Apple TouchID has been foiled
September 23, 2013 9:55 PM   Subscribe

The biometrics hacking team of the Chaos Computer Club (CCC) has successfully bypassed the biometric security of Apple's TouchID using easy everyday means.

"A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID. This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided."
posted by Chocolate Pickle (112 comments total) 5 users marked this as a favorite
 
One more reason, besides pretty colors, just to go with the 5c.
posted by Drinky Die at 9:58 PM on September 23, 2013


Editorialize much?

This basically demonstrates that if you give someone physical access to your device for any length of time, they'll be able to get into it. It doesn't matter if you use retina scanning, passwords or a thumb print.
posted by empath at 10:00 PM on September 23, 2013 [1 favorite]


And also: First, the fingerprint of the enroled user is photographed with 2400 dpi resolution.

Yes. No shit. If someone has your fingerprint, they can access your device. Did anyone suspect otherwise?
posted by empath at 10:01 PM on September 23, 2013 [2 favorites]


Mod note: Added quotation marks to indicate post text is from the linked piece.
posted by LobsterMitten (staff) at 10:25 PM on September 23, 2013


Apple specifically claimed the capacitive sensor would be resistant to simple attacks like this.
posted by wierdo at 10:25 PM on September 23, 2013 [9 favorites]


Apple specifically claimed the capacitive sensor would be resistant to simple attacks like this.

I'd be more concerned if they lifted the print off the iphone itself. I highly doubt they'd be able to do this, though. They probably used a fingerprint done in ink.
posted by empath at 10:29 PM on September 23, 2013


Oh no, I guess I'll refrain from putting the nuclear codes in plain text in Notes then!

(What empath said.)
posted by lackutrol at 10:33 PM on September 23, 2013


You'd be surprised how clear fingerprints are at times. You leave so many that it's basically inevitable that a good one can be lifted from something. I could buy that the oleophobic coating on the screen might prevent a clean print from being lifted from the screen, but firstly, they wear off and secondly, does the back of the new iPhone have one?

It's not that the hack is surprising, it's not. What is surprising is how much Apple oversold the tech.

I should note the really disturbing thing for people who aren't already aware that fingerprint scanners are almost universally easily fooled has nothing to do with Apple at all. Some states let you replace a lost ID with nothing but your finger and a five dollar bill.
posted by wierdo at 10:34 PM on September 23, 2013 [3 favorites]


I'd be more concerned if they lifted the print off the iphone itself. I highly doubt they'd be able to do this, though. They probably used a fingerprint done in ink.

It specifically says a fingerprint lifted from glass.
posted by kafziel at 10:37 PM on September 23, 2013 [1 favorite]


Empath, the article actually says how they did it and also links to a how-to: you outline a latent fingerprint using powder, or superglue fumes. You photograph it, invert it, and print it out on a transparency. Then you lift the ink off the transparency using wood glue mixed with glycerin, which gives you a moist, flexible, fake fingerprint. They say they can take latent prints off any shiny surface - I presume an Iphone would have too many prints on it, but what do I know.
posted by Joe in Australia at 10:37 PM on September 23, 2013


You'd be surprised how clear fingerprints are at times. You leave so many that it's basically inevitable that a good one can be lifted from something. I could buy that the oleophobic coating on the screen might prevent a clean print from being lifted from the screen, but firstly, they wear off and secondly, does the back of the new iPhone have one?

I'm not trying to keep the CIA from getting to my phone, I'm trying to keep nosy houseguests away and have enough time to get home and remotely wipe the phone before a thief can get into my email.

I assume that if anybody has your phone for a couple of hours, they'll be able to get into it with a software hack. Your every day thief isn't going to go through the hassle of of lifting your fingerprint and making a copy to get into your phone. And the CIA/FBI/police, I assume, have other means at their disposal to break phone security.

Any 'hack' that requires the attacker to have your finger print, IMO, isn't really a hack at all. To me, a vulnerability would be if A) they could do this by lifting your print off the phone itself or B) they could break it without a copy of your fingerprint, or with a very poor copy of your fingerprint.
posted by empath at 10:40 PM on September 23, 2013 [5 favorites]


To me, a vulnerability would be if A) they could do this by lifting your print off the phone itself

Are the front and back of the 5s not made of glass anymore? Because, again, they specifically say lifted from glass.
posted by kafziel at 10:43 PM on September 23, 2013 [1 favorite]


The timeclock where I work uses a fingerprint scanner to verify that the person clocking in is actually the person clocking in.

It's shocking how often this process fails. Finger a bit dirty from working in a warehouse all day? Fail. Finger a bit oily from having a potato chip snack during lunch break? Fail. Stars not lined up and moon in the wrong phase? Fail.

One guy has had to renew his fingerprint in the system with a new finger basically once a month, and he still ends up typing in his passcode as verification about 1 time out of 4.

I haven't had much problems with the system personally. Well, except that during my jewelry manufacturing days, I picked up a freshly soldered ring without thinking several times and so the fingerprint on my right index finger is not as pronounced as it might be... I finally had to register into the system using my right middle finger.

There is an oddly satisfactory symbolism in using that finger to clock in and out every day.
posted by hippybear at 10:46 PM on September 23, 2013 [15 favorites]


Are the front and back of the 5s not made of glass anymore? Because, again, they specifically say lifted from glass.

True. But it seems reasonable to wonder why, if they could get a fingerprint from the phone that could be used to unlock it, they didn't decide to report doing so. After all, it would make for a much better headline.
posted by Going To Maine at 10:47 PM on September 23, 2013


It might be worth noting that the amount of effort required here seems to be significantly more than the effort required to pick a lock, and we're not all saying, "hey, locks are imperfect, it was stupid of the builder to even bother putting them on my house!"

Something is better than nothing, and no security is perfect.
posted by tylerkaraszewski at 10:47 PM on September 23, 2013 [20 favorites]


I thought the 5s was aluminium on the back, and plastic on the 5c?
posted by jacalata at 10:48 PM on September 23, 2013


Apparently you can register other body surfaces (quiet, you at the back there), although it's a bit more trouble. I would simply register a knuckle or something else that hasn't left a print on the screen and isn't likely to.
posted by George_Spiggott at 10:55 PM on September 23, 2013 [2 favorites]


(quiet, you at the back there)

Hey! I didn't even say anything. Yet.
posted by hippybear at 10:57 PM on September 23, 2013 [1 favorite]


tylerkaraszewski: "It might be worth noting that the amount of effort required here seems to be significantly more than the effort required to pick a lock, and we're not all saying, "hey, locks are imperfect, it was stupid of the builder to even bother putting them on my house!""

