James Delahunty
19 Sep 2013 21:22
Apple's TouchID fingerprint reader and authentication system will be a fun challenge for hackers after the launching of a crowd-funding effort to provide motivation.
IsTouchIDHackedYet.com has been launched by security researcher Nick Depetrillo and Robert David Graham, listing pledges from Twitter users to provide money (including BitCoin) and other prizes - like a bottle of wine and a "dirty sex book" - for whoever can demonstrate a working hack of the feature.
In order to be in with a shout of getting some rewards, the hacker will need to provide proof of a method to break into an iPhone 5s by lifting prints from other surfaces, like a glass, and using it somehow for authentication.
Fingerprint scanners have been defeated quite easily in the past. Mythbusters even beat one by simply printing out a finger print and using the print-out.
Apple insists however that TouchID is special, claiming it can't even be beaten by severed finger.
According to comments given to Forbes, Depetrillo decided to go ahead with this challenge because he has so much faith in the TouchID system not to be easily beaten, but that being proven wrong will be a "pleasant surprise."
Of course, pledges made by Twitter users aren't set in stone, but the largest pledge so far came from Arturas Rosenbacher of IOCapital, which has put up $10,000 for the first person to break TouchID.
On behalf of @IOCapital, we are pledging $10,000 to the #IsTouchIDHackedYet, and supporting this wonderful crowdsourced security campaign!
-- Arturas Rosenbacher (@Arturas) September 19, 2013