The OPM hack resulted in millions of people's fingerprints and names being hacked, and now are floating out on the internet for anyone to look up.
Individuals who had their fingerprints stolen in that hack can now never use fingerprint readers with any reasonable confidence, since now all a hacker has to do is search that person's name and pull their fingerprint from one of aforementioned databases.
> fake your fingerprints with a cast
Fingerprint scanners like those on phones have been shown to be able to be fooled by using $10 worth of office supplies and some play-dough. It's not like we're talking mastermind levels of intelligence to do this stuff.
Of course, all of this completely ignores the fact that your phone likely already has several copies of your fingerprint already on it since you touched it, so it's not like someone hacking your fingerprints is even necessary. That's an entirely different reason of why fingerprint security is abysmal, though.
People keep saying fingerprints are all over the internet but I have seen no actual proof (1) how you can steal an iPhone fingerprint record (2) how you can use this data to generate a fake fingerprint sufficient to open the iPhone or even (3) copy a fingerprint off of the outside of the phone and open the iPhone.
1) you don't, but the iphone secure enclave is not what he's talking about. He means fingerprints on the glass.
2) google "touchid hack" there's videos on YouTube.
3) not super likely as usually you'll only find rough partials, but as previous poster mentioned, there has been government hacks that have leaked biometric data.
Ok, how about this. Imagine if MILLIONS of fingerprints are leaked, in some sort of wide net security break, and now any script kiddie can hack ~50% of phones?
Individuals who had their fingerprints stolen in that hack can now never use fingerprint readers with any reasonable confidence, since now all a hacker has to do is search that person's name and pull their fingerprint from one of aforementioned databases.
> fake your fingerprints with a cast
Fingerprint scanners like those on phones have been shown to be able to be fooled by using $10 worth of office supplies and some play-dough. It's not like we're talking mastermind levels of intelligence to do this stuff.
Of course, all of this completely ignores the fact that your phone likely already has several copies of your fingerprint already on it since you touched it, so it's not like someone hacking your fingerprints is even necessary. That's an entirely different reason of why fingerprint security is abysmal, though.