{"id":71711,"date":"2013-09-21T01:52:59","date_gmt":"2013-09-21T00:52:59","guid":{"rendered":"http:\/\/rinf.com\/alt-news\/breaking-news\/hackers-vie-for-bounty-in-cracking-fingerprint-touch-id-on-new-iphone-5s\/71711\/"},"modified":"2013-09-21T01:52:59","modified_gmt":"2013-09-21T00:52:59","slug":"hackers-vie-for-bounty-in-cracking-fingerprint-touch-id-on-new-iphone-5s","status":"publish","type":"post","link":"http:\/\/rinf.com\/alt-news\/breaking-news\/hackers-vie-for-bounty-in-cracking-fingerprint-touch-id-on-new-iphone-5s\/","title":{"rendered":"Hackers vie for bounty in cracking fingerprint \u2018Touch ID\u2019 on new iPhone 5S"},"content":{"rendered":"<div class=\"ftpimagefix\" style=\"float:none\"><a target=\"_blank\" href=\"http:\/\/rt.com\/usa\/hackers-bounty-iphone5s-fingerprint-157\/\"><img decoding=\"async\" width=\"150\" src=\"http:\/\/rt.com\/files\/news\/20\/82\/50\/00\/31.jpg\"\/><\/a><\/div>\n<div>\n<div>\n\t\t\t\t\t\t<!-- time --><br \/>\n                        <span><br \/>\n                            Published time: September 21, 2013 00:46                                                    <\/span><br \/>\n                        <!--\/\/ time --><\/p><\/div>\n<div>\n<p>Reuters \/ Toru Hanai <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>As consumers flock to stores nationwide for Apple&#8217;s iPhone 5S release Friday, hackers are racing to claim a growing bounty for cracking the product&#8217;s &ldquo;Touch ID&rdquo; fingerprint reader.<\/p>\n<p>\n  Security researchers Nick Depetrillo and Robert David Graham<br \/>\n  launched IsTouchIDHackedYet.com on Wednesday, wherein the pair<br \/>\n  challenged anyone to offer video evidence of recreating one&#8217;s<br \/>\n  fingerprint and using it to unlock that person&#8217;s iPhone 5S.\n  <\/p>\n<p>Depetrillo originally pledged US$100 to anyone who could<br \/>\n  successfully prove the hack. Since his offer, others have added<br \/>\n  cash rewards and bitcoins collectively approaching $20,000. Booze<br \/>\n  and various other prizes have also been added to the pile.\n  <\/p>\n<p><i>&ldquo;I put my money where my mouth is and it really took off,&rdquo;<\/i><br \/>\n  Depetrillo said.\n  <\/p>\n<p>Meanwhile, Sen. Al Franken has sent a letter to Apple asking how<br \/>\n  the company&#8217;s new product will protect the privacy of users.\n  <\/p>\n<p><i>&ldquo;The iPhone 5S reportedly stores fingerprint data locally &lsquo;on<br \/>\n  the chip&#8217; and in an encrypted format,&rdquo;<\/i> Franken wrote to<br \/>\n  Apple&#8217;s CEO Tim Cook. <i>&ldquo;It also blocks third-party apps from<br \/>\n  accessing the Touch ID. Yet important questions remain about how<br \/>\n  this technology works, Apple&#8217;s future plans for this technology,<br \/>\n  and the legal protections that Apple will afford it.&rdquo;<\/i>\n  <\/p>\n<p>Franken posed pointed questions on whether fingerprint data could<br \/>\n  be extracted &#8211; remotely or not &#8211; by third parties, if Apple will<br \/>\n  allow third parties to use the data, and if Apple considers<br \/>\n  fingerprint data to be a <i>&#8220;tangible thing&#8221;<\/i> as defined in<br \/>\n  the Patriot Act.\n  <\/p>\n<p>Such fingerprint-based scanners have been cracked in the past<br \/>\n  using the likes of gelatin and silly putty. Yet Apple maintains<br \/>\n  its sensor is unique in its <i>&ldquo;liveness&rdquo;<\/i> verification<br \/>\n  standards, so much so that even a severed finger could not be<br \/>\n  used to unlock a phone, the company claims.