[LINK] Hacker fakes German minister's fingerprints using photos of her hands

[Kim Holburn]

https://www.theguardian.com/technology/2014/dec/30/hacker-fakes-german-ministers-fingerprints-using-photos-of-her-hands

> Jan Krissler used high resolution photos, including one from a government press office, to successfully recreate the fingerprints of Germany’s defence minister


...

> Jan Krissler, known in hacker circles as Starbug, used commercial software called VeriFinger and several close-range photos of von der Leyen, including one gleaned from a press release issued by her own office and another he took himself from three meters away, to reverse-engineer the fingerprint.
> 
> “After this talk, politicians will presumably wear gloves when talking in public,” he joked.


> Also reported at the conference was another security hole seemingly straight out of science-fiction: a so-called “corneal keylogger”. The idea behind the attack is simple. A hacker may have access to a user’s phone camera, but not anything else. How to go from there to stealing all their passwords?
> 
> One way, demonstrated on stage, is to read what they’re typing by analysing photographs of the reflections in their eyes. Smartphone cameras, even front-facing ones, are now high-resolution enough that such an attack is possible.

...

> As the ACLU’s Jay Stanley told the Washington Post, “Biometrics are not secrets… Ideally, they’re unique to each individual, but that’s not the same thing as being a secret.”
> 
> And Starbug agrees, telling Zeit in 2013 that “I consider my password safer than my fingerprint… My password is in my head, and if I’m careful when typing, I remain the only one who knows it.”



-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request