Thursday, January 3, 2019

Security Researcher Cancels Public Talk on Hacking Face ID After Employer Calls it 'Misleading'

http://bit.ly/2zGp1KU

Chinese security researcher Wish Wu was set to give a talk on hacking Face ID at the Black Hat Asia hacking conference in Singapore in March 2019, but at the request of his employer, he's canceled the talk, reports Reuters.

His presentation, called "Bypass Strong Face ID: Everyone Can Deceive Depth and IR Camera and Algorithms," supposedly offered details on a way to get past Face ID on the iPhone X "under certain conditions."


Curiously, the Wu says that his hack did not work on the iPhone XS and XS Max. Given that the three smartphones use the same Face ID system, it's not entirely clear why a bypass method that works on the iPhone X wouldn't also work on Apple's newer devices.

According to an abstract of the talk, Face ID was able to be hacked on the iPhone X with an image printed on a black and white printer and some tape.

Wu was asked by his employer, Ant Financial, to withdraw from the talk. Ant Financial is known for its Alipay mobile and online payments platform, which works with Face ID.
Wu told Reuters that he agreed with the decision to withdraw his talk, saying he was only able to reproduce hacks on iPhone X under certain conditions, but that it did not work with iPhone XS and XS Max.

"In order to ensure the credibility and maturity of the research results, we decided to cancel the speech," he told Reuters in a message on Twitter.
In a statement, Ant Financial told Reuters that the research on the Face ID verification mechanism is "incomplete" and would be "misleading" if it were to be presented at Black Hat Asia. Despite this, the Black Hat conference said Wu's talk was accepted in the first place because Wu "convinced its review board he could pull off the hack."

A Face ID bypass or hacking method would be major news, as the feature uses 3D facial recognition technology to prevent it from being fooled by photographs, masks, and other means.

As Reuters points out, there have been no reports of a successful Face ID hack that others have been able to replicate since Face ID was introduced in 2017. Vietnamese company Bkav posted a few videos of Face ID being bypassed with a well-made mask, but other researchers have not been able to duplicate those results.

Face ID is not infallible, however, and has issues with facial recognition with children and identical twins.

Tag: Face ID

This article, "Security Researcher Cancels Public Talk on Hacking Face ID After Employer Calls it 'Misleading'" first appeared on MacRumors.com

Discuss this article in our forums



from MacRumors: Mac News and Rumors - All Stories http://bit.ly/2SGcM7b

No comments:

Post a Comment

Leave your thoughts....