Connect with us

Research

Researchers break iPhone’s FaceID by putting modified glasses on unconscious people

Published

on

Security researchers have cracked Apple’s FaceID biometric system yet again. But there’s an unusual caveat to this trick: to successfully unlock an iPhone, the attackers first need to make sure the victim is out cold.

Tencent researchers demonstrated the exploit vector at Black Hat USA 2019, Threatpost reports. The attack involves putting a pair of modified glasses on the victim’s face. That, coupled with carefully placing a piece of tape over the glasses’ lenses, makes it possible to circumvent FaceID and log into a victim’s iPhone.

Of course, the exploit is fairly difficult to pull off considering the attackers would need to figure out how to put the glasses on a victim without waking them up.

The attack leverages a biometrics function called “liveness” detection, designed to tell apart “fake” versus “real” features on people. The system essentially monitors background noise, response distortion or focus blur.

“With the leakage of biometric data and the enhancement of AI fraud ability, liveness detection has become the Achilles’ heel of biometric authentication security as it is to verify if the biometric being captured is an actual measurement from the authorized live person who is present at the time of capture,” the researchers said during the presentation.

So why do you need glasses to pull off the attack? Well, it turns out FaceID scans eyes differently when people wear glasses.

“We found weak points in FaceID,” the researchers explain. “It allows users to unlock while wearing glasses […] if you are wearing glasses, it won’t extract 3D information from the eye area when it recognizes the glasses.” Using this trick, the researchers were able to unlock a victim’s phone and even transfer their funds through a mobile payment app.

Researchers have bypassed Apple’s FaceID to unlock iPhones in the past

This is hardly the first time researchers have cracked FaceID.

Back in 2017, a Vietnamese security firm released footage showing how an attacker could circumvent iPhone X’s facial recognition system with a cheap $150 mask.

Apple has previously bragged the chance of randomly unlocking FaceID is one in a million, but there are anecdotal reports suggesting family members might have a higher chance of bypassing facial recognition to unlock someone else’s iPhone.

If anything, Tencent‘s proof-of-concept goes on to show that even Apple’s security systems aren’t invincible.

Source: https://thenextweb.com/plugged/2019/08/09/apple-faceid-iphone-broken-biometric/

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Research

What if the Earth stopped orbiting the Sun?

Published

on

By

It’s a natural cycle: the Earth orbits the sun. But what if something catastrophic happened and we were knocked out of orbit?

Following is a transcript of the video.

Earth zooms around the sun at 110,000 kph, but what if it just…stopped? Well, for one thing, you’d have only a month to live. First off, if Earth stopped short, you’d actually die immediately because you’d fly off the planet and hurtle into space, just like you lurch forward in a car when a driver slams on the brakes. But if Earth slows down more gradually, you’d instead suffer a slower (but still horrific) death. That’s because the planet is about to get very, very hot. You see, the sun’s tremendous gravity pulls the Earth right toward it. Meanwhile, the planet is trying to whiz away in this direction. This tug of war keeps us in orbit. But if the Earth slows down and stops, the sun wins and yanks us toward our doom. In fact, a model from the University of Colorado shows us how long that terrible trip would take. Just two months. In the first week, you wouldn’t notice much of a change. The average global temperature would climb less than 1 degree Celsius and hover around 16 degrees for another week. But the closer we get, the stronger the sun’s pull and the faster we go. This causes the temperature to rise exponentially. By day 21, global temperatures will have jumped to 35 degrees. That’s hotter than an average day in the Sahara. And with desert heat comes desert droughts, sparking wildfires and killing crops. UV radiation from the sun is so strong, we’d get severe sunburn after just 15 minutes outdoors. At this point, our bodies also will have hit the upper limit of their heat tolerance. Any hotter, and heat stroke can set in, leading to exhaustion, delirium, or even a coma. And guess what? It gets hotter. By day 35, world temperatures will reach 48 degrees. That’s as hot as an average summer day in Death Valley, one of the hottest places on Earth. Most mammals, birds, and insects die as the proteins that make up their cells start to cook. Yes, even roaches can’t withstand this apocalypse. If we want to live, we need some indoor air-conditioning, stat. Except, the amount of energy you need to run millions of AC units at once would wipe out power grids around the world. So, with no way to keep cool, humanity dies. By day 41, the Earth has passed by Venus. We’re now the second planet from the sun, and temperatures have climbed to 66 degrees. But believe it or not, some creatures still cling to life. Like Thermus aquaticus, a bacteria that lives in Yellowstone’s hot geysers. But less than a week later, temperatures are hot enough to boil water and kill even that bacteria. By day 54, temperatures surpass 160 degrees, and the last remnant of life on Earth flickers out. Soon after, the barren planet crosses Mercury’s orbit. For its last week of existence, Earth is the first planet from the sun. Until day 65. The final day. By now, the sun’s extreme gravity stretches the planet into an oval shape, and magma begins to leak through the crust. At about noon, Earth tears apart, bleeding liquid rock as temperatures hit 3,800 degrees. Our planet is no more.

