Thursday, April 23, 2015

Vulnerability in Android allows to hackers to steal fingerprints

Weak protection of Android and focus on the most common hacker market mobile platform bearing fruit. Experts in the field of computer security FireEye discovered a dangerous breach of security, which is associated with biometric sensors Android-smartphone.

Experts Tao Wei and Zhang Yulang told about the vulnerability that exists including flagship phone Samsung. Despite the best efforts of the manufacturer to improve the safety, fingerprints owners Galaxy S6 and some other smart phones can become easy prey for criminals.
"Sometimes authentication through fingerprint can be more dangerous than using good old password" - experts FireEye. Bug exists in the fingerprint scan. The idea is that you created in the image of fingerprint phone before getting a "protected area" of the smartphone can be stolen by hackers. Attackers do not even need to break completely gadget.
Experts said that already tested several models of phones on Android. Security hole found in HTC One Max, Samsung Galaxy Note 4, Samsung Galaxy S5 and others. The current flagship Galaxy S6, is the most perfect smartphone Samsung, is also exposed to dangerous vulnerability.
Experts told the bug at the conference RSA, before which it warned of Samsung, but the latter did not issue the appropriate updates. Vulnerability is effective in devices with OS older than Android 5.0 Lollipop.
The iPhone fingerprint image is stored in a specially protected area of ​​the processor, and access to the data itself so long as no one could get. Hackers have the opportunity to cheat Touch ID and bypass the protection iPhone, but this will require a fingerprint or a photograph of him in high resolution.