Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Wednesday August 12 2015, @09:46PM   Printer-friendly
from the is-today-April-Fools? dept.

Four FireEye researchers have found a way to steal fingerprints from Android phones packing biometric sensors such as the Samsung Galaxy S5 and the HTC One Max.

The team found a forehead-slapping flaw in HTC One Max in which fingerprints are stored as an image file (dbgraw.bmp) in a open "world readable" folder.

"Any unprivileged processes or apps can steal user’s fingerprints by reading this file," the team says, adding that the images can be made into clear prints by adding some padding.

It is one of four vulnerability scenarios in which biometric data normally secure in an Android phone's TrustedZone can be pilfered.

One such scenario shows how attackers can have money transfers authenticated by throwing a fake lock screen prompting a victim to scan their fingerprints to unlock a device.

Yulong Zhang, Zhaofeng Chen, Hui Xue, Tao Wei say in the paper Fingerprints On Mobile Devices: Abusing and Leaking [PDF] presented at Black Hat in Las Vegas last week that most device manufacturers fail to use Android's Trust Zone protection to safeguard biometric data.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Informative) by bob_super on Thursday August 13 2015, @12:30AM

    by bob_super (1357) on Thursday August 13 2015, @12:30AM (#222025)

    > It may have a reason other than enabling remote spying but it escapes me

    You're not a EE...
    Basic system design, really. Tie the things together and you can't use them to discriminate failures an run tests.
    And a lot of cheap systems don't power down the camera rail. They just old it in reset. It's simpler/cheaper/more reliable

    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by Bot on Thursday August 13 2015, @12:51PM

    by Bot (3902) on Thursday August 13 2015, @12:51PM (#222253) Journal

    I am not an EE but I am losing faith in them. Testing a led is quite straightforward, and the circuit is simple. And anyway, if you really want to double the circuitry involved just to test a led, why not stay at the hardware level? The led is controlled by software, proof in old linux kernels who did not light up the leds while accessing the cam.

    And, keeping the camera powered on at all times in a laptop may be cheap, but given the importance of battery time in those laptops it is beyond stupid.

    --
    Account abandoned.
    • (Score: 0) by Anonymous Coward on Thursday August 13 2015, @01:01PM

      by Anonymous Coward on Thursday August 13 2015, @01:01PM (#222261)

      > Testing a led is quite straightforward

      dafuq? the led monitoring the circuit IS the test. Apparently it is OK to double the circuit for testing-testing purposes, and to use software for testing-testing-testing, whose unit tests are about testing-testing-testing-testing.