Tuesday, November 24, 2020

Hacker claims to develop way to steal fingerprints using camera

Must read

Assessing the reliability of a clothing-based forensic identification

According to the testimony of FBI forensic analysts, the patterns seen on denim are reliably unique and can be used to identify a suspect in surveillance footage. A paper published this week puts denim-pattern analysis through its paces, finding that it isn’t particularly good at matching up identical pairs of jeans—and may create a number of “false alarm” errors to boot.

Colorado Theater Attack Lawyers Argue Fingerprints

Crime analysts testified Monday about how they matched fingerprint evidence in the Colorado theater shooting investigation but provided little new information about the 2012...

Belle Gunness, queen of black widows, murdered dozens and planted victims around farm

After the corpses of three children and a headless woman were found burned in a 1908 fire at Gunness' farmhouse near La Porte, Indiana,...

New forensics technique calculates exact time of death

Determining the time of death isn't an exact science, and it becomes less and less exact as time passes. But a new method, developed...
Michael Whyte
Crime Scene Officer and Fingerprint Expert with over 7 years experience in Crime Scene Investigation and Latent Print Analysis. The opinions or assertions contained on this site are the private views of the author and are not to be construed as those of any professional organisation or policing body.
- Forensic Podcast -

One hacker says he has developed a way to copy fingerprints using a common digital camera.

Jan Krissler, a member of Europe’s oldest hacker collective, the Chaos Computer Club, said he accomplished such a feat at the Chaos Computer Conference on Saturday. His demonstration included creating, he claims, a digital copy of a fingerprint of Germany’s federal minister of defense, Ursula von der Leyen, using commercially available software called VeriFinger.

German Defense Minister von der Leyen’s fingerprint copied by Chaos Computer Club

He said he had a photographer snap high-resolution photos of von der Leyen’s fingers while she was at a presentation in October — standing nine feet away from the official. Krissler said he wasn’t able to verify von der Leyen’s fingerprint was accurate, but he was still confident it was a workable copy. “I have tried it with my own finger under similar circumstances (same camera, same distance)” he said in a statement to CNET.

Von der Leyen’s office declined to comment. A representative said she was unaware of the demonstration.

Krissler’s presentation potentially calls into question the efficacy of fingerprint scanners as a security measure. While they have been around since the 1990s in consumer technology, it was Apple’s move to include a fingerprint reader, which it calls Touch ID, into the iPhone 5S that revitalized the idea of using biometric readers. Samsung and HTC quickly followed by adding fingerprint readers in select smartphones. The reader replaces the need to enter a code to unlock a device or, in the case of mobile-payments system Apple Pay, verify a purchase.

While several hackers demonstrated the susceptibility of fingerprint readers to faked fingerprints soon after Touch ID’s launch, those techniques always have required physical access to the fingerprint — until now.

Apple and Synaptics, which makes fingerprint readers used by Samsung and other hardware manufacturers for smartphones and laptops, were not available for comment.

This isn’t Krissler’s first tangle with fingerprints. He was one of the first to demonstrate how to fake a fingerprint with wood glue to fool the iPhone 5S. “We hope that this finally puts to rest the illusions people have about fingerprint biometrics,” Chaos Computer Club spokesperson Frank Rieger said in a statement at the time. “It is plain stupid to use something that you can’t change and that you leave everywhere every day as a security token.”

Since then, researchers have shown that Apple has not fixed the vulnerability to faked fingerprints used on the iPhone 6 or 6 Plus.

On the other hand, having access to a fingerprint does not immediately make a device vulnerable. Phones and tablets secured by fingerprint readers still require physical access to the device to be unlocked, and at least on iPhones with Touch ID, after two days of non-use the phone will require the owner to enter the passcode to unlock the device — not just the fingerprint, according to CNET Reviews.

“After this talk, politicians will presumably wear gloves when talking in public,” Krissler said in a public statement.

Source: CNET

- Advertisement -

More articles

- Advertisement -

Latest article

Trees and shrubs might reveal the location of decomposing bodies

Plants could help investigators find dead bodies. Botanists believe the sudden flush of nutrients into the soil from decomposition may affect nearby foliage. If...

Are Detectives discounting the associative value of fingerprints that fall short of an identification in their investigations?

Every day, Fingerprint Experts in every latent office across the globe examine fingermarks that they determine to fall short of an identification....

Using the NCIC Bayesian Network to improve your AFIS searches

This National Crime Information Centre (NCIC) Bayesian network is based on the statistical data of general patterns of fingerprints on the hands...

DNA decontamination of fingerprint brushes

Using fingerprint brushes across multiple crime scenes yields a high risk of DNA cross-contamination. Thankfully an Australian study has discovered a quick and easy way to safely decontaminate fingerprint brushes to prevent this contamination risk and allows the brushes to be safely reused even after multiple cleaning cycles.

Detection of latent fingerprint hidden beneath adhesive tape by optical coherence tomography

Adhesive tape is a common item which can be encountered in criminal cases involving rape, murder, kidnapping and explosives. It is often the case...