Skip to main content

Hacker reveals how to extract PIN of a smartphone from any selfie.

Corneal Key Logger can extract PIN
of any smartphone using the owner's selfie
If you thought biometrics was the
ultimate weapon of authentication,
you may be proved wrong by Starbug.
German researcher Jan Krissler, aka
Starbug is a hacker whose claim to
fame is breaching Apple's TouchID
and recreating the German defense
minister's thumbprint from a high-
res image.
Starbug has revealed that he can now decode anyone's smartphone PIN code from any selfie "image". of the owner.
Starbug and his colleagues have
extracted the reflection of
smartphone screens in the eye whites of "selfie" subjects, then they used an ultra-high resolution image techniques to extract the user's PIN code. Starbug presented his discovery
at the Biometrics 2015 conference in London.
His team also revealed a method to
take hi-res images of iris using a
high-resolution camera and
recreating them using a simple laser printer. They were also able to extract the reflection of phone
screens in the eye whites of "selfie"
subjects, then using ultra-high res
image techniques to glean the user's PIN code.
Here is an image of the "corneal key logger"
The team then used this technique to extract the iris data of German
chancellor Angela Merkel, using a
photo taken at a press conference. He said that these images could be
printed onto a contact lens and this
method can be used to hack any
biometric enabled authentication
device.
Starbug's speech also focussed on the vulnerability of fingerprint and facial technology, saying that together with iris these represented "90% of the biometrics market value".
" Everything is spoofable," he said.
Earlier Starbug had revealed how to make a dummy fingerprint to spoof Apple's Touch ID sensor, simply by lifting a fingerprint from a basic print scanner and then making a mould. He also revealed how to use a digital SLR camera with a 200ml lens to take fingerprints that can be
replicated from a distance – the
method used to extract German
Defense Minister Dr Von Der Leyen's thumbprint.
According to Starbug even
fingerprint sensors featuring liveness detection are at risk. "I can fool every fingerprint sensor in two hours", he said, welcoming challenges from manufacturers to beat their technology. Starbug said a simple photo of the users face is often more than enough – even for most infrared devices. Here "liveness detection is very important", he said.
Starbug also outlined a method to
bypass liveness detection that
demands that makes users blink, and he closed his presentation defeating a 3D facial recognition by using a papier mache mask.
Starbug said that the current
biometrics technology is weak and
should improved upon. However, he said he feels that biometrics is the future of the authentication.

Comments

Popular posts from this blog

Windows 10 now on 600 million machines.

Microsoft CEO Satya Nadella told shareholders that Windows 10 has now passed 600 million monthly active users, picking up 100 million since May of this year. This number counts all Windows 10 devices used over a 28-day period. While most of these will be PCs, there are other things in the mix there: a few million Xbox Ones, a few million Windows 10 Mobile phones, and special hardware like the HoloLens and Surface Hub. The exact mix between these categories isn't known, because Microsoft doesn't say. The company's original ambition (and sales pitch to developers) was to have one billion systems running Windows 10 within about three years of the operating system's launch. In July last year, the company acknowledged that it won't hit that target—the original plan called for  50 million or more phone sales a year , which the retreat from the phone market has made impossible. But at the current rate it should still be on track for somewhere in excess of 700 million use...

WZoneLite – A Pretty Cool WooCommerce Amazon Affiliate Plugin .

Everyone wants to make a million dollars by being a blogger. The promise of riches and internet fame is a big draw to doing it for a lot of people, and I’m sorry to say that the reality of being a blogger (even a professional blogger!) is not quite…as financially lucrative as all that. But that’s not to say that it  can’t be –one of the best ways to start your empire is with an Amazon affiliate plugin. For me, the Amazon Associates program has been one of the biggest earners for me over the years. Not only are there CPM ads like Google Adsense (you know, the normal banner ads we all love to hate), but any time someone clicks a link from your site, you get a percentage of  anything  they buy while the token from your site lasts in their browser. If they buy a song, you get a few cents. If they buy a new MacBook Pro and iPhone? You get…a lot more cents. With that in mind, WZoneLite is a  pretty cool WooCommerce Amazon affiliate plugin that syncs everything together s...

How Antacids And PPI’s Can Destroy Your Health DRUG DANGER ALERT

New Science Shows Hidden, Deadly Risk Of Common Heartburn And Reflux Drugs   Dear Heartburn Sufferer, If you take any over-the-counter drug for your acid reflux, heartburn, or GERD... including Prevacid and Prilosec,... this timely report directly affects you. So take thirty seconds and read every word of this email. Carefully. These commonly used drugs suffered a major setback recently when the FDA warned that taking them can give you a dangerous condition known as "C-Diff". Now there is evidence to show Prilosec, Prevacid, and other PPI's ("Proton Pump Inhibitors") ... or the other common group of drugs for reflux called "antacids"... create another, potentially greater risk to your health. It seems antacids and PPI's are literally starving your body of vital nutrients, and leading to all sorts of deadly health conditions. Some conditions that have beenlinked to these drugs: Dementia Irregular heartbeat Iron deficie...