Hackers Claim to Have Broken Apple's Facial Recognition
-
@jaredbusch said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@jaredbusch said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@jaredbusch said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@dashrender said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
Also of interest, "Prior to the Bkav video, Wired worked with Cloudflare to see if Face ID could be hacked through masks that appear far more sophisticated than the ones the Bkav hack depicts. ".... um, what does a hipster pseudo-tech news publication and a web reverse proxy service have to do with this? These are really suspicious companies to have involved in proving that this tech is solid. Wired is a pretty goofy magazine at best and CF has no expertise (that we know of) in this kind of security, it's nothing to do with their business.
yeah I was definitely wondering why CF was involved in this testing at all? Seemed very weird.
Yes, very fishy.
WTF people can you all not read?
Rogers (now employed by Cloudflare) is famous for being one of the first to break TouchID, as well as having been in the security field forever.
If that was the case, they'd mention him as a specialist, not his employer in an unrelated field.
The article I read did.
The one being discussed, did not.
Actually the one you linked mentioned Cloudflare and specifically linked to the source.
Said Source, is the article I read earlier which correctly identifies Marc.
https://www.wired.com/story/tried-to-beat-face-id-and-failed-so-far/So the issue is Techcrunch editing, not the facts.
No one disputed the facts, we were saying that TechCrunch lacked creditbility. As does Wired.
-
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@jaredbusch said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@jaredbusch said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
CloudFlare is in the security field, but not the facial recognition security field. Nor, from what I know, is Marc. The hackers in question are specifically facial recognition hackers.
Marc has long been in the hacking community. See above post about breaking TouchID.
Right, that was my point. He's long been in OTHER hacking communities, not facial recognition. And not mentioned by the article being discussed.
Specifically he hacked Apple prodcuts how much more do you fucking need.
Facial Recognition, the thing I keep saying. What does "Apple products" matter. TouchID and FaceID would be unrelated as technologies go. That's like saying I'm a UNIX expert because I used FaceTime well.
-
@jaredbusch said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@jaredbusch said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@jaredbusch said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
CloudFlare is in the security field, but not the facial recognition security field. Nor, from what I know, is Marc. The hackers in question are specifically facial recognition hackers.
Marc has long been in the hacking community. See above post about breaking TouchID.
Right, that was my point. He's long been in OTHER hacking communities, not facial recognition. And not mentioned by the article being discussed.
Specifically he hacked Apple prodcuts how much more do you fucking need.
Facial Recognition, the thing I keep saying. What does "Apple products" matter. TouchID and FaceID would be unrelated as technologies go. That's like saying I'm a UNIX expert because I used FaceTime well.
You keep saying he has experience. Facial recognition is not related to touch, Apple products or anything else. That doesn't mean that he can't learn or get interested in something new. But just because he's been involved in other kinds of hacking implies nothing about his skills or experience with this kind.
Likewise, he might be the best TouchID hacker in the world, does that also mean he's a good social engineer? They might all be "hacking" but that's a loose term and the relationship between the disciplines is solely in the goal, not in the skills or experience.
-
@jaredbusch said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@jaredbusch said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
CloudFlare is in the security field, but not the facial recognition security field. Nor, from what I know, is Marc. The hackers in question are specifically facial recognition hackers.
Marc has long been in the hacking community. See above post about breaking TouchID.
Right, that was my point. He's long been in OTHER hacking communities, not facial recognition. And not mentioned by the article being discussed.
Specifically he hacked Apple prodcuts how much more do you fucking need.
As a non apple user until recently - more than simply the name of CF in the article I was reading...
-
So nobody here realizes that the facial recognition got totally pwned by this guy?
-
Looks like FaceID isn't nearly as secure as they claimed. Those hackers are looking more and more likely to have really hacked it as casual hacking of the devices starts to be known.
https://www.wired.com/story/10-year-old-face-id-unlocks-mothers-iphone-x/
-
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
Looks like FaceID isn't nearly as secure as they claimed. Those hackers are looking more and more likely to have really hacked it as casual hacking of the devices starts to be known.
https://www.wired.com/story/10-year-old-face-id-unlocks-mothers-iphone-x/
-
Right, so now all people who steal phones have to do is find someone under the age of 13 who looks similar to you and they're in......
-
And by the time they find someone that looks like you, you can track them and lock the phone via iCloud....
-
So basically, Face ID is so convenient that they can't live without it, so they won't just go to a PIN, instead they will delete all SMS/texting type messages. Really??
There's a JB /sigh FFS moment for ya.
-
A S. Korea security firm already broke it as well with an ultra-HD 3d printer and made a mask of the person who's face had locked the phone.
