Defeating Apple’s Touch ID: It’s easier than you may think

The hack using lifted fingerprints is easy; here's how you can make it harder.

Read the whole story

 

[ewelch]

The author does not give Apple sufficient credit when implying they would not be interested in making two-factor authentication an option. They did with iCloud. IF this proves to be a problem with people getting hacked, you can bet they will implement it. It would be a minor tweak to the Touch ID API.

Lots of people have pointed out the critically flawed video to begin with. The media for the fingerprint is transparent. How do we know it wasn't actually reading through the media and getting an actual fingerprint of the hacker? I think more scrutiny is justified before declaring this a "decisive" defeat of Touch ID.

A lot of this hand-wringing and hysterical headline writing is a bit premature and will only become a legitimate concern if someone comes up with a way to hack a phone in less time than a person takes to figure their phone is missing and wiping it. And anyone who can wipe it using the tools in iCloud who has a tiny bit of savvy is going to have already set up the two-factor security setup for unbricking a bricked phone in this process.

 

[ewelch]

kruzes[/url]":1n75yf9m]

ewelch[/url]":1n75yf9m]The author does not give Apple sufficient credit when implying they would not be interested in making two-factor authentication an option. They did with iCloud.

They did for how many countries? Why is two-factor authentication even a country specific thing?

I don't live in "many countries." All I know is where I live, where two factor authentication is encouraged by Apple for iCloud users. Anyone want to give us more than innuendo that Apple does not choose to do it anywhere else for reasons other than local laws? (For example music, movies, books and apps in iTunes varies from country to country because of local laws and media company rules.)