More like a builder deciding to use one of those electronic locks that you can open with an ink pen instead of using the deadbolts that everyone else uses that work reasonably well, although not by any means perfectly. And then touts it as a revolution in home security.
posted by wierdo at 10:59 PM on September 23, 2013 [3 favorites]


I'm guessing I'll be labeled an Apple defender, but I think calling this hack "easy" or "everyday" is more about making headlines and driving traffic than an accurate assessment. Here's what you need to have to hack it, via TUAW:

* A perfect print (on a reasonably flat and clean surface) from the correct finger needed to unlock the device.
* Superglue (which must be fumed to allow adherence to the print itself).
* A high-quality digital camera capable of capturing photos with 2400 dpi resolution.
* An image editing program to "clean up" the print and make it useable (and the knowhow to pull this off).
* A sheet of printable clear plastic.
* A printer that can both print in 1200 dpi and has a special "thick toner" setting.
* Liquid latex (or wood glue) along with a few drops of glycerine to smear over the printed image. You then have to breathe on the fake print to give it just enough moisture to be read.
* Oh, and you also need the phone itself, which you'll need to obtain without the target knowing (or they can remotely wipe the phone in an instant).


Also, if you enable the "automatic wipe on 10 failed TouchID attempts" they're screwed if they choose the wrong print or botch any of these steps.

Just as you can have a robot manually brute force all the passcode permutations, nothing is entirely secure, and I don't think an everyday thief would be able to pull this off before I made it home and remote wiped the phone.
posted by bluecore at 11:06 PM on September 23, 2013 [21 favorites]


More like a builder deciding to use one of those electronic locks that you can open with an ink pen instead of using the deadbolts that everyone else uses that work reasonably well, although not by any means perfectly. And then touts it as a revolution in home security.

How long do you think it takes to perform this 'hack'? Compared to just downloading any of the many passcode bypass hacks?
posted by empath at 11:06 PM on September 23, 2013


I've heard that hackers can defeat those Android pattern passwords with nothing more than a glance over someone's shoulder! Also, some phones have a 'swipe to unlock' that even 'n00bs' can defeat merely by following the instructions!
posted by Pyry at 11:07 PM on September 23, 2013 [6 favorites]


Oh no, I guess I'll refrain from putting the nuclear codes in plain text in Notes then!

The thing that should be worrying all smartphone owners is that getting past the lock screen generally means email access without further password prompts, which means an unlocked phone is pretty much a skeleton key to every single online account they own. People should be legitimately worried about this sort of compromise if the ID theft food-chain figures out a way to copy a fingerprint from the phone's body quicker than it takes for someone to notice their phone is lost/stolen and issue a remote wipe.
posted by rh at 11:07 PM on September 23, 2013 [2 favorites]


People should be legitimately worried about this sort of compromise if the ID theft food-chain figures out a way to copy a fingerprint from the phone's body quicker than it takes for someone to notice their phone is lost/stolen and issue a remote wipe.

That's true, but maybe we should save the panic until that occurs.

Also, to quote Ars Technica: A "Touch ID sensor" for reading fingerprints is embedded in the home button and can be used to unlock your phone in addition to the traditional software passcodes.

So, I'd assume that if/when such a hack is announced, you can just disable the fingerprint thing and go back to the good ol' passcode.
posted by Going To Maine at 11:11 PM on September 23, 2013 [2 favorites]


bluecore, the initial or reference exploit of a vulnerability is usually pretty arduous like that. But once it's out someone, or more often several someones, develops a shortcut or a refinement that anyone can do with far less effort.

Pyry, the problem is the illusion of security. You'd have to be pretty dim to keep critical secrets secured only by a swipe to unlock. But a reasonable person might imagine that a biometric lock is secure enough to trust, which is why revealing this sort of exploit as soon as it's found is important.

That's true, but maybe we should save the panic until that occurs.

The time to advise people of potential threats is preferably before it happens rather than after. And what panic are you referring to?
posted by George_Spiggott at 11:13 PM on September 23, 2013


It's fair, panic was not the right term. kafziel's comment read as falling in the "game over, Apple" category, and it didn't really seem like we had come to that point.
posted by Going To Maine at 11:21 PM on September 23, 2013


I do not believe there is any lock screen system available today on a consumer phone that will provide more than token resistance to a determined adversary with physical access to the phone. These lock screens exist to keep out casual snoopers, not tech ninjas.
posted by Pyry at 11:23 PM on September 23, 2013 [3 favorites]


Yeah, this is a big embarrassment for apple. I can't help but imagine Steve Jobs wouldn't have failed to notice that you actually leave the goddamn key all over the device, but that's just imagination.

Still, I will probably end up using it anyway. It annoys me having to type in a code every time, and there seem to be ways to use it that are reasonably safe. Even ones that don't involve dropping trou. Though I understand wrinkled surfaces are ideal...
posted by George_Spiggott at 11:24 PM on September 23, 2013


I'm with empath here, and with most of the actually-do-security-for-a-living people I've heard comment on this issue.

The fingerprint thing isn't meant to be perfect security; it's meant to be better-than-no-security, since "no security" is typically what people choose over the inconvenience of having to type a passcode every time they want to text or tweet or snap a photo. In that context, it's quite good; it relies on something you'd be doing anyway (touching the home button with a finger) to add a "something you have" factor to the process.

And yes, there are undoubtedly ways for sufficiently motivated and knowledgeable people to bypass it, but that's not exactly what it's for. Most phone thefts are not people who want to get at your bank account, they're people who want to sell your phone. Making that slightly more inconvenient is a win, especially when coupled with the ability to remotely wipe and lock the device such that a software hack would be required to make it usable again. And the people who are sufficiently motivated/knowledgeable likely already have other ways to get into the phone if they decide to target you.
posted by ubernostrum at 11:31 PM on September 23, 2013 [4 favorites]


George_Spiggott: "bluecore, the initial or reference exploit of a vulnerability is usually pretty arduous like that. But once it's out someone, or more often several someones, develops a shortcut or a refinement that anyone can do with far less effort. "

...But that hasn't happened. If we're going to worry about every exploit that might happen in the future, that's a pretty long list. I mean, there are robots that manually brute force passcodes. Has there been an epidemic of street gangs using robots to hack passcodes because a shortcut's been refined? I think the bigger problem here is that, according to Apple, roughly half of iPhone users don't use any passcode at all, so TouchID makes it easier for them to do that and it provides a reasonable amount of security from thieves or snooping eyes.
posted by bluecore at 11:34 PM on September 23, 2013


I'm guessing I'll be labeled an Apple defender, but I think calling this hack "easy" or "everyday" is more about making headlines and driving traffic than an accurate assessment.

