|
|
|
|
|
|
by san86
4651 days ago
|
|
|
The problem is not so much what CCC has done, but CCC has started. In the days/month ahead.. there is now a possibility of building a more practical attack.
Remember the firefox plugin which allowed users to steal FB user sessions in a cafe with Free WiFi (or any WiFi hotspot)? That wasn't a new attack.. just made an existing attack easier (and hence caught a LOT of attention). The threat is similar. Now there is an exploit.. now the collective security researcher (and hacktivist) will work to make the hack easier by building a tool.. THERE lies the real danger. I still commend Apple for trying. The real issue will be if I can steal the "Hash" of the fingerprint and reverse it to know who it is... so far TouchId has done well. The way that happens, Apple users will need to rethink using TouchID |
|
|