5 votes

HACKED: iPhone 5s FingerPrint-ID 'Security' defeated by the German "Chaos Comp. Club" in Just 3 Days Since Apple's Hyped Launch!


http://youtu.be/HM8b8d8kSNQ

hacking iphone 5S touchID
Star Bug
Views: 415,536
Like 1,042 Dislike 215
Uploaded on Sep 22, 2013

How to fake fingerprints?
October 26, 2004 (starbug)

Chaos Computer Club breaks Apple TouchID
2013-09-21 22:04:00, frank

The biometrics hacking team of the Chaos Computer Club (CCC) has successfully bypassed the biometric security of Apple's TouchID using easy everyday means. A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID. This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided.

Apple had released the new iPhone with a fingerprint sensor that was supposedly much more secure than previous fingerprint technology. A lot of bogus speculation about the marvels of the new technology and how hard to defeat it supposedly is had dominated the international technology press for days.

"In reality, Apple's sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake", said the hacker with the nickname Starbug, who performed the critical experiments that led to the successful circumvention of the fingerprint locking. "As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints." [1]

The iPhone TouchID defeat has been documented in a short video.

The method follows the steps outlined in this how-to with materials that can be found in almost every household: First, the fingerprint of the enroled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.

*** Give Your New Apple iPhone 5S the only treatment it deserves:
.50BMG Incendiary Lather

Gold iPhone 5S shot with 50 Cal sniper rifle #ThroughGlass Google Glass

http://youtu.be/f0Hq_0URdbs
RatedRR
Published on Sep 20, 2013

Gold iPhone 5S vs 50 Cal #ThroughGlass Google Glass

iPhone 5s vs 50 cal - RatedRR Slow-Mo Torture Test

http://youtu.be/c_gEiU_FDxQ
RatedRR
Published on Sep 22, 2013

iPhone 5s vs 50 cal - RatedRR Slow-Mo Torture Test

*** How much easier, would it be for the NSA? Oh right: they already have a backdoor; they never have to worry about whatever 'new' security measures any manufacturers put out, since the TeleCommunications Act of 1996 (TCA) and Communications Assistance for Law Enforcement Act of 1994 (CLEA). [Notice how the bill that allows LE to tap into your phones passed BEFORE the 1996 TCA]

Just a reminder:

NSA Prism program taps in to user data of Apple, Google and others

The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.

• Top-secret Prism program claims direct access to servers of firms including Google, Apple and Facebook
• Companies deny any knowledge of program in operation since 2007
• Obama orders US to draw up overseas target list for cyber-attacks

Glenn Greenwald and Ewen MacAskill
The Guardian, Thursday 6 June 2013


PRiSM Slide Show: A Cooking Recipe? NOT!

The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.

The NSA access is part of a previously undisclosed program called Prism, which allows officials to collect material including search history, the content of emails, file transfers and live chats, the document says.

The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation – classified as top secret with no distribution to foreign allies – which was apparently used to train intelligence operatives on the capabilities of the program. The document claims "collection directly from the servers" of major US service providers.

iSpy: How the NSA Accesses Smartphone Data


The US intelligence agency NSA has been taking advantage of the smartphone boom. It has developed the ability to hack into iPhones, android devices and even the BlackBerry, previously believed to be particularly secure. Photo Gallery: Spying on Smartphones Photos

By Marcel Rosenbach, Laura Poitras and Holger Stark
September 09, 2013 – 12:25 PM

Michael Hayden has an interesting story to tell about the iPhone. He and his wife were in an Apple store in Virginia, Hayden, the former head of the United States National Security Agency (NSA), said at a conference in Washington recently. A salesman approached and raved about the iPhone, saying that there were already "400,000 apps" for the device. Hayden, amused, turned to his wife and quietly asked: "This kid doesn't know who I am, does he? Four-hundred-thousand apps means 400,000 possibilities for attacks."

Hayden was apparently exaggerating only slightly. According to internal NSA documents from the Edward Snowden archive that SPIEGEL has been granted access to, the US intelligence service doesn't just bug embassies and access data from undersea cables to gain information. The NSA is also extremely interested in that new form of communication which has experienced such breathtaking success in recent years: smartphones.