That degree of sensationalism probably sums up most tech reporting, these days, but it's particularly galling since, as you note, you have to do much to break into the device that just isn't really feasible for most thieves, and the NSA will get your data through the telcos, anyway.
posted by Blazecock Pileon at 11:37 PM on September 23, 2013


I'm puzzled by the objections to the reporting; this is really good information and the fact that it's being widely reported serves the public interest. I've no doubt it's being sensationalized -- half the news sources out there will sensationalize the angle of Justin Bieber's hat, so a spoil of the hottest consumer item of the year is hardly going to be neglected in that respect. But the top-linked article is anything but sensationalized, and this bit is the money quote:
"We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token"
I can see few negatives in a hot story that puts this fact in front of as many people as possible.
posted by George_Spiggott at 11:43 PM on September 23, 2013 [4 favorites]


I think the response is largely due to the fact that the attacker people expect to steal their phone is some dude who has a gun and jacks you at the corner, or some guy who who finds the phone that you lost. This attack doesn't seem exploitable by them, and the mismatch between the perceived threat and the one being invoked feels frustrating. Ars has some good coverage.
posted by Going To Maine at 11:49 PM on September 23, 2013 [1 favorite]


"We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token"

The objection is that it's not stupid, and it's not meant to be used as a bullet-proof security measure. It is impossible to perfectly secure a device to which an attacker has physical access. The goal of these sorts of things is to make the effort required to unlock the device more effort than it is worth. If it takes more than an hour to break into the thing, then that is enough time to wipe it remotely. As far as I'm concerned, that is a successful security system for a cellphone. You should not be running your drug empire, anarchist revolution or national intelligence system on an iPhone-- passcode, fingerprint, or not.
posted by empath at 12:00 AM on September 24, 2013 [1 favorite]


Ah, yes--we're at the next part of the Apple News Cycle. A record number of phones sold in the first couple of days since the release, so all the tech journalists have to put away their "Apple is doomed" and "New iPhone disappoints" stories and break out the "Bugs in the New iPhone" stories. This bug is the worst bug in the history of computing. Apple is surely doomed now.
posted by TrialByMedia at 12:18 AM on September 24, 2013 [15 favorites]


I think the response is largely due to the fact

...this thread is pretty amazing. The vast majority of it is people defending a corporation like their personal feelings of self-worth were dependent upon it. It's creepy.

If a record number of phones have been sold, what possible consequence can this have for God Apple? And even if the hack is complicated, it's still a fair reminder for users of the new miracle-device to be careful. I am damn sure Apple's marketing department would rather you didn't think about that when you're considering a phone (ie, "it's pretty good security, but don't bet the house on it" isn't as sexy a sell as "it's the bestest, securiest security ever ever!"), so it's nice that someone is reminding us of that.

More information is better,. But blasphemy is blasphemy, I guess.
posted by maxwelton at 12:36 AM on September 24, 2013 [8 favorites]


The vast majority of it is people defending a corporation like their personal feelings of self-worth were dependent upon it.

I'm sorry, what? Apple didn't invent fingerprint scanning technology, and every fingerprint reader is susceptible to this sort of thing. I am sure there will be android devices that have it within the next year or so, and I'd defend the use of the technology for them as well.
posted by empath at 12:44 AM on September 24, 2013 [2 favorites]


We won't hear about this when Saint Samsung has the same issue, because it won't generate the pageviews that the classic Apple piss-take does. It's not that I have an emotional connection to Apple or anything--it's just that I'm sick of the tech press being a bunch of predictable hacks.
posted by TrialByMedia at 12:47 AM on September 24, 2013 [5 favorites]


If someone is motivated enough to go through this hack, it'll probably be easier for them just kidnap you and apply some rubber hose cryptanalysis.
posted by PenDevil at 12:56 AM on September 24, 2013 [9 favorites]


Oh, does anyone remember the end of the world a couple of years ago when it turned out that the iPhone 4's antenna experienced attenuation issues when you held it a certain way, just like (as it turned out) pretty much literally every other cell phone on the market, and then how Apple literally did nothing at all to the design of the phone that they only just stopped selling? Kind of odd how it suddenly stopped being a serious issue as soon as it was no longer a clickbait talking point.

"Easy everyday means" seems like kind of a weird way of describing something that requires "fumed superglue" (whatever that may be), a clear and quite high-resolution photograph of someone's fingerprint, Photoshop skill, and the means to print a latex fingerprint duplicate, unless you're looking to get readers all het up about the Next Big New Scandal that we'll all have forgotten about in eight weeks' time in favor of whatever yellow journalism is drawing pageviews by then.

It's like the news focusing on a plane almost crashing, killing dozens, instead of on the hundreds (thousands?) killed daily in cars. We never really see anything about the actual everyday security threats involving smartphones on big-name tech sites or the Blue, because that would mean we were being "biased," and we mustn't have that.
posted by DoctorFedora at 1:34 AM on September 24, 2013 [8 favorites]


We need a word or phrase for "security" that is analogous to "safer sex". Something that acknowledges that though total security is not possible the goal is nonetheless to move the ball closer to impossible.

It would be great if that word or phrase also communicated that different security situations require different levels of im/pregnability.

It might get us away from such asinine statements as:

"We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can't change and that you leave everywhere every day as a security token."

Asinine because surely, for the vast majority of iPhone users and iPhone use cases, biometric security is vastly superior to the current state: either a 4 digit code that can easily be gleaned by watching someone unlock their phone, or no security at all because typing that code in is damn inconvenient.
posted by wemayfreeze at 1:44 AM on September 24, 2013 [9 favorites]


There are hordes of zealots out there who will leap at any chance to denigrate Apple, because ... just because. This stunt is being hyped for that reason, it is food for Apple haters, some of them contributing to this thread.

No one, ever, claimed the technology was impregnable but, as level headed people have already observed, it is much better than what people do at the moment. Anyone with the resources and determination to carry out this kind of attack surely has quicker and easier means at their disposal.

In fact I do not believe the exploit actually occurred, it may be an example of how fingerprint sensors have been defeated but until it is replicated by reliable sources I do not believe that this what CCC have done to a 5S, just what they believe they could do. If I wanted to be as paranoid as the typical Apple hater, I might even suspect Samsung's hand in this, trying to take the shine off a new product launch by a major competitor.
posted by epo at 1:51 AM on September 24, 2013 [1 favorite]


There are hordes of zealots out there who will leap at any chance to denigrate Apple, because ... just because

Two reasons -- one, it's not just apple haters that read those articles. Apple fans will read them just to post about it on facebook saying 'look at these assholes'. Also, Apple is one of the largest companies in the world, and a lot of investors like to short it. You can tell when short positions get high because you get a whole bunch of stories in 2nd rate business journals about 'apple scandals'.
posted by empath at 2:01 AM on September 24, 2013 [3 favorites]


More information is better

I agree with this as a general principle, but it is clear that the editorializing behind this particular demo needs to be tempered by reality. End-of-the-world pronouncements don't help make things better, because after a while, reasonable people will stop listening to you and just use this technology anyway. Present the facts of the exploit — more importantly, show how this affects people in real-world use cases — and let them figure it out for themselves whether this is really as horrible as described.
posted by Blazecock Pileon at 2:11 AM on September 24, 2013


Bluecore wrote:
Here's what you need to have to hack it, via TUAW:
* A perfect print (on a reasonably flat and clean surface) from the correct finger needed to unlock the device.
Every iPhone comes with flat surfaces that are ideal for rendering fingerprints.
posted by Joe in Australia at 2:33 AM on September 24, 2013


Biometrics is fundamentally a technology designed for oppression and control

My eyes rolled so hard i might need surgery.

like, LHITERALLY HITLER GUIZ!

