EMERGING TECH
EMERGING TECH
EMERGING TECH
Security researchers hack iPhone X Face ID using a $150 rubber mask
Security researchers in Vietnam have managed to hack the Face ID feature on Apple Inc.’s flagship iPhone X using a rubber mask, casting doubt on how the supposedly advanced security technology actually is.
The discovery was made by researchers at BKAV Corp., which after experimentation managed to craft a custom mask that successfully fooled the iPhone X’s security feature and unlocked the phone. Although the materials used in the mask are worth only $150, the process of getting to the point of fooling the phone was more complicated. The researchers had to adjust features on the mask, such as adding shadows to the nose to make it look more realistic, although the mask itself (pictured) only displayed certain facial features.
The researchers also noted that designing a mask to fool Face ID requires an in-depth knowledge of how Apple’s face-scanning software works and what the weak points in the system are. That’s not easily achieved by the average person, but it certainly could be designed by security professionals in both public and private enterprises.
“With Face IDs being beaten by our mask, FBI, CIA, country leaders, leaders of major corporations, etc. are the ones that need to know about the issue, because their devices are worth illegal unlock attempts,” the researchers said in a blog post over the weekend. “Exploitation is difficult for normal users, but simple for professional ones.”
Others are somewhat skeptical about BKAV’s claim. Forbes, among others, pointed out that the proof-of-concept video leaves out the enrollment process for the true face, meaning that the researchers may have enrolled the mask itself. Alternatively, they may have added features from the mask to the scanned face that could have confused Face ID into giving the mask approval.
Skepticism is healthy, however, and it would seem that the company has not released sufficient information that covers every step of the process they used, meaning there’s every reason to question Apple’s claims.
Apple has not commented on the Face ID hacking claim. The potential hacking of Face ID comes less than a week after it was revealed that the iPhone X becomes “unresponsive” in cold weather. Apple at the time promised to release a software fix for what seemed to be a hardware issue, but not much has been heard since that point.
Image: BKAV
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
