Touch ID gets hacked again, this time in Germany

It looks like iPhone 5s Touch ID fingerprint sensor can’t afford to drop from the headlines. We have reported how it has been bypassed by a few hackers since its inception, and now a new group based in Berlin has discovered a bug in the 5s that they say will allow hackers to bypass the barrier that allows users to lock the device or wipe the data if the phone is stolen.

The group is known by the name ‘Security Research Labs’ and it consists of a team of security researchers. The method they point out begins with the Airplane mode, which gives a window of opportunity to criminals to reset the passwords and create fake fingerprints.

The group’s efforts were pointed out by Reuters:
“A German security company has uncovered a bug in the new iPhone’s software that it said enables hackers to overcome a safeguard allowing users to remotely wipe stolen or lost phones.

Berlin’s Security Research Labs, known as SRL, said on Thursday that the vulnerability could potentially give criminals time to break into the Apple Inc (AAPL.O) phones, gain complete control of data, access email accounts and then potentially take over the user’s bank accounts.

The research firm also said it has figured out an easier way to crack the iPhone fingerprint scanner than has been demonstrated thus far.”
Exploits have also been elaborate in couple of videos. The first one is:

This workaround falls in line with the one that was showed by Chaos Computer Club. Though it looks easy to perform, it requires a great level of skill and tools to manage. And if the phone gets stolen, criminals may learn these skills with time.

The second video shows how a criminal can bypass security after stealing the device:

The video indicates that any criminal who can get online may be able to get around the solution.

Apple is yet to comment, but these issues can cause a bigger problem if a future iOS firmware update doesn’t fix them.


blog comments powered by Disqus
Octofinder Blog Catalog