Ignoring the fact that this "easy" hack requires a bunch of prep, specific(although consumer grade/readily available) gear... I just really can't stand the attitude this is being presented with, and the tired hobbyhorsing displayed with that line which permeates the whole post.

This entire thing just feels like drummed up outrage to make some weird point about how either biometrics are evil, or as i've constantly been seeing on my facebook newsfeed, "this is just a trick by the NSA to get your fingerprints and track you maaaaann!"

It'll be news when the unlock system is getting fucked over like this, although this recent bug did remind me of this. Pretty much though, when it's something a skiddy can do in 5 minutes with stuff that fits in a backpack then it's a real concern. As it stands now, this is pretty much forensics level "hacking".

And it's still a hell of a lot better than a passcode when pretty much everyone has some stupid "5432" or even "4444" kind of shit. Or all the people who use their ATM pin as their passcode and the code for anything else that needs a numeric password...
posted by emptythought at 3:32 AM on September 24, 2013 [3 favorites]


The question is, can you lift a fingerprint from a tin foil hat???????
posted by HuronBob at 3:37 AM on September 24, 2013 [2 favorites]


bluecore: "Also, if you enable the "automatic wipe on 10 failed TouchID attempts" they're screwed if they choose the wrong print or botch any of these steps. "
Auto-wipe on repeated failed access sounds like a perfect way to let any random stranger (or toddler) kill your phone. Who came up with that genius idea?
posted by brokkr at 4:17 AM on September 24, 2013 [5 favorites]


This is SO stupid.

I don't use a passcode lock because it is too much effort compared to my low risk. I sometimes turn on a passcode when I travel, but sometimes I forget. When I have a phone with this new technology, I'll have much better security by default. That's what Apple was after.

It would be just as easy for Apple to enable multi-factor security if the tech was perfectly reliable, and I bet that eventually comes as an option for corporate users: you need both a thumbprint and a passcode.

TouchID has much more interesting implications, though. You can't be compelled by the cops to give up your passcode, but can you be compelled to put your thumb on the sensor? Some initial legal precedents indicate yes - only the contents of your head are protected by the 4th Amendment. That means going from pascode to TouchID might give you fewer legal protections...
posted by RedOrGreen at 4:23 AM on September 24, 2013 [2 favorites]


It's shocking how often this process fails.

Not to me! I have to get fingerprinted every so often for work and other renewing-of-access-control type things. I have eczema on my right hand and invariably these fingerprinting exercises happen in winter, so it takes forever for anyone to get readable prints off my right hand. I think I was in the security office for an hour last time.

I guess this means I can go committing crimes all day as long as I only use the first three fingers on my right hand to touch things.
posted by backseatpilot at 5:11 AM on September 24, 2013 [1 favorite]


Brokkr, wiping on repeated fails is pretty useful, it saves your phone from the average thief.

Your device backs up regularly to the iCloud and whenever it's near your computer, so restorations are pretty damn seamless these days.

As for the fingerprint scanner being cracked, it's a pretty high bar- Apple mentioned about 50% of users currently don't have any PIN code on their phone, so any reasonable person has to see this as a large leap in consumer security.
posted by Static Vagabond at 5:24 AM on September 24, 2013


Auto-wipe on repeated failed access sounds like a perfect way to let any random stranger (or toddler) kill your phone.

The phone's owner can just re-sync its settings and data from backups in iTunes or iCloud.
posted by nicwolff at 5:27 AM on September 24, 2013 [1 favorite]


Someone can trick the front door security on my iPhone and listen to all my lil wayne mixtapes? Oh shit, I better get a motorola startac that barely displays all the digits of a phone number I dial.

This reads a lot like the "if you have done nothing wrong, then you have nothing to hide" rationalizations that have cropped up a lot in the recent NSA threads. The truth is that some people do keep important things on their phones (like email) and CCC is performing an important public service by demonstrating that this vulnerability exists. Even if you're dismissive of the amount of effort required, at least you're able to make that assessment yourself because you know that this is an issue now.
posted by indubitable at 5:32 AM on September 24, 2013 [5 favorites]


Apple didn't invent fingerprint scanning technology, and every fingerprint reader is susceptible to this sort of thing.

While I absolutely agree with the statement, part of my interest in this hack is that the press/Apple was reporting the fingerprint scanning as super-awesome-impregnable.

For example, "The company also says it’s not possible to convert a fingerprint from a police file into something the phone will recognize, as the sensor reads a sub-epidermal layer of the finger. And the finger needs to be live — cutting off a thumb won’t work."

It is absolutely incrementally better than not having it. I personally, on my S3, use no password because it's not worth it given my use patterns. If I travel, I turn it on. If I had a fingerprint scanner, I'd use it. But I wish they hadn't framed it as this mythical perfect fingerprint scanner.
posted by Lemurrhea at 6:11 AM on September 24, 2013 [2 favorites]


Has it been definitely confirmed that this works and isn't just reading a registered fingerprint through the latex layer? Genuinely curious about this because that seems like a very real possibility for misunderstanding and/or deceptive practices, depending on the intentions of the person who made the video.
posted by DoctorFedora at 6:20 AM on September 24, 2013


Auto-wipe on repeated failed access sounds like a perfect way to let any random stranger (or toddler) kill your phone. Who came up with that genius idea?

The same person who made it not the default so people with toddlers don't have to use it?
posted by Tomorrowful at 6:26 AM on September 24, 2013


Every iPhone comes with flat surfaces that are ideal for rendering fingerprints.

Not judging by mine. It looks more like a Van Gough painting. Besides, I generally use the tip of my finger on the screen, while it looks like the scanner requires the flat of it to activate.
posted by ChurchHatesTucker at 6:27 AM on September 24, 2013


Think of this. According to this article

Less than 10% of people currently using their own tablets for work have auto-locking enabled.

People were more security-savvy about their smartphones, with 25 percent using auto-lock.

One third of laptop users have auto-locking enabled, whch means two thirds do not.