Timeline of NSA Domestic Spying

How the N.S.A. Cracked the Web
Matt Buchanan
New Yorker Mag.
September 7, 2013

Microsoft handed the NSA access to encrypted messages
Glenn Greenwald, Ewen MacAskill, Laura Poitras, Spencer Ackerman and Dominic Rushe
The Guardian
Thursday 11 July 2013

****************************************************************

UPDATE 1:

Sounds like The Judge presided over a couple of hacking/'wire-fraud' cases during his tenure at NJ Superior Court:


http://youtu.be/Ubgt7XpoAk0
selfownership1
Published on Sep 23, 2013

Air Date: Sept. 23rd

****************************************************************

UPDATE 2: Japanese News/Blog reports you can also use toes and...er, nipples...yes, NIPPLES to access your iPhone 5S, too.

iPhone 5s 乳首認証 (Touch ID can identify nipples)

http://youtu.be/4bG6cjaMZx0
RocketNews24
Views: 835,482
Published on Sep 20, 2013

The iPhone's fingerprint lock also works with toes and nipples. English: http://en.rocketnews24.com/2013/09/21/the-iphones-fingerprin...

iPhone 5sの指紋センサーは乳首の違いを認識できる
http://rocketnews24.com/2013/09/20/370967/

iPhone5sの指紋認証機能で足の指と鼻の頭を登録 (iPhone5s Touch ID)

http://youtu.be/HGf8D2qtCx4
RocketNews24
Published on Sep 20, 2013

The iPhone's fingerprint lock also works with toes and nipples. English: http://en.rocketnews24.com/2013/09/21/the-iphones-fingerprin...

iPhone 5sの指紋センサーは乳首の違いを認識できる
http://rocketnews24.com/2013/09/20/370967/

The iPhone’s fingerprint lock also works with toes and nipples

Master BlasterMaster Blaster 3 days ago
September 21, 2013


Probably the most intriguing feature of the new generation iPhone is its fingerprint authentication. Once recognized by the system, only the true user’s fingerprint will unlock the phone, rendering it impossible for anyone else operate.

However, registering a fingerprint has its drawbacks. Someone can easily press the phone against your finger while you sleep and have access to all your secrets. If you want maximum security, we recommend using your toe or nipple. They really work!

■ Toes can be registered

A toe is basically a finger on your foot so it stands to reason that the iPhone can detect a toe print as well. The phone detects your toe easily and anytime you need to use it. It works better than the finger because even when you’re sleeping who’s going to expect you to unlock your iPhone with your toe?

■ Nipples also register easily

Granted, unlocking your phone with your toe can be inconvenient for some when on the go. If that’s the case for you, we recommend registering your nipples with the iPhone. Be careful though, the iPhone vibrates a little when registering which may be uncomfortable or arousing depending who you are.



Trending on the Web

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

updated

UPDATE 2: Japanese News/Blog reports you can also use toes and...er, nipples...yes, NIPPLES to access your iPhone 5S, too.

iPhone 5s 乳首認証 (Touch ID can identify nipples)

http://youtu.be/4bG6cjaMZx0
RocketNews24
Views: 835,482
Published on Sep 20, 2013

The iPhone's fingerprint lock also works with toes and nipples. English: http://en.rocketnews24.com/2013/09/21/the-iphones-fingerprin...

iPhone 5sの指紋センサーは乳首の違いを認識できる
http://rocketnews24.com/2013/09/20/370967/

iPhone5sの指紋認証機能で足の指と鼻の頭を登録 (iPhone5s Touch ID)

http://youtu.be/HGf8D2qtCx4
RocketNews24
Published on Sep 20, 2013

The iPhone's fingerprint lock also works with toes and nipples. English: http://en.rocketnews24.com/2013/09/21/the-iphones-fingerprin...

iPhone 5sの指紋センサーは乳首の違いを認識できる
http://rocketnews24.com/2013/09/20/370967/

The iPhone’s fingerprint lock also works with toes and nipples

Master BlasterMaster Blaster 3 days ago
September 21, 2013


Probably the most intriguing feature of the new generation iPhone is its fingerprint authentication. Once recognized by the system, only the true user’s fingerprint will unlock the phone, rendering it impossible for anyone else operate.

However, registering a fingerprint has its drawbacks. Someone can easily press the phone against your finger while you sleep and have access to all your secrets. If you want maximum security, we recommend using your toe or nipple. They really work!

