Monday, September 23, 2013

Fingerprint Security Appears Risky on iPhone, and Elsewhere

Reason 1. - iPhone's fingerprint biometrics defeated, hackers claim.
Just one day after the new fingerprint-scanning Apple iPhone-5s was released to the public, hackers claimed to have defeated the new security mechanism. After their announcement on Saturday night, the Chaos Computer Club posted a video on YouTube which appears to show a user defeating Apple’s new TouchID security by using a replicated fingerprint. Apple has not yet commented on this matter, and, as far as I can tell, no third-party agency has publicly validated the video or the hacker group’s claim. In theory, the techniques used should not have defeated the sub-dermal analysis (analyzing three dimensional unique aspects of fingerprints rather than just two-dimensional surface images) that Apple was supposed to have used in its fingerprint scanner. (more)

Reason 2. - Mythbusters.

Reason 3. - When You're Busted.
Police can't compel you to spill your password, but they can compel you to give up your fingerprint.

"Take this hypothetical example coined by the Supreme Court: If the police demand that you give them the key to a lockbox that happens to contain incriminating evidence, turning over the key wouldn’t be testimonial if it’s just a physical act that doesn’t reveal anything you know.

However, if the police try to force you to divulge the combination to a wall safe, your response would reveal the contents of your mind — and so would implicate the Fifth Amendment. (If you’ve written down the combination on a piece of paper and the police demand that you give it to them, that may be a different story.)" (more)