Auto-locking with password protection was enabled by less than half of laptop users, less than a third of smartphone users, and only one in 10 tablet users.


Given all that, anything that encourages users to add a passcode to their phone is going to improve their security. The iPhone 5S touch-to-unlock is so much easier than typing in a passphrase. That will encourage more people to password protect their phone.
posted by blob at 7:07 AM on September 24, 2013


Going To Maine: "This attack doesn't seem exploitable by them, and the mismatch between the perceived threat and the one being invoked feels frustrating. Ars has some good coverage."

Just don't read their 5s review if you actually want to see a review that takes the implications of the hack seriously. Firstly, the level of security of a thing is not an opinion, the level of security one is comfortable with is. Secondly, "some security is better than no security" is complete BS. In reality, a false sense of security is worse than no security. At least if you know you have a lack of security, you take steps to mitigate. If you don't know, you assume everything is OK.

empath: "If it takes more than an hour to break into the thing, then that is enough time to wipe it remotely."

Well, you know, as long as you can wipe it remotely because I didn't take the phone into the basement or put it in an anti static bag or something.

DoctorFedora: "It's like the news focusing on a plane almost crashing, killing dozens, instead of on the hundreds (thousands?) killed daily in cars. We never really see anything about the actual everyday security threats involving smartphones on big-name tech sites or the Blue, because that would mean we were being "biased," and we mustn't have that."

If your complaint is that Android vulnerabilities don't get reported and you link to reports on that subject, your argument may not be as strong as you think. That said, it's not a fucking competition. The topic isn't security vulnerabilities in Android. The topic is the new iPhone's fingerprint scanner which is not as secure as Apple led buyers to believe. I'm not really sure why some people are trying to make this Apple vs. Android. If you want to collect some links about Android security and write an FPP, be my guest. It could be interesting. In the here and now, it would be nice if people would stop taking the piss and derailing the discussion.
posted by wierdo at 8:00 AM on September 24, 2013 [1 favorite]


I was going to make a post on this today, but play up the bounty aspect a bit more. It was kinda cool to see the pot slowly grow over the weekend, then this dude pretended that he was going to donate $10K so he wound up on TV, etc. I mean, someone probably would have hacked this eventually, but it's kinda cool that a crowdsourced bounty acted as a catalyst.

My first thought is that this is the best type of hack possible. It's always funny to see people react with the "that's not really a hack" stance because it doesn't involve black magic and buffer overflows. Or better yet, "this would be cool if they had just pulled prints from the phone" - well, this meal is really good but if it were on a silver platter I'd actually enjoy it. If I will most certainly be attempting this hack once our company buys these new shiny toys for testing, considering the scarce alternatives for capturing data from iPhones.

From a security standpoint, this cuts both ways, so this is one of those great threads where EVERYONE has an opportunity to be right (except whoever it was who claimed you can just download iPhone passcode bypass software - you're just wrong or own a very old iPhone)! If you're part of the 50 percent of users who don't use a passcode, this is undoubtedly good, because you're going to have your phone locked on a regular basis. Your husband/teenager/neighbor can't snoop into your phone. Take a moment and be thankful those are your primary potential security adversaries. If you're part of the other 50 percent who already uses a passcode and you use this in addition to that (I'm assuming you can do that, right? I don't have an iPhone), you've also taken a step forward! But if you use this to replace your existing passcode, then that's probably a step backwards in terms of security.

Of course, this biometric unlocking feature is also pretty handy for law enforcement. Previously, you could refuse to divulge a passcode and you data was safe (assuming you've got an iPhone 4s or above). But try resisting when an officer puts your finger on the phone, and you'll probably end up with a broken finger. And with this latest hack, they don't even have to do that - once they have your prints (and if this method of creating false prints becomes more standardized), they can unlock your phone without your knowledge. (on a side note, this hack can potentially go even further by actually enrolling a custom mold as a finger and you carry the mold around, then surreptitiously drop/swallow it if arrested, but I digress)

The story here to me is that Apple touted this thing as unfuckwithable, and that lasted a weekend. My respect for Apple's encryption was previously at an all-time high, as even their iPhone 4S is still not easily broken by commercial software. Biometrics will never be a decent stand-alone security measure. It can be one part of multi-factor authentication in order to raise the bar a little, but because human biometric settings cannot be easily altered it will always be vulnerable to attack.
posted by antonymous at 8:13 AM on September 24, 2013 [4 favorites]


In reality, a false sense of security is worse than no security.

This is why I live in a bank vault and only drink rainwater.
posted by aspo at 8:17 AM on September 24, 2013 [1 favorite]


Auto-wipe on repeated failed access sounds like a perfect way to let any random stranger (or toddler) kill your phone. Who came up with that genius idea?

I've wiped my iPad something like ten times since June, because I installed the developer beta and things went wonky and I wound up with a brick a couple of times after Apple's servers decided, nah, we're tired of letting you get away with this. Then I wiped and restored a few times last week on the release of iOS 7, because the servers were slow and I wanted to know whether I could use a restore from my developer beta now that iOS 7 was available to all users.

Each time restore took approximately 5 minutes, and I then had all my settings, all my apps, all my data, back to what it was before. The only inconvenience was entering my password, which hey, if I had an iPhone 5s I could just do the finger thing instead. Accidental wipes aren't a big deal when your phone's set up to automatically back itself up once a day.
posted by Rory Marinich at 8:21 AM on September 24, 2013


If you're part of the other 50 percent who already uses a passcode and you use this in addition to that (I'm assuming you can do that, right? I don't have an iPhone), you've also taken a step forward! But if you use this to replace your existing passcode, then that's probably a step backwards in terms of security.

I also don't have one, but I believe it is either-or, you can't have a pass code and a fingerprint.
posted by jacalata at 8:29 AM on September 24, 2013


Security isn't perfect, film at 11. I'm probably going to get a 5S later this year (upgrading from a 4S) and this news doesn't change my calculus at all.

A friend of mine tweeted that if someone stole his phone and went to that kind of effort to get into it, they deserved what they got. I feel sort of the same way, except I expect that if someone steals my phone, they're less interested in an ID theft than in the physical value of my phone. Which is not to say I wouldn't wipe the phone from a distance, but really, who's going to pull this James Bond shit in the wild? Most people with iPhones don't have the sort of data on them that drives this kind of espionage, and let's face it, where your ID information is getting stolen from is online databases, where the effort per ID stolen is a lot lower than physically getting your phone and breaking fingerprint encryption with prosumer software and expertise.

I don't know whether it's better or worse security for your average use-case, but realistically I don't expect someone to try to get fingerprints from my phone to do this even if they have my phone. (And oh my god, looking at my screen, you're not getting a clean fingerprint from that. Ew, where's the glass cleaner?)
posted by immlass at 8:35 AM on September 24, 2013


As the TSA has confirmed, the illusion of security is more important for many people than security. As PRISM has proven, most people are certain they have nothing to hide.

