[LINK] Hacker fakes German minister's fingerprints using photos of her hands

Kim Holburn kim at holburn.net
Thu Mar 28 08:50:50 AEDT 2019


> Jan Krissler used high resolution photos, including one from a government press office, to successfully recreate the fingerprints of Germany’s defence minister


> Jan Krissler, known in hacker circles as Starbug, used commercial software called VeriFinger and several close-range photos of von der Leyen, including one gleaned from a press release issued by her own office and another he took himself from three meters away, to reverse-engineer the fingerprint.
> “After this talk, politicians will presumably wear gloves when talking in public,” he joked.

> Also reported at the conference was another security hole seemingly straight out of science-fiction: a so-called “corneal keylogger”. The idea behind the attack is simple. A hacker may have access to a user’s phone camera, but not anything else. How to go from there to stealing all their passwords?
> One way, demonstrated on stage, is to read what they’re typing by analysing photographs of the reflections in their eyes. Smartphone cameras, even front-facing ones, are now high-resolution enough that such an attack is possible.


> As the ACLU’s Jay Stanley told the Washington Post, “Biometrics are not secrets… Ideally, they’re unique to each individual, but that’s not the same thing as being a secret.”
> And Starbug agrees, telling Zeit in 2013 that “I consider my password safer than my fingerprint… My password is in my head, and if I’m careful when typing, I remain the only one who knows it.”

Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request 

More information about the Link mailing list