Hackers offered cash, alcohol to crack iPhone fingerprint security

Written by Reuters | Boston | Updated: Sep 21 2013, 08:19am hrs
Even as the iPhone 5S was released on Friday, hackers were gearing up with a contest to crack the devices first-ever fingerprint scanner, a high-tech feature that Apple says makes users data more secure.

A micro venture capital firm joined a group of security researchers to offer more than $13,000 in cash along with bottles of booze, Bitcoin currency, books and other goodies to the first hacker who breaks the device in a contest promoted on the website istouchidhackedyet.com/.

Arturas Rosenbacher, founding partner of Chicagos IO Capital, which donated $10,000 to the hacking competition, said that the effort will bring together some of the hacking communitys smartest minds to help Apple identify bugs that it may have missed.

This is to fix a problem before it becomes a problem, he said. This will make things safer.

Meanwhile, Forbes.com reported that a 36-year-old soldier living in Spains Canary Islands, Jose Rodriguez, has already uncovered a security vulnerability affecting iOS 7, which Apple began distributing to existing iPhone and iPad customers on Wednesday. The publication said that it is possible to bypass the lock screen of those devices in seconds to access photos, email, Twitter and other applications. It included a video demonstration on its website and advice on how users could thwart the bypass technique: onforb.es/16IU6Y3

Apple spokeswoman Trudy Muller told Reuters that the company was preparing a fix that it would deliver as an update to iOS 7 when it was ready. Apple takes user security very seriously, she said.

Among those getting ready for the hacking contest is David Kennedy, a former US Marine Corps cyber-intelligence analyst who did two tours in Iraq and now runs his own consulting firm, TrustedSec.

I am just waiting to get my hands on it to figure out how to get around it first, the founder of the DerbyCon hacking conference told the Thomson Reuters Global Markets Forum this week. Ill be up all night trying.

Security experts worry about the implications of using the module to grant access to sensitive data on the phone and potentially enabling mobile purchases. The fingerprint scanner on the top-of-the-line iPhone lets users unlock their devices or make purchases on iTunes by simply pressing their finger on the home button. It has been hailed as a major step in popularising the use of biometrics in personal electronics.

Security engineer Charlie Miller, known in hacking circles for uncovering major bugs in the iPhone as well as circumventing security in Apples App Store, said it could take fewer than two weeks for Kennedy or some other smart hacker to get around the new lock. Once theyre in, they could gain access to the cornucopia of data typically stored on a users iPhone and might potentially be able to buy goods from iTunes and Apples App store. Miller declined to comment on the hacking contest or potential security vulnerabilities in the fingerprint reader.

Apple shouldnt take hackers enthusiasm personally.

All major electronics products are subjected to similar scrutiny as new features are rolled out, including devices from Google, Microsoft and Samsung Electronics.