As CCC took pains to point out, the shortcomings of today's biometrics are severe. As hackers continually point out, there are no secure computers. Yet.
posted by Twang at 8:54 AM on September 24, 2013


You can't be compelled by the cops to give up your passcode, but can you be compelled to put your thumb on the sensor? Some initial legal precedents indicate yes - only the contents of your head are protected by the 4th Amendment. That means going from pascode to TouchID might give you fewer legal protections...

Interesting point. Since you can register multiple fingerprints, it might be useful to be able to associate different actions with different fingerprints: right index: unlock, right pinky: wipe email, passwords, contacts, call history, browser history; left pinky: full erase.
posted by George_Spiggott at 9:06 AM on September 24, 2013 [2 favorites]


George_Spiggott: "Apparently you can register other body surfaces"

Finally, a reason to find the answer to that age old question: are scrotal wrinkle patterns dependent on ambient temperature?
posted by Hairy Lobster at 9:18 AM on September 24, 2013


jacalata, the Touch ID on the iPhone 5s requires a passcode. See http://support.apple.com/kb/HT5883

They work together; you can't use Touch ID unless you set a passcode.
posted by blob at 9:31 AM on September 24, 2013


It's not only that you need to be able to technically pull off this heist-level fingerprint fakery, but you need to do it before the original owner remotely locks it.

Then and only then do you get to buy movies on iTunes that will only be usable on my account.
posted by the jam at 9:47 AM on September 24, 2013 [1 favorite]


blob, the problem is you can't two-factor it by requiring a fingerprint and a passcode to unlock. Either factor will unlock the phone independently of the other, as I understand it. That would neatly sidestep the legal compulsion issue as well - the authorities could create a fake fingerprint from your booking prints (or compel you to unlock with biometrics), but they'd still get hung up on the passcode.

Me, I'm waiting for someone else to replicate the experiment. I have no reason to distrust the CCC, but it'd be nice to have independent verification.
posted by Kyol at 9:49 AM on September 24, 2013


As hackers continually point out, there are no secure computers. Yet.

In the eyes of the NSA, truly 'secure computers' would be something to prevent from happening at all, and if I interpret the US laws correctly from vague memory, the laws that limit levels of encryption can also apply to entire operating systems. Originally those laws were intended regulate international trade to keep heavy encryption tech out of the hands of other nations, which I suppose is a reasonable idea. However, it appears that the aim now is to turn the mass distribution of any security hardware or software that cannot be compromised by the government into something illegal.

Since the production and distribution of software and hardware is globalized, if one were to create something that is approaching the level of 'truly secure', one could be prosecuted (or for those outside of the US, experience 'extraordinary rendition') the moment it's distributed, as it could be argued that it is providing the illegal technology to countries under the original international trade law and compromising national security.

As an aside, it sure is a nice way for a government agency to collect fingerprint data on huge amounts of people, if those databases, which were created by people voluntarily submitting the data, were to be intercepted or just handed over to the government.

But hey, it's just a phone, right? It's not like it's a tracking device with a microphone containing biometrics and data on who you talk to, what you like to do on the internet, or anything like that...

I used to find the tin-foil-hat stuff both interesting and amusing, but over the last 15 years, those chuckles are slowly turning into 'whistling by the graveyard.'
posted by chambers at 9:55 AM on September 24, 2013


I don't understand, given the existence of user-facing cameras and face recognition software, why Apple even bothered with this.
posted by flabdablet at 9:56 AM on September 24, 2013


TouchID is new stuff, and sometimes it will fail. There is no way Apple is going to require it, and they'll provide backup access options (passcode) for when you have a wet finger or whatever.

Once it is properly debugged and has acceptable error rates (low enough false positives for security, low enough error rates to prevent frustration) Apple will probably allow it as part of two factor authentication - touch here and enter your password - but no way in hell are they going to require it any time soon.
posted by RedOrGreen at 9:59 AM on September 24, 2013


Facial recognition technology is trivially defeated by photographs that you can hold up to the camera. When we're talking about crappy front facing cellphone cameras, it really is trivial to circumvent face recognition.
posted by RedOrGreen at 10:00 AM on September 24, 2013 [2 favorites]


I don't understand, given the existence of user-facing cameras and face recognition software, why Apple even bothered with this.

All one would need to get past that is to put a picture of you on my phone, and hold it the right distance away. If you have a self pic on any social media site, it would be a key to your phone.
posted by chambers at 10:02 AM on September 24, 2013


The more I think about it, I think we need some sort of Douglas Adams-style existential security protocol, wherein you are cross-referenced on several factors - movement history, appearance, vacation memories, opinions on topics, the exact path between your bedroom and the closest bathroom in the house you grew up in, and some long-form Socratic arguments to recognize the correct patterns that match you.

There are only 2 problems with that system:

1) The phone would have to know everything about you, and with that, form an opinion of 'who you really are', which can be just psychologically traumatic, depending on the phone's opinion of you.

2) The verification procedure would take so long, that most of the time people would talk to the phone more than the people they were originally planning on talking to, and just say 'sod it', put the phone away and go down to the pub and see if anyone you know is there.
posted by chambers at 10:15 AM on September 24, 2013 [1 favorite]


Now that I think about it, if the alternate-finger trick were available it would become well known, and in a detention situation you'd probably be specifically instructed to use your thumb and and index fingers first, since few people would tie a wipe to a finger they're very likely to touch the button with routinely unless they were incredibly disciplined.
posted by George_Spiggott at 10:21 AM on September 24, 2013


blob, the problem is you can't two-factor it by requiring a fingerprint and a passcode to unlock. Either factor will unlock the phone independently of the other, as I understand it.

yea, this is what I meant. They require you to set a passcode so you're not locked out forever when you lose your finger in a chainsaw accident, but you can't set it up so that it asks for a fingerprint and passcode before unlocking.

So in fact, you're really doubling the attack surface here - any new attack to either passcodes or fingerprints will work on your phone.
posted by jacalata at 10:50 AM on September 24, 2013 [2 favorites]


This is not really an Apple-specific problem, this is a huge problem with using fingerprints as a replacement for credentials instead of something more like a password in general. Unlike a password, you leave your fingerprints everywhere you go and they are directly observable to someone who has physical access to you.

And more importantly, if someone ever gets access to your fingerprints, they have access to your fingerprints forever and you can never purposely change them to something else. When someone hacks your email account, step one is to change your password. If someone steals your fingerprint, step one is never use fingerprint security on anything again that that person could have access to. So if ATMs started using fingerprints and some hackers stole the master ATM database of all fingerprint data somehow (this happens all the time with normal passwords) and posted them publicly, no one in that database would ever be able to use that kind of fingerprint authentication system again because their credentials would be permanently compromised.
posted by burnmp3s at 11:07 AM on September 24, 2013 [2 favorites]


If you have a self pic on any social media site, it would be a key to your phone.