■ Toes can be registered

A toe is basically a finger on your foot so it stands to reason that the iPhone can detect a toe print as well. The phone detects your toe easily and anytime you need to use it. It works better than the finger because even when you’re sleeping who’s going to expect you to unlock your iPhone with your toe?

■ Nipples also register easily

Granted, unlocking your phone with your toe can be inconvenient for some when on the go. If that’s the case for you, we recommend registering your nipples with the iPhone. Be careful though, the iPhone vibrates a little when registering which may be uncomfortable or arousing depending who you are.

Predictions in due Time...
http://www.youtube.com/watch?v=zGDisyWkIBM

"Let it not be said that no one cared, that no one objected once it's realized that our liberties and wealth are in jeopardy." - Dr. Ronald Ernest Paul

If dudes like AnCap lived in

If dudes like AnCap lived in the 1870's he'd be railing against telegraph too I'm sure. After all, the State began tapping those almost immediately. Look, every advance in technology immediately gets hijacked by governments. We all oppose it and hate it but we have to choose whether or not the benefits outweigh the concerns and decide how much technology we wish to embrace and how much to stay away from.

An implanted microchip in myself, my wife, and daughter could have legitimate market and personal benefit, say in the case of abduction, etc. But the potential private benefits of such technology doesn't outweigh the obvious potential problems it poses so I would never do it.

Too each his own AnCap. You've made your choice and have made an argument to support it and that's fine. But your position that it's you who knows what's up and the rest of us who find joy and benefit in these products are mindless, brainwashed, hype-following zombies is just wrong.

If dudes like Revere'76 lived in

America in the year 2013, and were awake to all the current geopolitical developments, he'd be prioritizing when or about what he rages against, and in particular, when he does rail against something, I'd expect him to do so against actual things that those whom he accuses of, actually said or did. I'm sure! I'm certain of it!

Oh wait...

LOL

Why do you keep seeking my approval Revere? I don't have to like your choice of phone, or purchase-campout ritual to like or dislike you, no?

So what gives buddy?

Need a hug? Here: ((((((((((((((=0 o=)))))))))))))))

See, I squeezed you so tight, an oval collapsed into an sphere .D

Okay so, I read your reply on the other thread, as I was replying here; don't wanna be redundant, as I'm closing out my reply to you on this topic. So my reply to this, would be the same, as the other one:

We cool though

Well, if you do or did already get it, let me know how your new phone's treatin' ya. List pros and cons, over your previous iPhones, or vs. other smartphones you've used before.

Predictions in due Time...
http://www.youtube.com/watch?v=zGDisyWkIBM

"Let it not be said that no one cared, that no one objected once it's realized that our liberties and wealth are in jeopardy." - Dr. Ronald Ernest Paul

me and my dumb phone


I know... it's not NSA bullet proof..
but
I can turn off the GPS in my settings
I know..
they still can track it.
but
I just feel like I don't want to hand them a shoe horn
when they're cramming things up our a$$.
:)

updated

UPDATE 1:

Sounds like The Judge presided over a couple of hacking/'wire-fraud' cases during his tenure at NJ Superior Court:


http://youtu.be/Ubgt7XpoAk0
selfownership1
Published on Sep 23, 2013

Air Date: Sept. 23rd

Predictions in due Time...
http://www.youtube.com/watch?v=zGDisyWkIBM

"Let it not be said that no one cared, that no one objected once it's realized that our liberties and wealth are in jeopardy." - Dr. Ronald Ernest Paul

Can't tweet this story - title is too long.

You should post this story again with a simple, short title like 'iphone hacked', then edit it with a longer more descriptive title.

This will allow people like me to tweet the story and spread the word.

Assuming that you want this information to spread.

Defeat the panda-industrial complex

I am dusk icon. anagram me.

Chris, You can do the

honors: TinyURL.com

and I appoint thee in a non-coercive, open, voluntary 'decree' (should you agree to it) to be my editor, for the sole duration of this post, to re-word as you see fit, for maximum Twitter-ific...er -ness.

.D

Predictions in due Time...
http://www.youtube.com/watch?v=zGDisyWkIBM

"Let it not be said that no one cared, that no one objected once it's realized that our liberties and wealth are in jeopardy." - Dr. Ronald Ernest Paul

I know that and you know that.

