Sunday, September 22, 2013

Apple's Touch ID is Vulnerable to "Sleephacking"

Apple worked hard to make the the Touch ID security system easy to use. So easy a 5s can be unlocked by a cat, your toe, or even your... member, if it's registered with your phone. The real issue, though, is that Touch ID has no way of telling if someone is passed out.

Frat dudes, heads up. You could wake up from a night of drinking to find your bros messaged all your exes and creatively re-wrote your Facebook profile. Yet the biggest threat is likely that of misuse by significant others.

It's common to hear the story of a suspicious girlfriend or boyfriend who went through their guy/girl's unlocked phone while he was asleep, found them flirting with someone else, and dumped them. Numeric passcodes would prevent this.

But Touch ID is vulnerable to "sleephacking".

As long as someone knows what finger[s] you've registered with Touch ID, they can pick your phone up off the nightstand, press it against your sleeping finger, and voilĂ , the phone unlocks.