Hackers reportedly bypass Samsung Galaxy S8's 'airtight' iris scanner
Hackers have once again proved there's no such thing as true security for your phone.
Researchers at the Chaos Computer Club (via Motherboard) claim to have bypassed the iris scanner on Samsung's Galaxy S8 using a simple photo of a person's iris and an ordinary contact lens.
SEE ALSO:Watch how far Samsung's Galaxy S8 has evolved from the original Galaxy SSamsung's "airtight" (the company's word, not mine) iris scanner is included on the Galaxy S8 as an alternative form of biometric security in addition to the built-in fingerprint sensor.
Galaxy S8 users can choose to set up the iris scanner, which is more secure than the face recognition, to unlock the phone or authenticate Samsung Pay mobile payments.
The biggest advantage to using an iris scanner compared to face recognition is that ordinary photos usually can't fool it. An ordinary photo doesn't contain the unique patterns in a person's eyes that can only be seen with an infrared sensor.
That's exactly why the CCC didn't use an ordinary photo to trick the S8's iris scanner.
For its hack, the CCC used a "good digital camera with 200mm-lens at a distance of up to five meters" to take a photo of a person's eye. The camera was switched to its "night mode" in order to capture the iris' patterns.
The image of the iris was then printed on a laser printer (ironically, a Samsung one) and a contact lens was placed on top to give it depth.
CCC registered a person's iris on the S8 and then tested the fake iris. Lo and behold, it worked and the phone unlocked.
BUT... as simple as the hack sounds, it still requires some trial and error. CCC even says as much (emphasis mine):
Depending on the picture quality, brightness and contrast might need to be adjusted. If all structures are well visible, the iris picture is printed on a laser printer.
How many images -- adjusted for image quality, brightness, contrast, etc. -- were tested before they got one that worked? I reached out to CCC on Twitter for more details.
CCC's Jan Krissler (aka "starbug") told me over direct message they tested three printers, printing five to ten variations per printer, before they got a positive with a Samsung laser printer. The printout of the iris worked out to "80 pixel iris diameter."
"The Samsung model was a standard consumer product, around 250 Euro. We tested multiple prints on multiple kinds of paper. All of them worked. It worked instantly after we found the working printer."
The iris scanner hack isn't unlike the many fingerprint sensor hacks we've seen over the years. It looks easy enough, but the probability of it happening is unlikely. How many people have photos of their eyes, captured with night mode, floating around on the web? (Again, your regular selfies won't fool the iris scanner.)
As proof-of-concept, yes it works. But the same goes for breaking open your home's door lock or car door. It's possible, and anyone who really wants to gain access could jump through these hoops to get into your phone, but is it a reason to live in fear or not buy this phone? Not at all.
We reached out to Samsung for official comment on the hack and received the following:
"We are aware of the issue, but we would like to assure our customers that the iris scanning technology in the Galaxy S8 has been developed through rigorous testing to provide a high level of accuracy and prevent attempts to compromise its security, such as images of a person’s iris. If there is a potential vulnerability or the advent of a new method that challenges our efforts to ensure security at any time, we will respond as quickly as possible to resolve the issue."
Featured Video For You
Hands on with Samsung's Galaxy S8
下一篇:Abrar Ahmed returns as Pakistan names squad for second Test against Bangladesh
- ·Google Search tries new tactics for limiting explicit deepfakes
- ·人才培育促振兴,遂溪县举办2023年高素质农民培育班
- ·偶遇青岛艺术跳蚤集市 一斤杏换一幅油画
- ·提前“两步走”,华农专家助力农户打赢柑橘冻害保卫战
- ·Against All Odds: How Netflix Made It
- ·导演许宏宇携新片亮相青岛 金城武周冬雨组CP
- ·提前“两步走”,华农专家助力农户打赢柑橘冻害保卫战
- ·深化雅涪市场监管一体化协作 助推成渝地区双城经济圈建设
- ·How to watch 'Kinds of Kindness': When is it streaming?
- ·《72层奇楼》探秘团穿越寻神笔 方特千年之旅将启程
- ·青岛博物馆上演“外科风云” 292件青铜器接受“手术”
- ·闈掑矝鍦伴搧寮曢闃呰椋庢疆 鍩庡競鏂囧寲涔嬭姳鈥滃湴涓嬧€濈唤鏀綺涓浗灞变笢缃慱闈掑矝
- ·中山古镇:到苏炳添家乡看“村BA”,来一场说走就走的美食之旅
- ·动画电影《豆福传》28日上映 陈佩斯欢乐献声
- ·春运首日,我们在广东高速路上寻找烟火气丨服务区里的“年味”①
- ·香港作家马家辉:我的江湖,跟杜琪峰不一样
- ·How much will PCB's Champions Cup mentors be paid?
- ·香港作家马家辉:我的江湖,跟杜琪峰不一样
- ·青岛崂山区实验小学少先队员以“砖”窥汉
- ·白干活成绝望主妇?《我的前半生》让全职妈妈慌了
- ·How do you make safe, cheap nuclear reactors? Bury them a mile deep
- ·銆婃潕鑼剁殑濮戝銆?9鏃ャ€?0鏃ラ潚宀涘ぇ鍓ч櫌涓ゅ満杩炴紨
- ·人才培育促振兴,遂溪县举办2023年高素质农民培育班
- ·青岛风筝协会第六届换届大会召开 张景林当选主席
- ·Keurig K Mini deal — get $30 off at Target
- ·2017“青岛西海岸音乐季 欧盟青年音乐节”圆满落幕 近600位世界各地音乐家共同奏响“音乐之岛”