Sure, posting selfies is indeed leaving the keys to your phone lying around all over the place. But you're not, you know, attaching them to your phone.

The point that occurs to me is not that face recognition is particularly hard to work around, but that working around it has about the same degree of difficulty as will the routine faking of fingerprints once DIY fingerprint repro kits For Dummies start being offered for sale, which they surely will.

As security theatre measures go, face recognition seems pretty much on par with fingerprint recognition to me. I guess it's just too 2012.
posted by flabdablet at 11:08 AM on September 24, 2013


So in fact, you're really doubling the attack surface here - any new attack to either passcodes or fingerprints will work on your phone.

Only if security conscious people switch from PINs to TouchID. What I think is more likely is that people will switch from no security to TouchID.
posted by ChurchHatesTucker at 11:25 AM on September 24, 2013 [1 favorite]


My country is switching to fingerprint IDs for voting, it's already required for a driver's license, also for bank ATMs, should I be worried?
posted by Tom-B at 11:33 AM on September 24, 2013


The relevant question is, is [TouchID] more secure than a 4-digit password? Answer is still yes says Gruber.
posted by jacalata at 12:04 PM on September 24, 2013


Ars Techinica just released a longer video (vimeo) detailing the process used to fake the fingerprint.
posted by 1970s Antihero at 12:47 PM on September 24, 2013


There are hordes of zealots out there who will leap at any chance to denigrate Apple, because ... just because. This stunt is being hyped for that reason, it is food for Apple haters, some of them contributing to this thread.

These supposed "Apple haters'" comments were deleted? I don't see a single one. I see some zealotry in accusations of haters and the horrible "hater" argument, but not a single zealot leaping at any change to denigrate Apple in this thread.

Fuck, it's just an article on how something isn't what it's marketed as. Nothing more and nothing less. I wonder what it's like to live in a world where when you have cake in front of you without icing, you can just imagine it be have icing and presto, it has icing, as well as possibly a vendetta against cakes without icing in the first place, or something.
posted by juiceCake at 12:56 PM on September 24, 2013 [2 favorites]


Although I agree with Gruber in this case, he's not exactly know for being impartial.

Also, Apple made a big mistake by trumpeting how unhackable their fingerprint reader was. It's a great alternative to no security and for 99.999% of users it should be sufficient, and Apple's misrepresentation was just silly.
posted by aspo at 1:02 PM on September 24, 2013 [2 favorites]


All one would need to get past that is to put a picture of you on my phone, and hold it the right distance away. If you have a self pic on any social media site, it would be a key to your phone.

Indeed, the Android engineering team bragged about their Face Unlock feature being unbreakable back in 2011, and it was hacked shortly afterwards. Security is a tough problem to solve reliably.

In the meantime, I like the suggestion to use a pinky or other digit that is less likely to be copied from things you touch, and I'm hopeful that two-factor authentication (something you have—your finger—and something you know—a PIN) is just a minor patch revision or two away.
posted by Blazecock Pileon at 2:04 PM on September 24, 2013


Why I Hacked Apple’s TouchID, And Still Think It Is Awesome.

Practically, an attack is still a little bit in the realm of a John le Carré novel. It is certainly not something your average street thief would be able to do, and even then, they would have to get lucky. Don’t forget you only get five attempts before TouchID rejects all fingerprints requiring a PIN code to unlock it. However, let’s be clear, TouchID is unlikely to withstand a targeted attack.[...]

TouchID is not a “strong” security control. It is a “convenient” security control.

* Fingerprint security will protect your data from a street thief that grabs your phone.
* Fingerprint security will protect you in the event you drop/forget/misplace your phone.
* Fingerprint security could protect you against phishing attacks (if Apple allows it).

posted by RedOrGreen at 2:07 PM on September 24, 2013 [1 favorite]


juiceCake: "These supposed "Apple haters'" comments were deleted? I don't see a single one. "

I think you missed the key phrase "out there"... as in not necessarily on Metafilter. There definitely are groups of people in tech forums (eg: the comment threads of Gizmodo & Engadget articles) who have a visceral reaction to Apple products. Some of it goes back to the Windows vs Mac OS wars, some of them hate the "walled garden" aspect of the Apple world, some see Apple products as overpriced for the actual hardware specs you get, some see Apple users as tech naive and elitist at the same time. Some of it is probably just a natural balancing of Apple "fanboy" fawning on the other side, but arguably some news organizations do jump on any perceived negative against Apple and amplify it tenfold for the simple fact that it drives traffic to their website, so a problem with the iPhone antenna becomes "Antenna-gate!" Gizmodo in particular seems quick to jump on Apple problems, probably because they've been banned from Apple keynotes since they bought the lost/stolen iPhone prototype.

For the record, I've got a dumbphone, so I've got no horse in this race, I just personally think it's unfair to call a hack "easy" and "everyday" considering the amount of equipment, tech know-how, and time required to accomplish it.
posted by bluecore at 2:23 PM on September 24, 2013 [1 favorite]


Why I Hacked Apple’s TouchID, And Still Think It Is Awesome.

That post was so frustrating. Why DID he hack it? The only reference to that topic, his headline lead, is this one sentence at the very end.
posted by jacalata at 3:03 PM on September 24, 2013


So Apple is blameless here. Good to know.
posted by 922257033c4a0f3cecdbd819a46d626999d1af4a at 3:07 PM on September 24, 2013


There definitely are groups of people in tech forums ... who have a visceral reaction to Apple products.

Both sides really mess up the S/N ratio of discussions like this and it'd be nice if there were a clear way to moderate them out. Any new assertion of strong security is interesting and potentially valuable. There are people who take such assertions as a challenge, and we owe a lot to them. Their findings are also interesting and potentially valuable. The emotional crap is boring and wearying and gets in the way.
posted by George_Spiggott at 3:15 PM on September 24, 2013


The author is trying too hard:
Creating the fake fingerprint is arguably the hardest part and by no means “easy.” It is a lengthy process that takes several hours and uses over a thousand dollars worth of equipment including a high resolution camera and laser printer.
Check. A camera with macro mode. Or a scanner. And a laser printer; I see no reason why an inkjet wouldn't work, but whatever. So all it takes is the sort of equipment that most people have on their desk at home or at work. So now what do you do?
First of all, you have to photograph the print, remembering to preserve scale, maintain adequate resolution and ensure you don’t skew or distort the print.
Also, don't put your thumb in front of the lens, substitute a photo of your uncle wearing Bermuda shorts, or forget to press the shutter button.
Practically, an attack is still a little bit in the realm of a John le Carré novel. It is certainly not something your average street thief would be able to do [...]
Security by stupidity!
posted by Joe in Australia at 3:24 PM on September 24, 2013


For laypeople: An overview of two-factor authentication, how it is missing from the 5s TouchID setup, and why it is useful.
posted by Blazecock Pileon at 3:26 PM on September 24, 2013


The author is trying to hard:

And that's compared to the ever so slightly breathless reporting coming out that it's trivial? Perhaps the truth is somewhere in the middle? Remember, you only get five attempts, so there isn't a lot of room for trial and error in this whole process.
posted by Kyol at 3:51 PM on September 24, 2013


Kyol: "Remember, you only get five attempts, so there isn't a lot of room for trial and error in this whole process."