\n  <\/p>\n<p>The <i>&ldquo;Touch ID&rdquo;<\/i> sensor is 170 microns thin and scans<br \/>\n  sub-epidermal skin layers with 360-degree reliability, Apple<br \/>\n  said. In addition, the company says fingerprints will be stored<br \/>\n  in the device only &#8211; not in the cloud easily accessible to<br \/>\n  hackers and government spies.\n  <\/p>\n<p>Facebook, Google, and other companies have in the past created<br \/>\n  contests that pay users who <i>&ldquo;pinpoint security loopholes,&rdquo;<\/i><br \/>\n  though Apple has never offered prizes for flagging bugs.\n  <\/p>\n<p><i>&#8220;I think Apple is quietly amused,&#8221;<\/i> Graham told CNET.<br \/>\n  <i>&#8220;I&#8217;m sure their engineers are confident in their abilities to<br \/>\n  address all conceivable weaknesses &#8211; yet worried about<br \/>\n  inconceivable techniques hackers might come up with.&rdquo;<\/i>\n  <\/p>\n<p>Depetrillo said he started the idea not necessarily to see the<br \/>\n  iPhone hacked, but more to show how difficult the fingerprint<br \/>\n  sensor will be to invade.\n  <\/p>\n<p><i>&ldquo;Basically people criticized the TouchId sensor as being<br \/>\n  insecure, thinking it was a typical fingerprint sensor from five<br \/>\n  years ago,&rdquo;<\/i> he wrote to Forbes. <i>&ldquo;In reality it&#8217;s a lot<br \/>\n  harder, and I was part of a vocal minority of security<br \/>\n  researchers who argued Apple did a good job.&rdquo;<\/i>\n  <\/p>\n<p>The pair said they are only responsible for their own pledges,<br \/>\n  and the winner must go after the other bounties themselves,<br \/>\n  though Depetrillo said he&#8217;s keeping track of any<br \/>\n  <i>&ldquo;deadbeats&rdquo;<\/i> that may skip paying out.\n  <\/p>\n<p>But connected hackers could likely sell any information on how to<br \/>\n  unlock the iPhone 5S for more than what is currently offered at<br \/>\n  IsTouchIDHackedYet.com, Forbes reported.\n  <\/p>\n<p><i>&ldquo;Nothing is hack proof,&rdquo;<\/i> Depetrillo said. <i>&ldquo;I honestly<br \/>\n  don&#8217;t know if someone will claim it&hellip;If they do I&#8217;ll be pleasantly<br \/>\n  surprised.&rdquo;<\/i><br \/>\n  <\/p>\n<p>Copyright: <a href=\"http:\/\/rt.com\/usa\/hackers-bounty-iphone5s-fingerprint-157\/\" target=\"_blank\" title=\"Hackers vie for bounty in cracking fingerprint \u2018Touch ID\u2019 on new iPhone 5S\">RT<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Published time: September 21, 2013 00:46 Reuters \/ Toru Hanai As consumers flock to stores nationwide for Apple&#8217;s iPhone 5S release Friday, hackers are racing to claim a growing bounty for cracking the product&#8217;s &ldquo;Touch ID&rdquo; fingerprint reader. Security researchers Nick Depetrillo and Robert David Graham launched IsTouchIDHackedYet.com on Wednesday, wherein the pair challenged anyone [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":71712,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[487],"tags":[],"class_list":{"0":"post-71711","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-breaking-news"},"_links":{"self":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts\/71711","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/comments?post=71711"}],"version-history":[{"count":0,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts\/71711\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/media\/71712"}],"wp:attachment":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/media?parent=71711"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/categories?post=71711"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/tags?post=71711"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}