23 April 2014

Dean Procter

Dean Procter - Transinteract

326 | posts 907,733 | views 466 | comments

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...

iPhone fingerprint scanner broken by Chaos

22 September 2013  |  2832 views  |  3

The new biometric security 'feature' if the Apple iPhone has already been breached using a simple photograph & common everyday items.

It took members of the renowned Chaos Computer Club the blink of an eye to defeat the iPhone 5s secured with TouchID.

Here is a short video. http://www.youtube.com/watch?v=HM8b8d8kSNQ

Bumometrics. You may as well send a photo of your ass, it is probably more 'secure'..

p.s. For obvious reasons I can't post my own bumometrics photo here but you can see a photo of my cute little one here... http://twitpic.com/b52u2g/full

TagsSecurityMobile & online

Comments: (7)

Alexander Peschkoff - TEDIPAY - London | 22 September, 2013, 23:33 Biometrics on iPhone was implemented mainly (as Step 1) for convenience, rather than military-grade security. PIN can be broken too, on iPhone or EMV card, with a sharp knife (held to throat), so what?..
Dean Procter - Transinteract - Sydney | 22 September, 2013, 23:41

"as Step 1) for convenience" <I wonder just how many 'steps' are planned for this 'convenience'.

as for not being 'military-grade security' <I wonder what grade of security it is supposed to be, 'kindy grade'?

The 'kindy grade' security 'smartphone'. Step 1 in Apple's post-Jobs smartphone dominance.

Fair call Alexander?

Alexander Peschkoff - TEDIPAY - London | 22 September, 2013, 23:51 If someone is after a clean photo of your fingerprint (to be made with 2400 dpi resolution) to access your phone without your knowledge, then rest assured that you have bigger problems than having your bumometrics photos exposed :) Also, PIN can be broken via shoulder-surfing, if we are talking covert here. People still find PINs of use. Perhaps because 99% of them don't store anything on their phones that would be worth the hassle. Those who do, well, that's another story...
Dean Procter - Transinteract - Sydney | 23 September, 2013, 09:03

I don't know much about photography & printing but, for instance, the Canon PIXMA printers can print resolutions as high as 9600x2400 dpi. A 16 megapixel photo of a fingerprint on a glass taken with a macro lens....


...but I do assume some people are using their phones for payments or trading... isn't that 'worth the hassle'?

Obviously the iphone fingerprint thingy is a 'convenience' feature more than a 'security' feature. It doesn't solve the issue with mobile phones for even vaguely secure or private transactions.

Alexander Peschkoff - TEDIPAY - London | 23 September, 2013, 09:14 Why bother with fingerprint "cloning" if you can go after the leather wallet?.. Where iPhone is used for trading, how do you exploit that?
Dean Procter - Transinteract - Sydney | 24 September, 2013, 06:53

Re dealing on insecure mobiles, I only imagine that larger sums might be available for 'extraction'.

 

Cnet has published onfirmation Chaos Computer Club member Starbug's hack of the iphone 5s.

They don't show the bit with the printing onto the latex painted onto a sheet... but you get the idea.

Dean Procter - Transinteract - Sydney | 29 September, 2013, 14:13

Apparently all you need to fool the iphone fingerprint is a gang of friend's fingers instead.

Watch this Iranian video

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Dean

It makes perfect sense of course, to have a Plan

03 October 2013  |  2246 views  |  0  |  Recommends 0 TagsMobile & onlinePaymentsGroupInnovation in Financial Services

iPhone fingerprint scanner broken by Chaos

22 September 2013  |  2832 views  |  3  |  Recommends 0 TagsSecurityMobile & onlineGroupInformation Security

Did I mention, 'your dongle dongle is impotent'?

22 September 2013  |  2275 views  |  0  |  Recommends 0 TagsSecurityMobile & onlineGroupInformation Security

Thank you Andrew Haldane

31 October 2012  |  4507 views  |  0  |  Recommends 0 TagsRisk & regulationRetail bankingGroupWhatever...

NATO persecution update

06 July 2011  |  7767 views  |  0  |  Recommends 0 TagsSecurityGroupWhatever...
name

Dean Procter

job title

CEO

company name

Transinteract

member since

2008

location

Sydney

Summary profile See full profile »
Ubiquitous mobile phone based payments, ID, transaction authentication, mobile wallet and transpo...

Dean's expertise

Who is commenting on Dean's posts

Alexander Peschkoff