Which is why you test the technique on your own phone. ;)
posted by wierdo at 3:58 PM on September 24, 2013


Joe, perhaps you'd like to duplicate the process yourself before telling us that it's the specialist who actually did it himself and said it takes a thousand bucks' worth of equipment and several hours who's the one who's overselling the story, and not the "your fingerprint could be duplicated in seconds by a four year old using only things found in a standard stationery store" type breathless secondhand reporting?

(Yes, I do realize that I am exaggerating the reporting, but not as much as I wish I were)
posted by DoctorFedora at 5:30 PM on September 24, 2013 [1 favorite]


If it takes an expert and a grand of gear to do it today, it'll take a second grader and leftover gear just laying around to do it in two years....
posted by mikelieman at 7:44 PM on September 24, 2013


A grand of gear apparently = any camera plus any laser printer. It's not like you have to buy anything, except perhaps some wood glue and a transparency.
posted by Joe in Australia at 8:13 PM on September 24, 2013


Well hey, best of luck doing it yourself to disprove the people suggesting that maybe it's a bit overblown as a plausible threat.
posted by DoctorFedora at 9:13 PM on September 24, 2013 [1 favorite]


How many people with iPhones walk around with their phones all naked and vulnerable to easily liftable prints, though?

I mean, yes, the phone by itself is probably very easy to pick fingerprints off of, but everyone I know has their iPhone in a case because who wants to drop your ridiculously expensive phone and risk breaking it?

Would an Otter or LifeProof case be as easy to lift prints from? I don't think so (but maybe I am wrong about that).
posted by misha at 6:33 AM on September 25, 2013


Since this is the new Apple features thread, I might as well leave this here, too: The Niftiest IOS 7 feature you haven't found yet.
posted by misha at 6:33 AM on September 25, 2013 [3 favorites]


That's pretty rad! Thanks, misha!
posted by Blazecock Pileon at 1:02 PM on September 25, 2013 [1 favorite]


How many people with iPhones walk around with their phones all naked and vulnerable to easily liftable prints, though?

Everyone who just bought a gold one, probably.
posted by jacalata at 1:11 PM on September 25, 2013


So is this something generally exploitable in the real world? Are people getting caseless iPhones stolen and their prints lifted from the device? I'd be curious to see some numbers for how truly exploitable this would be for the caseless user subset.

Leaving aside the portion of iPhone users that have fingerprint-smearing cases around their phones, wouldn't nearly all the rest keep their caseless phone in their pockets, smearing fingerprints in-pocket?

This should be something that can be done in a reasonably empirical manner: do a random survey of 40 or so iPhone users, determine the extent to which they use cases. Look at the remainder of the devices and see how many of which have liftable, intact prints. Calculate risk statistics.

This data and analysis would be a useful complement to the exploit, insofar as it would indicate how much people should worry about this possibility and technical countermeasures for mitigating it (using a case, using alternative digits for recognition, etc.).
posted by Blazecock Pileon at 2:26 PM on September 25, 2013


I see them being used without cases all the time. In six years I've never used a case on an iPhone. They get a few scratches and nicks but it's hard to hurt the screen and that's all that matters.
posted by George_Spiggott at 2:31 PM on September 25, 2013


Tapping a screen might leave prints, but sweeping and pinch/stretch gestures would smear them. Putting a caseless phone in a pocket or bag would smear prints, as well, on all sides of the device. Some cases would be made of materials that do not hold prints; other cases would also be put into a pocket, sleeve or bag.

I'm not saying this is a hypothetical exploit, but as an anecdotal datapoint, I looked at the front and back of my current (caseless) phone, and it would seem to be hard to lift usable prints off either side. In theory, this should seem to be a quantifiable risk for the population of iPhone users, to help decide if this is a genuine concern or an (interesting) theoretical crack.
posted by Blazecock Pileon at 2:56 PM on September 25, 2013 [1 favorite]


The odds of being able to get a usable print of the requisite finger from any given phone do seem fairly low even if all the surfaces are suitable and the thief handled it very carefully with that in mind.

It seems a safe bet that even if the exploit process gets refined to the point where it's relatively quick and easy, that's not a serious risk scenario. We're really down to the subset of people who are interesting to more resourceful interests, like industrial spies and governments, and this trick -- being innately unreliable -- would be one of several in their arsenal. Such people should probably make sure their phone doesn't have anything really of great interest and sensitivity on it in the first place.
posted by George_Spiggott at 3:05 PM on September 25, 2013 [1 favorite]


Would an Otter or LifeProof case be as easy to lift prints from? I don't think so (but maybe I am wrong about that).

Yep, corrugated rubber seems like a crappy surface. Same with that textured but more smooth rubber. Or in my case, super scratched up plastic on what was once a "glossy" candyshell case.

As a counterpoint to the anecdata above, I live in Seattle where probably 8/10 people seem to have iPhones.(although they're mostly older models). I'd say I see maybe one or two a month not in a case. Seriously.
posted by emptythought at 6:18 PM on September 25, 2013 [1 favorite]


Having lost two phones to physical damage because I'm a klutz who enjoys beer, I buy cases now. I really am not a fan of them, but it has become a necessity.
posted by Drinky Die at 6:30 PM on September 25, 2013 [2 favorites]


And then when I finish the case of beer, I am more careful with my phone.
posted by Drinky Die at 12:30 AM on September 26, 2013 [2 favorites]


Drinky Die: "Having lost two phones to physical damage because I'm a klutz who enjoys beer, I buy cases now. I really am not a fan of them, but it has become a necessity"

Having dropped mine (with no case, ever) several times over the past year, including onto a number of tile and cement floors, I find myself paraphrasing that one squid researcher on the topic of octopuses: You cannot kill an iPhone 5, no matter how hard you try.
posted by DoctorFedora at 5:07 PM on September 29, 2013


« Older Why don’t you-all go and liberate the Indian...   |   Nobody wins. Newer »


This thread has been archived and is closed to new comments