{"id":2785,"date":"2017-01-22T15:48:51","date_gmt":"2017-01-22T22:48:51","guid":{"rendered":"http:\/\/mattfife.com\/?p=2785"},"modified":"2017-01-22T15:50:38","modified_gmt":"2017-01-22T22:50:38","slug":"fingerprints-are-not-security","status":"publish","type":"post","link":"https:\/\/mattfife.com\/?p=2785","title":{"rendered":"Fingerprints are not security"},"content":{"rendered":"<p>Jan Krissler, known in hacker circles as Starbug, was already known for his high-profile stunt of cracking Apple TouchID sensors within 24 hours of the iPhone 5S release. In this case, he used several easily taken close-range photos of German defense minister Ursula von der Leyen, including one gleaned from a press release issued by her own office and another he took himself from three meters away, to reverse-engineer her fingerprint and pass biometric scans.<\/p>\n<p>The same conference also demonstrated a \u201ccorneal keylogger\u201d. The idea behind the attack is simple. A hacker may have access to a user\u2019s phone camera, but not anything else. How to go from there to stealing all their passwords?<\/p>\n<p>One way, demonstrated on stage, is to read what they\u2019re typing by analyzing photographs of the reflections in their eyes. Smartphone cameras, even front-facing ones, are now high-resolution enough that such an attack is possible.<\/p>\n<p>\u201cBiometrics are not secrets\u2026 Ideally, they\u2019re unique to each individual, but that\u2019s not the same thing as being a secret.\u201d<\/p>\n<p><a href=\"https:\/\/www.theguardian.com\/technology\/2014\/dec\/30\/hacker-fakes-german-ministers-fingerprints-using-photos-of-her-hands\" target=\"_blank\">https:\/\/www.theguardian.com\/technology\/2014\/dec\/30\/hacker-fakes-german-ministers-fingerprints-using-photos-of-her-hands<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Jan Krissler, known in hacker circles as Starbug, was already known for his high-profile stunt of cracking Apple TouchID sensors within 24 hours of the iPhone 5S release. In this case, he used several easily taken close-range photos of German defense minister Ursula von der Leyen, including one gleaned from a press release issued by her own office and another he took himself from three meters away, to reverse-engineer her fingerprint and pass biometric scans. The same conference also demonstrated&#8230;<\/p>\n<p class=\"read-more\"><a class=\"btn btn-default\" href=\"https:\/\/mattfife.com\/?p=2785\"> Read More<span class=\"screen-reader-text\">  Read More<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":true,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[9,5],"tags":[],"class_list":["post-2785","post","type-post","status-publish","format-standard","hentry","category-cool","category-technical"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4WECr-IV","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts\/2785","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2785"}],"version-history":[{"count":3,"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts\/2785\/revisions"}],"predecessor-version":[{"id":2788,"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts\/2785\/revisions\/2788"}],"wp:attachment":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}