Source: https://www.pulse.ng/bi/tech/what-if-the-earth-stopped-orbiting-the-sun/9jcw4mt

Continue Reading

Research

Alexa, Siri, Google Assistant smart speakers – they’re all open to remote laser attacks

Published

on

By

Researchers have found that MEMS microphones are so sensitive they can interpret light as sound, allowing an attacker to shoot silent commands to voice assistants from afar. 

Since the bug is general to MEMS (microelectromechanical systems) microphones, the attack can work against all devices that use them, including Google Assistant, Amazon Alexa, Facebook Portal, and Apple Siri. 

Injecting voice-commands to smart speakers from a long range might not sound like a major threat, but devices from Google, Amazon, and Apple are shaping up to be a main hub for controlling gadgets in the smart home, including lights, smart locks, and garage doors. 

Amazon says that 85,000 smart home gadgets now integrate with Alexa, while Apple is trying to get more gadgets to work with its HomeKit system. 

Given smart gadgets’ central role, the MEMS mic vulnerability could allow an attacker to issue commands to do things like open a garage door, open doors protected by smart locks, or even unlock and start a Tesla that’s connected to a Google account. 

The laser study was conducted by researchers at the University of Electro-Communications in Tokyo and the University of Michigan, who detail their work in a new paper, ‘Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems’. 

“We show how an attacker can inject arbitrary audio signals to the target microphone by aiming an amplitude-modulated light at the microphone’s aperture,” they explain. 

“We then proceed to show how this effect leads to a remote voice-command injection attack on voice-controllable systems. Examining various products that use Amazon’s Alexa, Apple’s Siri, Facebook’s Portal, and Google Assistant, we show how to use light to obtain full control over these devices at distances up to 110 meters and from two separate buildings.”

The attack, dubbed LightCommands, works because the diaphragm in microphones converts sound into electrical signals. The research details how an attacker can use silent laser beams to cause vibrations in the diaphragm and then issue commands.

The researchers’ video shows how LightCommands work. Source: YouTube  

The key condition required for the attack is a line of sight to the device. The researchers only demonstrated the laser-based audio injection from 110 meters away because it was the longest hallway available to them. 

To accurately focus a laser on a target from that distance only required a commercially available telephoto lens, a tripod, and maybe a telescope to see the target device from a long distance. 

A key issue that could force OEMs to adapt threat models is that most voice-command systems lack proper user authentication because it’s assumed that users must be close to the device, which is typically shielded by walls, doors and windows. Light-based command injection may change the equation.

The attack is interesting because there’s no immediate and automated method of detecting whether someone is using a laser to commandeer a device with a MEMS microphone. Since there’s no sound involved, a user could monitor for light beams reflected on the device. 

And the researchers theorize that the attacker’s first step would be to set the device’s volume to zero to avoid detection. From there, the attacker could buy things on Amazon or Google, or worse, open the garage door. How vulnerable a house is to the attack depends on how many smart things are connected to it. 

Interestingly, the researchers found that Google Home and Amazon Alexa smart speakers block purchasing from unrecognized voices, but they do allow previously unheard voices to execute commands like unlocking connected smart locks. 

Voice-controlled systems such as smart speakers also open up the possibility for PIN eavesdropping, allowing a remote attacker to use a laser microphone to steal codes.           

The researchers describe several software and hardware mitigations that manufacturers can use to block laser command-injection attacks. For example, the voice-controlled system could ask the user a simple randomized question before executing a command. However, that solution could also annoy users. 

Alternatively, smart speakers typically use multiple microphones, meaning that if only one of them receives a signal, the command should be ignored. 

On the hardware side, manufacturers could also create a barrier that physically blocks laser beams, while allowing sound waves in. However a very determined attacker could boost the power of the laser and “burn through” any physical barriers.

