|
|
|
Chaos Computer Club breaks Apple TouchID the bad idea that is fingerprint biometrics and 'its cool to hack Apple now' |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Chaos Computer Club breaks Apple TouchID the bad idea that is fingerprint biometrics and 'its cool to hack Apple now' Par Dinis Cruz BlogLe [2013-09-23] à 15:33:57
Présentation : Well it didn't took long Chaos Computer Club breaks Apple TouchID For me the key statement of that post is We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can t change and that you leave everywhere every day as a security token I have to say that I have never been involved in designing or testing fingerprint biometrics, but I always had this voice in the back on my head saying ...humm... it really doesn't sound good the idea that the security ID cannot be changed, and once that ID is stored in digital format, there is nothing that can be done to prevent its reuse.... The other interesting development is how Apple is now starting to suffer the same 'security pressure' as Microsoft once did. For a while the focus of researchers and attackers was on Microsoft, simply because they had the biggest market share and it was cool easy to 'break Microsoft products'. But now that Microsoft has some of the most mature secure SDLs out there i.e. it is harder to find bugs exploits in Microsoft products and Apple 'exploit' brand is more valuable in both kudos and target audience , Apple is going to have to pay a lot more attention to security specially before the criminals increase their attacks to Apple product users who tend to 'think' they are secure, simply because they are not using Windows . In a way, the focus pressure that the security researchers are putting on Apple is very good for them, since it will 'empower' their internal security teams with more power and resources for example my good John Wilander OWASP friend, which is now on Apple's 'Proactive Product Security' team
Les mots clés de la revue de presse pour cet article : apple fingerprint
Les videos sur SecuObs pour les mots clés : apple fingerprint
Les éléments de la revue Twitter pour les mots clé : apple fingerprint
Les derniers articles du site "Dinis Cruz Blog" :
- Updated version of BSIMM Questions for Teams now will all activities mapped
- First pass at BSIMM questions for teams
- Started working on new book Measuring Software Quality using Application Security
- When talking about Application Security and Software Quality, Pollution is a much better analogy than Technical Debt
- New Era of Software with modern Application Security presentation v1.0
- Simple Threat Model template - Good place to start
- JIRA RISK workflow handling of 'Risk Fatigue'
- Updated JIRA RISK workflow now with a 'Fixing' State
- Presenting at OWASP AppSecEU on Using JIRA to manage Risks and Security Champions activities
- Thinking of writing a book called Measuring Software Quality using Application Security
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
