Just days after making the iPhone 5S available to the public, a group of hackers claimed that they already broke the phone's Touch ID fingerprint scanner.
The Chaos Computer Club (CCC), a Berlin-based group of hackers, announced the successful hack of the fingerprint reader on the group's website on Sunday.
See also: NSA Contract With French Hacking Company Revealed
In their announcement, the group said that a hacker by the name of Starbug successfully broke Apple's new security authentication system, using laser printing to fake fingerprints, which he developed in 2004. He allegedly only had to make some adjustments.
"In reality, Apple's sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake," Starbug said in the announcement. "As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints."
The hackers detailed the process step by step.
First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.
The group also posted a YouTube video that shows someone unlocking the phone using a fake laser-printed fingerprint.
As the first alleged hackers of the Touch ID scanner, the CCC may be able to claim a crowd-sourced bounty of almost $20,000, a few bottles of booze and a pornographic book — a reward offered by a group of hackers and security researchers to the first person to successfully break Touch ID.
The de facto leaders of the challenge to hack the fingerprint reader, security researchers Nick Depetrillo and Robert David Graham, announced they were reviewing the CCC's claim and waiting for a video showing the entire process — from lifting the fingerprint to unlocking the phone with the fake fingerprint, per the contest's rules.
We are going slow because we want there to be no doubt in anybody's minds.
— Robert David Graham (@ErrataRob) September 22, 2013
The CCC has already contacted us. Once @ErrataRob and I receive a video documenting the entire process we will review and make a decision.
— NickDe (@nickdepetrillo) September 22, 2013
After the publication of the CCC's announcement and video, the website IsTouchIDHackedYet.com changed its header from "no" to "maybe."
Image: Mashable
অনলাইনে ছড়িয়ে ছিটিয়ে থাকা কথা গুলোকেই সহজে জানবার সুবিধার জন্য একত্রিত করে আমাদের কথা । এখানে সংগৃহিত কথা গুলোর সত্ব (copyright) সম্পূর্ণভাবে সোর্স সাইটের লেখকের এবং আমাদের কথাতে প্রতিটা কথাতেই সোর্স সাইটের রেফারেন্স লিংক উধৃত আছে ।