.png)
SUBSCRIBE ME
A German security firm SRL claims a vulnerability in Touch ID Fingerprint Scanner and iCloud allows a hacker to access a locked device and potentially gain control over an owner’s Apple ID.
SRL points out that Airplane mode can be enabled on a stolen phone from the lockscreen, which turns off wireless connectivity and so defeats the remote wipe facility.
This can be accessed without requiring a passcode, could be a major vulnerability when it comes to physically stolen devices.
In a video demonstration, they point out that while Apple lets users locate and remotely wipe a device using the Find My iPhone app.
Since
Find My iPhone can only perform a wipe if a device is connected to the
Internet, but because airplane mode will disable Internet Connectivity,
that may give a thief enough time to get fingerprints off of the device
and eventually log in. An attacker can create a fake fingerprint on a laminated sheet and later attached to one of their fingers, as already explained by another researcher.
SRLabs suggests several things
Apple could do to mitigate the problem. These include making Airplane
Mode inaccessible from the lockscreen by default, and warning people not
to keep a password reset email account active on a mobile device.
:)
:(
:))
:((
=))
=D>
:D
:P
:-O
:-?
:-SS
:-f
d(
:-*
b-(
h-(
g-)
5-p
y-)
c-)
s-)
d-)
w-)
:-h
:X
0 comments