Source: https://www.zdnet.com/article/alexa-siri-google-assistant-smart-speakers-theyre-all-open-to-remote-laser-attacks/

Continue Reading

Research

Apple AirPods Pro In-Depth Review: Snappy Design, Dazzling Sound

Published

on

By

Apple AirPods Pro were announced on Monday, October 28. I’ve been using the new true wireless in-ears since literally minutes after they were unveiled and testing them almost non-stop. Seriously, I’ve barely slept. 

AirPods have been one of Apple’s most successful products ever. Since the launch of the first pair in 2016, Apple has pretty consistently been scrambling to keep up with demand. Within three months of going on sale AirPods had become the number one wireless headphones worldwide and they soon went on to become the number one headphones, period. 

The new Pro model, in stores from Wednesday October 30, comes with a price hike – $249 compared to $159 for the entry-level AirPods, which continue to be on sale. The model with the wireless charging case costs $199, so this new version is still pricier than that, though the new case does come with wireless charging as standard at least. 

So, are they any good, are they worth it and which model should you buy?

Pro
Apple AIrPods Pro.DAVID PHELAN

The New Design Is Different, But Unmissably Apple

Gloss white plastic with metallic accents: that first impression could apply to any AirPods. But look more closely and you’ll see the new in-ears are very different, even if instantly recognizable as being designed by Apple. Today In: Innovation

The case is the same oblong with rounded corners, though this time it’s wider than it is tall rather than the other way around. 

The basic design is similar – a charging socket in the base and a hinged lid. Oh, and it charges via Lightning cable just as previous AirPods did. This time the cable in the box is Lightning to USB-C rather than to USB-A. 

The AirPods themselves have much shorter stems than before and are bigger up top, with a rounder earbud to nestle in your ear – it definitely feels like a snugger fit this time around. 

Although they are very slightly heavier than previous AirPods, they don’t feel heavy, not least because more of the unit sits in the ear.

The finish is slicker, smoother and more high- end, all gloss apart from one matte panel which is the touch-sensitive panel that we’ll come to shortly. 

model's own
The new style of the latest Apple earbuds. AirPods Pro: model’s own.SARAH M LEE

Some people have always felt AirPods look a bit weird when you’re wearing them. You’ll have to make your own mind up but I think these look pretty great, in or out of the ear.

left and right
Apple AirPods, left, AirPods Pro, right.DAVID PHELAN

The Fit is All-New

Instead of the one-shape-fits-all earbud on the AirPods, Apple has radically rethought things this time around. Now there are silicone earbuds designed to fit deeper into the ear and offer a complete seal against the outside world noise so it’s just you and your music. 

Flexible though the silicone tip is, it’s not versatile enough to fit everybody’s ears. So, along with the medium tips installed on the AirPods Pro, there are two more pairs, small and large, tucked away in the bottom of the AirPods Pro box. Just in case you’re not sure which is the perfect fit for you, Apple is ready to help. 

Tips
The Ear Tip Fit Test… only Apple.APPLE

Pairing AirPods Pro is the same incredibly easy process as before: open the charging case near to your iPhone and… well, that’s more or less it. Here, though, there’s an extra feature – the Ear Tip Fit Test. With the AirPods in your ears, it’ll play music, briefly. 

Inside the AirPods there’s a microphone facing inwards. As the music plays the microphone is listening and can tell from what it hears whether the seal is good enough or not. If it’s not, it’ll advise adjusting the position of the bud in the ear or trying one of the others. 

Incidentally, if you want to take the test again, simply go to Bluetooth and select AirPods Pro.

I did it a couple of times and it turns out my perfect fit is a small tip in the left ear, medium in the right. Well, nobody’s perfect.

Apple also points out that it has devised a simple but effective connection system which ensures the silicone tips stay in place perfectly until you want to remove one, in which case, I recommend a firm action. Be bold.

This system is also there so you don’t have to worry about an earbud getting stuck in your ear when you remove the AirPod Pro. The only time I had any issue was the one time I didn’t hear a satisfying click as I pushed the tip onto the earbud. Guess what? Next time I took the AirPod out of my ear, the tip stayed behind.

The noise-canceling is uncanny

The perfect seal is stage one in getting great audio. Stage two, and the tentpole feature of the new headphones, is active noise cancelation.

