قالب وردپرس درنا توس
Home / Apple / You probably don't have to worry about this Face ID hack

You probably don't have to worry about this Face ID hack



Apple's biometric security ID on ID could be misused by using a pair of glasses with tape attached to them, Tencent security researchers have discovered. ThreatPost reports that the method is capable of tricking Face ID into believing someone's eyes are open, which means it can give hackers access to a locked iPhone while the owner is asleep.

However, the reality of the hacker means that it is unlikely to be of much practical use in a real context. A hacker literally has to place a pair of glasses on their target without noticing it, and then hold the phone in front of them. It would be much easier for someone to just force a target to look at their device, as one FBI agent did last year.

Tencent's discovery sheds an interesting light on how Apple's latest biometric security process works, however. The researchers realized that when a subject is wearing glasses, Face ID is only trying to look for 2D rather than 3D information from the eye area. It is then relatively easy to fake this 2D information with a black piece of tape with a white spot on it, which Face ID then mistakes for an open eye as part of the "vividness detection" mechanism. (You can see a photo of these so-called "X-Glasses" in the ThreatPosts report.) Since the rest of the face matches the iPhone & # 39; s biometric plate, the phone unlocks.

This is not the first time security researchers claim to have detected a Face ID vulnerability. Back in 201

7, Wired reported that Vietnamese research firm Bkav released a video showing them unlocking someone's phone using a complicated 2D eye silicone mask and paper printed. However, this method relies on the team having access to either detailed measurements or a digital scan of the face of their target, which is not easy to come by.

By contrast, Apple's previous biometric security method, Touch ID, was hacked within 24 hours of its first sale, and it relies on having only a single high-resolution photograph of a fingerprint left on a surface. The following year, a security researcher showed how they could use these techniques to construct a working model of the German Defense Minister's fingerprints using a high-resolution image of their hand. You can also, of course, just hold a target finger on the phone while sleeping – no glasses required.


Source link