Talking tech since 2003
App Store Apple CCC Chaos Computer Club fingerprint recognition hackers iPhone iPhone 5S NSA //security

iPhone 5s Fingerprint Scanner Cracked, Claim German Hackers

by Brian P. Rubin 2 min read

Seemingly on cue, a group claims to have hacked the fingerprint scanning security technology featured prominently by Apple’s new iPhone 5s. The device has only been on the market for a few days, so the surprising part of this news isn’t so much that it’s happened, but the speed with which it’s happened.

According to an article in The Telegraph, the crack comes courtesy of German hacking group Chaos Computer Club, or CCC. The article says that they took a high-resolution, 2400 DPI photograph of the iPhone 5s user’s fingerprint, inverted and digitally cleaned up the image, and then laser printed it at 1200 DPI on a transparency sheet. After a few low-tech tweaks involving smearing the printed image with “pink latex milk or white woodglue,” the image was breathed on to get it slightly moistened, and then placed on the sensor to unlock the phone.

The CCC’s Frank Rieger released a statement on what it did, and what it means for users wowed by the fingerprint scanning technology:

“We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token.”

The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access.”

This echoes the claims made last week by a German government security official, John Caspar, who’s quoted again in The Telegraph article:

“Relying on your fingerprints to secure a device may be okay for casual security – but you shouldn’t depend upon it if you have sensitive data you wish to protect.”

And that, of course, is the rub. Caspar and CCC are absolutely right: using a fingerprint, voice command, or other supposedly secure biometric to safeguard sensitive or important data is crazy if you’re in charge of international banks or if you’re a potential target of Robert Redford and Sydney Portier’s team of computer hackers:

But the important point that the CCC and Caspar ignore is that while relatively easy to pull off, the fingerprint spoofing that the CCC pulled off isn’t likely to be targeted against everyday iPhone users. For the most part, you’re still probably safe to use a fingerprint scanner on your phone to buy a few new Daft Punk tracks from iTunes. You shouldn’t be too worried about whether or not the creepy dude sitting next to you at the library is pulling your fingerprints when you get up to use the bathroom.

At the same time, it’s also important to note that this is a workaround pulled off within one week of the iPhone 5s hitting stores. That means that other, more elegant ways of duplicating fingerprints may be worked out before too long. In the end, never doubt the ingenuity of those who wouldn’t mind ripping you off. There’s no such thing as truly “secure.”

Read more posts by this author

Brian P. Rubin

Brian's been a writer-for-hire for the better part of ten years, creating content for Geek Magazine, Machinima, and even Hasbro's Trivial Pursuit. After living in New York for most of his life, he re

The link has been copied!
You've successfully subscribed to BestTechie
Welcome back! You've successfully signed in.
Great! You've successfully signed up.
Your link has expired
Success! Your account is fully activated, you now have access to all content.