Fooling Samsung Galaxy S8 Iris Recognition

We have a love-hate relationship with biometric ID. After all, it looks so cool when the hero in a sci-fi movie enters the restricted-access area after having his hand and iris scanned. But that’s about the best you can say about biometric security. It’s conceptually flawed in a bunch of ways, and nearly every implementation we’ve seen gets broken sooner or later.

Case in point: prolific anti-biometry hacker [starbug] and a group of friends at the Berlin CCC are able to authenticate to the “Samsung Pay” payment system through the iris scanner. The video, embedded below, shows you how: take a picture of the target’s eye, print it out, and hold it up to the phone. That was hard!

Sarcasm aside, the iris sensor uses IR to recognize patterns in your eye, so [starbug] and Co. had to use a camera with night vision mode.  A contact lens placed over the photo completes the illusion — we’re guessing it gets the reflections from room lighting right.  No etching fingerprint patterns into copper, no conductive gel — just a printout and a contact lens.

Continue reading “Fooling Samsung Galaxy S8 Iris Recognition”

Fundamentals of Fingerprint Scanning

Like most (if not all) Hackaday readers, I like to know how the technology I use works. I’m always amazed, for example, how many otherwise smart people have no idea how the cellphone network works other than “it’s a radio.” So now that I have two phones with fingerprint scanners on them, I decided I needed to know more about what’s going on in there.

Sure, I assumed the sensor was capacitive (but maybe not, I found out). Plus we all know some super glue, scotch tape, and gummy bears are all you need to fake one out. However, that’s been known for about 15 years and we are still seeing phones and other devices rolling out with the same scanners. So for now, put aside the debate about whether we should be using fingerprint scanners. Let’s talk about how those sensors work.

Continue reading “Fundamentals of Fingerprint Scanning”

Finger Print Scanners Really Aren’t That Secure

Maybe you suspected this already, but researchers at MSU Computer Science just published a paper explaining just how easy it is to spoof a fingerprint scanner with a ink-jet printed scan of a finger.

We’re not talking about casting a new finger using superglue or anything, but rather using conductive ink you can literally print — on paper. A paper-printed-fingerprint that will unlock your smartphone. We’ve already told you fingerprints suck for security, but hopefully this drives the point home.

[Kai Cao] and [Anil K Jain] released this paper (Direct PDF link) outlining their technique. Using an existing scan of a fingerprint (which can be taken from your phone’s scanner), the image is mirrored, and then printed using a regular ink-jet printer, with all of its color cartridges replaced with AgIC4 silver conductive ink.
Continue reading “Finger Print Scanners Really Aren’t That Secure”

Replacing The iPhone 6 Button Bricks The Phone

News comes from The Guardian that the iPhone 6 will break because of software updates due to non-authorized hardware replacements. Several thousand iPhone 6 users are claiming their phones have been bricked thanks to software updates if the home button – and the integrated TouchID fingerprint sensor – were replaced by non-Apple technicians.

For the last few iPhone generations, the TouchID fingerprint sensor has been integrated into the home button of every iPhone. This fingerprint sensor provides an additional layer of security for the iPhone, and like everything on smartphones, there is a thriving market of companies who will fix broken phones. If you walk into an Apple store, replacing the TouchID sensor will cost about $300. This part is available on Amazon for about $10, and anyone with a pentalobe screwdriver, spudger, and fine motor control can easily replace it. Doing so, however, will eventually brick the phone, as software updates render the device inoperable if the TouchID sensor is not authorized by Apple.

According to an Apple spokeswoman, the reason for the error 53 is because the fingerprint data is uniquely paired to the touch ID sensor found in the home button. If the TouchID sensor was substituted with a malicious TouchID sensor, complete and total access to the phone would be easy, providing a forehead-slapping security hole. Error 53 is just Apple’s way of detecting devices that were tampered with.

In fairness to Apple, not checking the authenticity of the touch ID would mean a huge security hole; if fingerprint data is the only thing keeping evil balaclava-wearing hackers out of your phone, simply replacing this sensor would grant them access. While this line of reasoning is valid, it’s also incredibly stupid: anyone can get around the TouchID fingerprint sensor with a laser printer and a bit of glue. If you ever get ahold of the German Defense Minister’s iPhone, the fingerprint sensor isn’t going to stop you.