But nobody else knows that.

Why don't you just do what I'm saying - post the thread with a short title then edit it with the longer title?

Then you wouldn't have to worry about this tinyurl nonsense.

Aren't you trying to get this info out?

Defeat the panda-industrial complex

I am dusk icon. anagram me.

"Why don't you just do what I'm saying"

because this isn't huffpo or redstate.

A signature used to be here!

This is about creating posting titles that are long and wordy...

yet still 'tweetable'.

You start with a short title then edit it to a longer title, allowing it to stay within Twitter's 140 character limit.

Defeat the panda-industrial complex

I am dusk icon. anagram me.

How are you tweeting the links?

All links (URLs) posted in Tweets are shortened using our t.co service.
https://support.twitter.com/articles/78124-posting-links-in-...

I just tried it long urls like the one for this post are automatically shortened. It's been that way for a while now.

I'm just clicking on the twitter icon at the top of the page...

It comes up with a red '-34' characters meaning it's 34 characters over the 140 limit.

Defeat the panda-industrial complex

I am dusk icon. anagram me.

Ah I see

The URL is being shortened but the tweet it composes for you has the full title + the URL, so even after the URL is shortened it can still be too long.

Does your suggestion of starting with a short title and then editing even work? The shortened URL will be the same length either way, and the tweet will have the longer post-editing title, so it might still end up being too long.

Sure it works! Here's an example:

http://www.dailypaul.com/300175/terms-and-conditions-may-apply

Defeat the panda-industrial complex

I am dusk icon. anagram me.

Nope, doesn't work

Your "long" title is 79 chars. The one here is 129 chars. The full text of the title (in your case, the post-editing title) is in the tweet.

The tweets in both cases are shortened to 12 chars. Also "via @dailypaul" is added, that's 15 more.

79+12+15 = 106

129 + 12 + 15 = 156

And I guess there are a couple of spaces added in there too that I didn't count but you get the point.

I just tweeted it.

It worked fine.

It came up like this:

Terms and Conditions May Apply 2013 Documentary Film Trailer & Sneak Preview http://www.dailypaul.com/300175/terms-and-conditions-may-apply via @dailypaul

and says there are 24 characters remaining.

Are there different versions of twitter running on this site?

Defeat the panda-industrial complex

I am dusk icon. anagram me.

What I mean is

your solution isn't a general solution. Your example works only because your title is actually not that long, a wimpy little 79 characters compared to the 129 characters of the article we're replying to here, a title you can tell someone put some real work into.

Try going back to your example that you think works, and make the title as long as the one for this article. Then try to tweet it. Instead of "Terms and Conditions May Apply - 2013 Documentary Film - Trailer & Sneak Preview" make it "VIDEO! Your immortal soul for a gamestation? 'Terms and Conditions May Apply' a '2013 Documentary Film' Trailer and Sneak Preview!"

Basically, the tweet is going to be about 29 characters (the shortened URL plus "via @dailypaul") PLUS the length of the title. If your title is over 111 characters or so, it's going to fail.

Perhaps the best solution is to suggest to the mods that if titles were restricted to 110 characters, more articles would get tweeted. Also there wouldn't be so many articles with silly long titles in the active forum topics.

so...

guess the 6th time, will also not be the charm, eh?

moving on.

Predictions in due Time...
http://www.youtube.com/watch?v=zGDisyWkIBM

"Let it not be said that no one cared, that no one objected once it's realized that our liberties and wealth are in jeopardy." - Dr. Ronald Ernest Paul

No suprise. It only takes a

No suprise. It only takes a couple days max before someone manages to crack hack break whatever into something. Anyone thinking otherwise is an idiot or a fool.

To climb the mountain, you must believe you can.

Indeed.

no such thing as 'security,' just security theater: be it govt terrorists, or NSA-collusive corporatist tech entities.

Predictions in due Time...
http://www.youtube.com/watch?v=zGDisyWkIBM

"Let it not be said that no one cared, that no one objected once it's realized that our liberties and wealth are in jeopardy." - Dr. Ronald Ernest Paul

Well basic security for the

Well basic security for the drive by stuff I would still not want to be without. Not much will protect you from someone who is bent on doing something though.

To climb the mountain, you must believe you can.