Feeds

Roll up, roll up: Cash, Bitcoin and booze offered for iPhone 5S fingerprint scanner hack

Back and fill, infosec maties... keep t' grog comin'

Intelligent flash storage arrays

Hackers have taken to crowdfunding in a bid to raise a bounty to hack the iPhone 5S fingerprint scanner.

The IsTouchIDHackedYet.com site has so far received cash offers exceeding $3,250 – and 7.13 Bitcoins, which is a shade over $900 at current exchange rates – from more than 30 people prepared to chip in to offer a "reward to the first person who can reliably and repeatedly break into an iPhone 5S by lifting prints (like from a beer mug)".

The kitty also includes offers to supply bottles of wine, whisky and – in one case – an "under the door tool" (we're not sure what that is either).

It's the sort of thing that might be dreamt up at a boozy post-hacker-con pool party at DefCon in Vegas, except in this case the wheeze is being lubricated through Twitter instead of tequila. The beer mug reference is a bit of a giveaway in explaining the sensibility of the contest.

Linked terms and conditions from the IsTouchIDHackedYet.com site refer to Twitter updates outlining what might be required to win the prize, if not how to go about collecting it.

"All I ask is a video of the process from print, lift, reproduction and successful unlock with reproduced print. I'll put money on this," explains Nick DePetrillo, one of the Twitter users behind the istouchidhackedyet.com site – which was set up by Robert David Graham, who describes himself as a "cyber-insecurity expert".

"Satisfactory video evidence of the print enrollment, lift, reproduction and successful application of the print without locking out will do," he adds.

Apple’s decision to bundle a fingerprint scanner with the iPhone 5S, due out on Friday, has excited a great deal of security commentary. Fingerprint authentication has been bundled with laptops and handheld computers for years, of course, but the inclusion of the "Touch ID" fingerprint authentication in the iPhone 5S propels it into the mainstream – or perhaps more to the point, into the pockets of corporate big wigs (CEs, directors etc).

That means the technology is directly relevant to corporate CISOs and, by extension, intriguing to hacker types, which helps explain the appearance of a “Capture the Flag”-style Jesus phone hacking competition.

There is no word as yet on whether using classic techniques - such as Gummi bears - to defeat fingerprint scanners will earn bonus points in this particular competition. ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.