Apple Has a Lot of Bugs to Fix
The new Apple 5S has a fingerprint lock instead of their usual four digit passcode. This new feature is called “Touch ID.” Recently US Senator Al Franken called into question the safety of the product in a letter to Apple CEO Tim Cook.
“Passwords are secret and dynamic; fingerprints are public and permanent. . . and you leave them on everything you touch,” Sen. Franken says. “If hackers get a hold of your thumbprint, they could use it to identify and impersonate you for the rest of your life.”
He goes on to ask a series of questions about the safety of the fingerprint information, like how it is stored, if it is uploaded to a cloud, and whether or not it is or could be accessed by a third party. He also asks about the data from a legal stand point, questioning the government’s ability to access the information under laws like the American Intelligence Law and the USA Patriot Act.
Apple says their product goes deeper than just looking at the fingerprint but is actually looking for warmth and tissue. Obviously Apple isn’t a regular watcher of Mythbusters. This popular TV show has already busted the myth that fingerprint scanners cannot be hacked.
After the iPhone 5S was announced, several rewards for the first person to be able to hack Touch ID were posted on istouchidhackedyet.com. Currently, in the pot for the first hacker are several bottles of whiskey, an erotic book, and $15,000.
Sure enough, within a few days of its release the German Chaos Computer Club, CCC, appears to have successfully hacked Touch ID. They posted a step by step tutorial online and a YouTube video outlining exactly how they did it. They used a similar technique as in Mythbusters. The CCC used a high resolution camera to photograph a fingerprint on a glass surface, and then used the photo to create a false fingerprint that was used to open the iPhone.
Frank Rieger, the spokesperson of CCC said, “We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you canÂ´t change and that you leave everywhere every day as a security token.”
These are not the only flaws in iPhone’s new technologies. Forbes has reported two vulnerabilities in the iOS 7 software. One allows anyone to make calls by exploiting a flaw in the emergency call function. The other is a little more dramatic, allowing hackers to very simply bypass the lock screen to access photos, Twitter, and more.