As well as the inward-facing microphone, there’s one listening to the outside world. It takes the sound it hears, and generates a sound that’s 180 degrees out of phase so the two sounds cancel each other out.

Sometimes this works well – think the stunning Bose 700 Headphones – and often not. 

Here, it’s nothing less than stunning. 

I tested the AirPods Pro on the London Tube, and though I still knew I was in an underground train, all kinds of noise were muted or at least reduced. Conversations around me which had previously been audible, if not actually interesting, faded away as if it were a dream-like special effect. Which, I suppose, it is.

unboxing
Unboxing Apple AirPods Pro.SARAH M LEE

In Full Transparency

For those situations where you want a balance of your music and the outside world, Apple has something it calls Transparency mode. With previous AirPods, to hear someone talking to you, you’d have to take one bud out of an ear, in itself a highly natural thing to do. When the sensors recognized you’d done that, the music would pause. 

All that still works, of course. But now, you can carry on listening as well as hearing what’s happening outside. That’s good if you’re walking down the street, for instance. Transparency mode means the microphone on the outside lets in the outside world which, by the way, includes your own voice which would otherwise sound muffled because of the AirPods in your ears. But it also plays the music at a lower level. 

This is a great feature and I’ve been using Transparency mode a lot. 

That touch-sensitive force panel

The little matte, flat area on each AirPod stalk is what Apple calls a capacitive force sensor. It’s there to help you navigate your music, for instance. On earlier AirPods, you’d tap the stalk firmly. But doing that now isn’t quite as pleasant, bouncing the spongy silicone tip into your ear. So, that sensor is the answer. Press once to answer a call or pause or play a track.  Press twice to skip forward, three times to go back.

Most useful of all, you can press and hold the sensor – I found this easiest by squeezing the stalk. When you do this, the AirPods toggle between noise-canceling and Transparency mode. 

So you know you’ve done it, a chime sounds. Actually, there are two chimes and the one that goes with switching to Transparency honestly has something more airy and open about it. 

You can also control the toggling from the iPhone by opening Control Center and long-pressing on the volume slider – noticing in passing that the volume slider has a tiny icon of the AirPods Pro on it. The slider will open to a new screen with three buttons at the bottom: noise-canceling, Transparency and Off.

naked
What an AirPod Pro looks like underneath.APPLE

Audio Quality is a Big Step Up

Compared to regular AirPods, the sound quality here is considerably improved, even with noise-canceling off. But, to be honest, you’ll want it on most of the time because it sounds amazing. 

I once asked a Sony executive what noise-canceling should sound like – because on some headphones it can have a heavy, oppressive feel, like you’ve just died, I imagine. The exec said it should sound like the silence in a concert hall between movements. Alive, in other words, and present. 

That’s certainly the case here. The Apple active noise-canceling has a warm, inviting tone to it. 

set up
Set-up is as easy as ever.SARAH M LEE

Battery life

Nothing new here. The new AirPods have the same battery life as the old ones. That’s five hours from the buds and another 19 hours of juice in the case. If you have noise-canceling or Transparency on, you can knock half an hour off the time. These are Apple’s figures but so far I’ve found they easily match this claim.

Is it worth $249?

The audio quality alone, I think, justifies the price. It’s on a par with the Sony WF-1000XM3 in-ears, which is just tremendous. Those earbuds are a little cheaper than these but they are a bit bulkier, a bit less attractive. Oh, and the Sony charging case is much bigger. 

With AirPods, you’re not just paying for the sound. Assuming you have an iPhone to pair it to, the simplicity with which the gadgets work together is a big part of the overall experience – the way the AirPods automatically switch from your iPhone to Mac when the same Apple ID is on both. It’s pretty cool. 

resist
New Apple AirPods Pro: hard to resistDAVID PHELAN

Verdict

You’ve probably spotted, I’m pretty smitten with these new earbuds. The look is great, the fit sublime and the audio quality, particularly with noise-canceling turned on, is pretty amazing. Apple is up against serious competition these days, from Sony, the new Amazon earbuds and an upcoming pair from Huawei. 

But AirPods Pro puts the company out in front, matching snappy design with great features, sublime operation and dazzling sound.

Source: https://www.forbes.com/sites/davidphelan/2019/10/29/apple-airpods-pro-in-depth-review-cute-design-dazzling-sound-great-fit-price-release-date/#3278e7d06999

Continue Reading
Advertisement

Trending

%d bloggers like this: