24 November 2014

Dean Procter

Dean Procter - Transinteract

326 | posts 927,181 | views 466 | comments

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...

iPhone fingerprint scanner broken by Chaos

22 September 2013  |  3025 views  |  3

The new biometric security 'feature' if the Apple iPhone has already been breached using a simple photograph & common everyday items.

It took members of the renowned Chaos Computer Club the blink of an eye to defeat the iPhone 5s secured with TouchID.

Here is a short video. http://www.youtube.com/watch?v=HM8b8d8kSNQ

Bumometrics. You may as well send a photo of your ass, it is probably more 'secure'..

p.s. For obvious reasons I can't post my own bumometrics photo here but you can see a photo of my cute little one here... http://twitpic.com/b52u2g/full

TagsSecurityMobile & online

Comments: (7)

Alexander Peschkoff - TEDIPAY - London | 22 September, 2013, 23:33 Biometrics on iPhone was implemented mainly (as Step 1) for convenience, rather than military-grade security. PIN can be broken too, on iPhone or EMV card, with a sharp knife (held to throat), so what?..
Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Dean Procter - Transinteract - Sydney | 22 September, 2013, 23:41

"as Step 1) for convenience" <I wonder just how many 'steps' are planned for this 'convenience'.

as for not being 'military-grade security' <I wonder what grade of security it is supposed to be, 'kindy grade'?

The 'kindy grade' security 'smartphone'. Step 1 in Apple's post-Jobs smartphone dominance.

Fair call Alexander?

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Alexander Peschkoff - TEDIPAY - London | 22 September, 2013, 23:51 If someone is after a clean photo of your fingerprint (to be made with 2400 dpi resolution) to access your phone without your knowledge, then rest assured that you have bigger problems than having your bumometrics photos exposed :) Also, PIN can be broken via shoulder-surfing, if we are talking covert here. People still find PINs of use. Perhaps because 99% of them don't store anything on their phones that would be worth the hassle. Those who do, well, that's another story...
Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Dean Procter - Transinteract - Sydney | 23 September, 2013, 09:03

I don't know much about photography & printing but, for instance, the Canon PIXMA printers can print resolutions as high as 9600x2400 dpi. A 16 megapixel photo of a fingerprint on a glass taken with a macro lens....


...but I do assume some people are using their phones for payments or trading... isn't that 'worth the hassle'?

Obviously the iphone fingerprint thingy is a 'convenience' feature more than a 'security' feature. It doesn't solve the issue with mobile phones for even vaguely secure or private transactions.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Alexander Peschkoff - TEDIPAY - London | 23 September, 2013, 09:14 Why bother with fingerprint "cloning" if you can go after the leather wallet?.. Where iPhone is used for trading, how do you exploit that?
Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Dean Procter - Transinteract - Sydney | 24 September, 2013, 06:53

Re dealing on insecure mobiles, I only imagine that larger sums might be available for 'extraction'.

 

Cnet has published onfirmation Chaos Computer Club member Starbug's hack of the iphone 5s.

They don't show the bit with the printing onto the latex painted onto a sheet... but you get the idea.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Dean Procter - Transinteract - Sydney | 29 September, 2013, 14:13

Apparently all you need to fool the iphone fingerprint is a gang of friend's fingers instead.

Watch this Iranian video

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Dean

It makes perfect sense of course, to have a Plan

03 October 2013  |  2442 views  |  0  |  Recommends 0 TagsMobile & onlinePaymentsGroupInnovation in Financial Services

iPhone fingerprint scanner broken by Chaos

22 September 2013  |  3025 views  |  3  |  Recommends 0 TagsSecurityMobile & onlineGroupInformation Security

Did I mention, 'your dongle dongle is impotent'?

22 September 2013  |  2395 views  |  0  |  Recommends 0 TagsSecurityMobile & onlineGroupInformation Security

Thank you Andrew Haldane

31 October 2012  |  4646 views  |  0  |  Recommends 0 TagsRisk & regulationRetail bankingGroupWhatever...

NATO persecution update

06 July 2011  |  7879 views  |  0  |  Recommends 0 TagsSecurityGroupWhatever...
name

Dean Procter

job title

CEO

company name

Transinteract

member since

2008

location

Sydney

Summary profile See full profile »
Ubiquitous mobile phone based payments, ID, transaction authentication, mobile wallet and transpo...

Dean's expertise

Who is commenting on Dean's posts