphone-5s-fingerprint-security-is-not-secure-1367817697

Advertisements

답글 남기기

아래 항목을 채우거나 오른쪽 아이콘 중 하나를 클릭하여 로그 인 하세요:

WordPress.com 로고

WordPress.com의 계정을 사용하여 댓글을 남깁니다. 로그아웃 / 변경 )

Twitter 사진

Twitter의 계정을 사용하여 댓글을 남깁니다. 로그아웃 / 변경 )

Facebook 사진

Facebook의 계정을 사용하여 댓글을 남깁니다. 로그아웃 / 변경 )

Google+ photo

Google+의 계정을 사용하여 댓글을 남깁니다. 로그아웃 / 변경 )

%s에 연결하는 중