-
@dustinb3403 said in Hackers Claim to Have Broken Apple's Facial Recognition:
A S. Korea security firm already broke it as well with an ultra-HD 3d printer and made a mask of the person who's face had locked the phone.
Did they provide sufficient documentation? Because a Vietnam firm had claimed that earlier but no one believed them.
-
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@dustinb3403 said in Hackers Claim to Have Broken Apple's Facial Recognition:
A S. Korea security firm already broke it as well with an ultra-HD 3d printer and made a mask of the person who's face had locked the phone.
Did they provide sufficient documentation? Because a Vietnam firm had claimed that earlier but no one believed them.
I only skimmed the article, but it was claimed as a proof of concept.
-
@dustinb3403 said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@dustinb3403 said in Hackers Claim to Have Broken Apple's Facial Recognition:
A S. Korea security firm already broke it as well with an ultra-HD 3d printer and made a mask of the person who's face had locked the phone.
Did they provide sufficient documentation? Because a Vietnam firm had claimed that earlier but no one believed them.
I only skimmed the article, but it was claimed as a proof of concept.
The claim that people have made is that Apple tested this and it can't be done. I'm not sure why Apple testing that would mean it can't be done, but that's the basis for the claims against the tech. That and a mask doesn't address the iris scanning, but who knows if they really do that or just claim it.
-
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@dustinb3403 said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@dustinb3403 said in Hackers Claim to Have Broken Apple's Facial Recognition:
A S. Korea security firm already broke it as well with an ultra-HD 3d printer and made a mask of the person who's face had locked the phone.
Did they provide sufficient documentation? Because a Vietnam firm had claimed that earlier but no one believed them.
I only skimmed the article, but it was claimed as a proof of concept.
The claim that people have made is that Apple tested this and it can't be done. I'm not sure why Apple testing that would mean it can't be done, but that's the basis for the claims against the tech. That and a mask doesn't address the iris scanning, but who knows if they really do that or just claim it.
The article specifically said they had printed an ultra-hd mask, and use it to login to the phone. I'm assuming this includes the eyes and everything.
It was stated that it was really impractical based on the cost of the printer used to get that mask. And as such was a proof of concept that the tech was "easily broken".
-
@dustinb3403 said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@dustinb3403 said in Hackers Claim to Have Broken Apple's Facial Recognition:
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@dustinb3403 said in Hackers Claim to Have Broken Apple's Facial Recognition:
A S. Korea security firm already broke it as well with an ultra-HD 3d printer and made a mask of the person who's face had locked the phone.
Did they provide sufficient documentation? Because a Vietnam firm had claimed that earlier but no one believed them.
I only skimmed the article, but it was claimed as a proof of concept.
The claim that people have made is that Apple tested this and it can't be done. I'm not sure why Apple testing that would mean it can't be done, but that's the basis for the claims against the tech. That and a mask doesn't address the iris scanning, but who knows if they really do that or just claim it.
The article specifically said they had printed an ultra-hd mask, and use it to login to the phone. I'm assuming this includes the eyes and everything.
It was stated that it was really impractical based on the cost of the printer used to get that mask. And as such was a proof of concept that the tech was "easily broken".
Can you print irises?
-
@dustinb3403 said in Hackers Claim to Have Broken Apple's Facial Recognition:
It was stated that it was really impractical based on the cost of the printer used to get that mask. And as such was a proof of concept that the tech was "easily broken".
Any idea on the price?
-
@marcinozga said in Hackers Claim to Have Broken Apple's Facial Recognition:
And by the time they find someone that looks like you, you can track them and lock the phone via iCloud....
Assuming people have that set up. I can probably count on one hand the number of people I know who actually know how to do that.
-
@stacksofplates said in Hackers Claim to Have Broken Apple's Facial Recognition:
@marcinozga said in Hackers Claim to Have Broken Apple's Facial Recognition:
And by the time they find someone that looks like you, you can track them and lock the phone via iCloud....
Assuming people have that set up. I can probably count on one hand the number of people I know who actually know how to do that.
You do that during initial phone setup, I think. I haven't set up new phone in almost 2 years so my memory is flaky here. Using it after fact, now that might be challenging.
-
@scottalanmiller said in Hackers Claim to Have Broken Apple's Facial Recognition:
@dustinb3403 said in Hackers Claim to Have Broken Apple's Facial Recognition:
It was stated that it was really impractical based on the cost of the printer used to get that mask. And as such was a proof of concept that the tech was "easily broken".
Any idea on the price?
No the article didnt go into the details.
