Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Physical Access Not Required →

January 01, 2015 by Marc Handelman in All is Information, Computation, Cryptography, Data Security, Information Security, Physical Security, Security Conferences, Security Education, Security Tooling, Vulnerabilities

Physikalisch Zugriff Nicht Erforderlich

More interesting security slap and tickle at the Chaos Computer Club confab in Germany... This time, apparently the lack of physical access was not an impediment in the second well publicized defeat of Apple Inc.'s [NasdaqGS: AAPL]  TouchID. Jan Krissler, holding forth at the conference has detailed the steps taken to overcome the vaunted security of TouchID via a presentation entitled 'Gefahren von Kameras für (biometrische) Authentifizierungsverfahren [31c3] '.

'Krissler said he used commercially available software called VeriFinger to pull off the feat. The main source was a close-up picture of von der Leyen’s thumb, obtained during a news conference in October, along with photographs taken from different angles to get an image of the complete fingerprint.' - via Emil Protalinski writing at VentureBeat

 

January 01, 2015 /Marc Handelman
All is Information, Computation, Cryptography, Data Security, Information Security, Physical Security, Security Conferences, Security Education, Security Tooling, Vulnerabilities
  • Newer
  • Older