Jump to content

So I hear there's a new iPhone out

Davey Boy 2.0

Recommended Posts

Senator asks if FBI can get iPhone 5S fingerprint data via Patriot Act

Since Sen. Al Franken (D-MN) arrived in the United States Senate, he’s become the chairman of the Senate Judiciary Subcommittee on Privacy, Technology and the Law. He’s made it his mission to raise questions about tech issues that he feels are improper, unjust, or just downright questionable.

The debut of the new iPhones 5S, replete with a fingerprint reader, has now also gotten Franken’s attention. On Thursday, the Minnesota senator published a letter to Apple CEO Tim Cook, raising questions about the logic in making fingerprint readers more mainstream.

"Passwords are secret and dynamic; fingerprints are public and permanent," wrote Sen. Franken. "If you don't tell anyone your password, no one will know what it is. If someone hacks your password, you can change it—as many times as you want. You can't change your fingerprints. You have only ten of them. And you leave them on everything you touch; they are definitely not a secret. What's more, a password doesn't uniquely identify its owner—a fingerprint does. Let me put it this way: if hackers get a hold of your thumbprint, they could use it to identify and impersonate you for the rest of your life."

He's certainly not the only one that has questions: a number of people have put in over $16,000 in bounty money, booze, and a "dirty sex book" as an incentive for hackers to break Touch ID.

He also has specific questions for Cupertino:

(1) Is it possible to convert locally stored fingerprint data into a digital or visual format that can be used by third parties?

(2) Is it possible to extract and obtain fingerprint data from an iPhone? If so, can this be done remotely, or with physical access to the device?...

(10) Under American intelligence law, the Federal Bureau of Investigation can seek an order requiring the production of "any tangible thing (including books, records, papers, documents, and other items)" if they are deemed relevant to certain foreign intelligence investigations. See 50 U.S.C. § 1861. Does Apple consider fingerprint data to be "tangible things" as defined in the USA Patriot Act?

The last question is germane to recent discussions of law enforcement and national security overreach. But given that the iPhone doesn't store fingerprint data in the cloud, the PATRIOT Act shouldn't come into play.

Fingerprints as passwords: New iPhone Touch ID gets mixed security verdict

Link to comment
Share on other sites

Guest Low Roller

Nobody had a problem with fingerprint scanners to log into your laptop. The only reason I can think that this has become an issue now with the iPhone is because the world is increasingly paranoid of a Big Brother society.

Well played terrorists. Well played.

Link to comment
Share on other sites

Paranoid? Seems to me those fears were confirmed by the documents showing the NSA was indeed spying on not only US citizens, but also foreign citizens (Canada, Mexico for example), as well their own family members, girl/boy friends, business partners, NYC UN offices, domestic corporations & banks etc. It's be proven the NSA not only spies but also has files on ordinary folks with absolutely no ties to terrorism, nor criminal activity even.

As for the laptops, I recall pretty much the same reaction, and have read a fair share of issue that arose from it, mainly related to identity theft and frauds. One doesn't have to look to hard to find it.

Personally, I'm not overly worried (concerned, yes) as I don't have a phone connected to the internet 24/7, nor do I do any, or keep any sensitive personal information online via my PC, social networking etc (eg: never use my CC, nor bank or pay bills online for example), but willingly offering your fingerprints up for grabs to hackers, the NSA or any other malicious group simply seems foolish to me. Especially considering teleco's in the US have come out and confirmed they have installed software that allows those gov't agencies unrestricted access to customers internet/phone data.

[edit to add]

Even here in Canada that deal is being made with gov't and ISPs/telecos. Thinking this won't, or doesn't get abused is naive at best.

Wireless firms agree to give Ottawa ability to monitor calls, phone data

Edited by Guest
Link to comment
Share on other sites

Apple iPhone fingerprint sensor hacked by Germany's Chaos Computer Club.

Biometrics are not safe, says famous hacker team who provide video showing how they could use a fake fingerprint to bypass phone's security lockscreen.

Germany's Chaos Computer Club says it has cracked the protection around Apple's fingerprint sensor on its new iPhone 5S, just two days after the device went on sale worldwide.

In a post on their site, the group says that their biometric hacking team took a fingerprint of the user, photographed from a glass surface, and then created a "fake fingerprint" which could be put onto a thin film and used with a real finger to unlock the phone.

The claim, which is backed up with a video, will create concerns for businesses which see users intending to use the phone to access corporate accounts. While it requires physical access to the phone, and a clean print of one finger which is one of those used to unlock the phone, it raises the risk of a security breach.

Read more: http://www.theguardian.com/technology/2013/sep/22/apple-iphone-fingerprint-scanner-hacked

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...