This is a rare case where Apple are damned if they do, damned if they don’t. By not disabling the phone when the TouchID sensor is replaced, all iPhones are open to a gaping security hole that would send the Internet into a tizzy. By bricking each and every iPhone with a replacement TouchID sensor, Apple gets a customer support nightmare. That said, the $300 replacement cost for the TouchID sensor will get you a very nice Android phone that doesn’t have this problem.

Shmoocon 2016: GPUs and FPGAs to Better Detect Malware

One of the big problems in detecting malware is that there are so many different forms of the same malicious code. This problem of polymorphism is what led Rick Wesson to develop icewater, a clustering technique that identifies malware.

Presented at Shmoocon 2016, the icewater project is a new way to process and filter the vast number of samples one finds on the Internet. Processing 300,000 new samples a day to determine if they have polymorphic malware in them is a daunting task. The approach used here is to create a fingerprint from each binary sample by using a space-filling curve. Polymorphism will change a lot of the bits in each sample, but as with human fingerprints, patterns are still present in this binary fingerprints that indicate the sample is a variation on a previously known object.
Continue reading “Shmoocon 2016: GPUs and FPGAs to Better Detect Malware”

Fingerprint Scanner Both Simplifies And Complicates Opening Garage Door

Fringer Print Scanner Garage Door Opener

Opening a garage door by hand is a lot of work and a hassle, hence the advent of the garage door opener. Nowadays, some people may even say just pushing the button of a remote control requires too much effort. [nodcah] is one of those people so he came up with a fingerprint scanner that controls a pre-installed garage door opener. All kidding aside, it is a cool project that lets you into your garaage, keeps unknown people out and doesn’t require you to remember to carry a key or remote.

In the center of this project is an ATmega328 that runs a custom Arduino code. This ATmega328 is responsible for controlling a 16 character, 2 line LCD screen as well as communicate with an off the shelf fingerprint scanner from Sparkfun. The fingerprint scanner has a built in CPU, can store up to 20 fingerprints and does all its own processing of fingerprint scans. It then communicates to the ATmega328 with simple commands over serial Tx and Rx lines.

The ATmega328, LCD and fingerprint scanner are all mounted outside the garage in a 3D printed enclosure. If the wires for the internal-garage open/close button were just run straight into this outdoor module, anyone could open it up, short the wires and get into the garage. To prevent this, if the ATmega328 gets the ‘OK’ from the fingerprint scanner, then it sends a signal to an ATtiny85 that is inside the garage. If the ATtiny85 receives the correct signal, it will then actuate the garage door opener by shorting the open/close button contacts. This prevents anyone from sneaking into the garage.

[nodcah] did a great service to the community by making all of the part list, schematics, instructions and Arduino code available so anyone can easily put this project together.

Continue reading “Fingerprint Scanner Both Simplifies And Complicates Opening Garage Door”

Hackaday Links: September 29, 2013

hackaday-links-chain

We would be remiss if we didn’t mention that all of SparkFun’s open source hardware is now on Upverter.

Not wanting to tie up an iPad as a mini-gaming cabinet [Hartmut] hacked an Arcadi cabinet to use EUzebox instead.

Time travel happens in the bedroom as well. But only if you have your very own Tardis entrance.  [AlmostUseful] pulled this off with just a bit of word trim and a very nice paint job. [via Reddit]

[Pierre] tricks an iPhone fingerprint scanner by making a replica out of hot glue.

Some of the guys from our parent company were over in Shanghai on business. [Aleksandar Bradic] made time to visit the Shanghai hackerspace while in town and wrote about the experience over on their engineering blog.

[Gregory Charvat] is a busy guy. In fact we’ve got a juicy hack of his saved up that we still need to wrap our minds around before featuring. In the mean time check out the Intern-built coffee can radar that he took over and tested on a  multi-million dollar Spherical Near Field Range.

And finally, everyone loves coffee hacks, right? Here’s what [Manos] calls a Greek style instant coffee machine.