Chaos Computer Club breaks Apple TouchID

Posted in アップル, ハッキング, 指紋認証 by shiro on 2013年9月25日

Unlocking TouchID with fake fingerprint. | YouTube

Chaos Computer Club breaks Apple TouchID | CCC

Chaos Computer Club Bypasses Apple’s Touch ID System (With Copy of Original Fingerprint) | Mac Rumors

Chaos Computer Club hackers trick Apple’s TouchID security feature | Ars Technica

Here’s what you need to know about the Apple TouchID “hack” | GigaOM

@timbray Pre-Touch ID, your … | Twitter / gruber

Why I Hacked Apple’s TouchID, And Still Think It Is Awesome. | The Official Lookout Blog

Marc Rogers:

Touch ID is not a “strong” security control. It is a “convenient” security control. Today just over 50 percent of users have a PIN on their smartphones at all, and the number one reason people give for not using the PIN is that it’s inconvenient. TouchID is strong enough to protect users from casual or opportunistic attackers (with one concern I will cover later on) and it is substantially better than nothing.

On the Effective Security of Touch ID | Daring Fireball

Clearly Touch ID is better than no passcode at all — which Apple claims is how the majority of iPhone users (and smartphone owners in general) have their devices configured. Further, I think it’s better than a 4-digit PIN. It seems far easier to me to spy on someone entering their PIN than it would be to capture a high-resolution fingerprint (from their correct finger) and reproduce it in way that works to fool Touch ID.

(The new lock screen PIN entry UI in iOS 7 might even make it easier than before to snoop someone’s PIN.)

Bypassing TouchID was “no challenge at all,” hacker tells Ars | Ars Technica


コメント / トラックバック1件

Subscribe to comments with RSS.

  1. […] 偽造指紋によるハッキングを見ても Touch ID は鉄壁ではないようだ。今しばらく様子を見たい気がする。 […]