Berlin-based Security Research Labs have released a series of videos detailing how the iPhone 5s could actually be Apple’s least secure iPhone yet due to flaws in both software and hardware.
Very similar to how the Chaos Computer Club was able to hack Touch ID last month, this particular group of researchers were able to gather fingerprints left on a victim’s display, snap a photo of it with an iPhone 4s and then develop into a workable mold to unlock the iPhone 5s.
Seriously… check it out below. It is without a doubt quite the process, but it works.
It is important to note that most people wouldn’t be able to replicate what was shown in the video and that this isn’t just a flaw with Touch ID, but rather any fingerprint scanner.
Where it gets interesting though is in the second video produced by the Berlin-based security researchers that shows what a knowledgable thief could do with a stolen iPhone 5s.
In this video some actual security flaws within iOS are pointed out that lead to the iPhone 5s being the least secure iOS Device the company has ever released. All hope is not lost though, the group suggests Apple does the following to increase security:
- Make Airplane Mode inaccessible from the lock screen by default and require PIN after setting Airplane Mode or removing SIM Card
- Warn users not to store password-reset email accounts on iDevices
- When device is lost for good, advise users to revoke its privileges
- Do not inform potential attackers how the device is protected
- Upon reconnecting to the Internet, iOS should not allow email retrieval before the device’s wipe- or don’t-wipe status can be retrieved
Apple has yet to comment on any of this, but I definitely agree Apple should take note of what these security researchers suggest because it is spot on.