During the Black Hat in Las Vegas, FireEye researchers showed new ways to steal fingerprints of Android users. Some equipment from Samsung, HTC and Huawei are equipped with a print reader used to unlock the phone. Fingerprints are stored and there are many ways to attack a phone to steal.
Researchers from FireEye described four attacks, one of which, the fingerprint sensor spying attack, can even run large-scale, goes unnoticed, reports the ZDNet . This vulnerability arises because device manufacturers do not lock in full the sensor, using only the system privileges and not acting at the root level. Users who have made the root or jailbreak their devices will be more vulnerable to such attacks.
The fingerprints of users begin to be used as authentication on the phones and to validate payments, but it takes do not forget that they are also an important part of the identification of each person to immigration issues and also to criminal records. So if fall into the hands of criminals, can be used for various illegal purposes, not only related to technology.
For now, the iPhone, which pioneered these features, remains safe. Android manufacturers have already released several patches to update vulnerable equipment, after warning of researchers.
No comments:
Post a Comment