Skip to main content

Hackers can steal fingerprints from a Galaxy S5

You may not be the only one swiping fingerprints on your Galaxy S5. Criminals could be doing it, too, and without your knowledge.
Researchers at FireEye discovered a serious flaw in some Androidphones — not just the Galaxy S5, though other affected models weren’t named. While fingerprint data is locked away in Android’s trusted storage area, the biometric scanner itself is exposed. With the right access, a criminal can perform a man-in-the-middle attack and siphon off scans while they’re in transit.
Resident malware does the dirty work silently in the background. Once criminals have acquired those tasty bits, “you can generate the image of [the] fingerprint,” Yulong Zhang explained. He added “after that you can do whatever you want.”
Galaxy s5

Scary, right? It would be, if not for a few important caveats. First, this particular flaw was fixed in Android 5.0. Most new devices are shipping with Lollipop pre-installed, and it’s been rolling out to more older devices lately. If your carrier has already updated your handset, you’re good.
Second, FireEye’s researchers say that an attacker needs to be able to “break the kernel” in order to gain the required access to a phone’s fingerprint scanner. Unless you’ve rooted your device, you probably aren’t in harm’s way when it comes to this particular exploit.
That malware would also have to find its way onto your phone somehow, and if you’re only installing apps from the Play Store the chances of that happening are pretty slim. Samsung is, nevertheless, investigating FireEye’s claims.
As worrisome as this exploit is, it’s much scarier to think that someone with access to the right lab equipment can reproduce your fingerprint with nothing more than a photo they found on the Internet.
Labels:

Comments

Post a Comment

Popular posts from this blog

Disney Discovers How To 3D Print with Fabric

We have seen 3D printers produce objects from plastic and even metal. But the Magic Kingdom is living up to its name with the announcement that it has designed a 3D printer capable of printing with fabric. A group of researchers at Cornell University, Carnegie Mellon and Disney Research unveiled the invention in a paper last weekend. According to the researchers, the device is capable of forming precise, but soft and deformable 3D objects from layers of off-the-shelf fabric. Among the objects the research team produced were a fabric bunny, a Japanese doll, a touch sensor made of fabric, and a smartphone case with an embedded conductive fabric coil for wireless  power   reception. Touch-Sensitive, Wireless Power To form each object, the printer uses a single sheet of fabric to create each layer of the object. The printer cuts this sheet along the 2D contour of the layer using a laser cutter and then bonds it to previously printed layers using a heat sensitive adh...
Post a Comment
Read more

Top Link Shortening Websites to Make Money Online

While there are many ways to make money online, I believe making money by URL Shortening is one of the best for newbies. Just shorten URL, people click on it and you make money. Quite fantastic, isn’t it? Today I am going to present before you the top legit URL shortening website that you should choose to make money online. I have taken care of many factors before ranking them, like Page Rank, Alexa Rank, My Experience etc. I’ll keep on updating the list when it is needed. Before jumping to the Shorteners I would like to explain the factors on which ‘Top Legit Shorten URL and Make Money Online Sites’ list is based: Page Rank:  Page Rank is the one factor that Google uses to rank websites on their search results. Page Rank of a site can be anything between 0 and 10. Page Rank is generally given on the basis of quality of site and backlinks it has got. Alexa Rank:  Alexa Rank shows the relative popularity of website over internet. Less is the Alexa Rank, more the si...
1 comment
Read more

10 Ways To Prevent Your Mac From Being Hacked

Information protection is now scrutinized in all commercial and government industries. Theft of information has crippled many organizations and businesses. One of the main reasons information is lost, corrupt, or stolen is because many industries have not fully adopted it as a risk, and have yet to implement strong quality assurance policies and programs. Some of the most common risks are because of unattended computers, weak passwords, and poor information management practices. Hackers look for the weakest target and tunnel into a business from easy sources, like tablets or cell phones. Using smart encryption software can remediate this threat and vulnerability, making it difficult for competitors or rookie hackers to penetrate your device. However, software alone is not enough to prevent Macs from being hacked. It is the Mac user who has the authority and resources to save it from potential penetration.  The top 10 ways to prevent your Mac from being hacked  is ...
Post a Comment
Read more