I just saw this article:
https://arstechnica.com/information-tec ... d-devices/
The system apparently use a stolen databases of fingerprint to attempt to hack into phones.
An interesting article on fingerprint reader hack
Re: An interesting article on fingerprint reader hack
Interesting, apparently Face ID can be hacked as well.
https://www.techrepublic.com/article/ap ... 0at%20risk.
https://www.techrepublic.com/article/ap ... 0at%20risk.
Fools think their own way is right, but the wise listen to others.
-
adamthesmythe
- Posts: 5356
- Joined: Mon Sep 22, 2014 4:47 pm
Re: An interesting article on fingerprint reader hack
Interesting, but not very interesting, because it requires that you (1) do something with bare chips and (2) wire something into the cell phone.
Re: An interesting article on fingerprint reader hack
Part of encryption is to prevent someone from accessing the content of your device should it be lost or stolen, so being able to bypass that without a large degree of investment is the problem.adamthesmythe wrote: ↑Wed May 24, 2023 6:34 pm Interesting, but not very interesting, because it requires that you (1) do something with bare chips and (2) wire something into the cell phone.
-
Doctor Rhythm
- Posts: 2144
- Joined: Mon Jan 22, 2018 2:55 am
Re: An interesting article on fingerprint reader hack
For me, this fortunately fits nicely into the Venn diagram of “things I don’t worry about” and “things that are non-actionable.” Article also said that iPhones were basically immune because:
The ability of BrutePrint to successfully hijack fingerprints stored on Android devices but not iPhones is the result of one simple design difference: iOS encrypts the data, and Android does not.
Also, seems the mitigation strategy (disabling biometrics) is at odds with last month’s freak out about shoulder-surfing iPhone users when they enter a passcode, stealing the phone, and changing iCloud credentials.
The ability of BrutePrint to successfully hijack fingerprints stored on Android devices but not iPhones is the result of one simple design difference: iOS encrypts the data, and Android does not.
Also, seems the mitigation strategy (disabling biometrics) is at odds with last month’s freak out about shoulder-surfing iPhone users when they enter a passcode, stealing the phone, and changing iCloud credentials.
Re: An interesting article on fingerprint reader hack
Like other article I posted, this is more of information so you can prepare and evaluate what the risk is to you. I rather that people see what vulnerability are there and then make the decision to just ignore it because it is an unlikely event than to no know it and get surprised.Doctor Rhythm wrote: ↑Thu May 25, 2023 6:10 pm For me, this fortunately fits nicely into the Venn diagram of “things I don’t worry about” and “things that are non-actionable.” Article also said that iPhones were basically immune because:
The ability of BrutePrint to successfully hijack fingerprints stored on Android devices but not iPhones is the result of one simple design difference: iOS encrypts the data, and Android does not.
Also, seems the mitigation strategy (disabling biometrics) is at odds with last month’s freak out about shoulder-surfing iPhone users when they enter a passcode, stealing the phone, and changing iCloud credentials.
My thought is that this vulnerability is low. I rarely get into a crowd situation and then socialize much. I am currently not concern about it. However, the cost of hacking equipment is rather low, so I will be keeping an eye out to see if hacking fingerprint reader become a thing.