Mere days after Apple released the iPhone 5s, with its new “Touch ID” fingerprint identity sensor scanner, the Chaos Computer Club announced that it had “successfully bypassed the biometric security of Apple’s TouchID using easy everyday means”. But does this mean the fingerprint recognition technology is useless? We say not.
The fingerprint recognition technology is embedded directly into the home button – i.e. the fingerprint sensor is in the home button. As Apple explains, “Put your finger on the Home button, and just like that your iPhone unlocks. It’s a convenient and highly secure way to access your phone. Your fingerprint can also approve purchases from iTunes Store, the App Store, and the iBooks Store, so you don’t have to enter your password.”
Now the Chaos Computer Club (“CCC”), a hacker collective that has been around for over thirty years, and who describes themselves as both Europe’s largest, and “most influential”, hacker collective, says that they have cracked Apple’s fingerprint recognition technology, and that not only that, but that it was easy to do.
According to the CCC’s ‘Starburg’ (not his or her real name), “In reality, Apple’s sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake. As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.”
Indeed, all they needed was to find a fingerprint that the iPhone’s owner had left on glass. You know, glass like the screen of the iPhone.
From there, it was easy to recreate the fingerprint using regular household items (primarily a laser printer and some woodglue or latex milk).
Said the CCC’s spokesperson (yes, they have a real spokesperson!), Frank Rieger, “We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token. The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access.”
But hold on a minute. Putting aside their claims of “oppression and control” (did they not see Apple’s much-vaunted 1984 commercial, which shows Apple as the freer of those oppressed by Big Brother?), for many, if not most, people, the purpose of using the fingerprint ID scanner will be to keep their phone safe from the prying eyes of colleagues, kids, and other people in their workplace, homes, and social lives. And maybe the person who finds their phone when they leave it on a bus or in a restaurant.
These are not people who are worried that their phones are going to fall into the hands of criminals who will go through the trouble of making “fake fingers” to unlock their phones.
So, we say, go ahead and use the iPhone 5s’ fingerprint scanner.
Unless, of course, you have national security secrets on your phone.
|Get notified of new Internet Patrol articles!
You might also like some of our other articles: