First iPhone Fingerprint Reader Hacker Could Win Cash, Booze
People on Twitter claim the new fingerprint reader on the iPhone 5s will be hacked within days, but security experts are offering them a challenge: If it's so easy, do it yourself and win more than $15,000.
Along the lines of doineedajacket.com and istherewhitesmoke.com, websites that answer only one yes-or-no question, chief executive officer of Errata Security Robert David Graham created istouchidhackedyet.com on Wednesday (Sept. 18).
As the URL suggests, the site exists to keep track of whether anyone has hacked the iPhone 5s' fingerprint scanner.
"It started with a conversation on Twitter," Graham told Tom's Guide. "Security experts are discussing the fact that Apple is not stupid, and that their fingerprint system is better than a lot of people give them credit for."
Graham and his colleagues noticed that Twitter was absolutely chock-a-block with armchair security experts. These men and women believed that anyone willing to lift fingerprints from a surface and reproduce the prints on a sufficiently pliable material could bypass the new iPhone's fingerprint-scanning authentication system.
Arturas Rosenbacher, a high-profile tech entrepreneur and developer in Chicago, offered $10,000 to the first person who could successfully hack the Touch ID system.
Soon, others, mostly information-security experts, followed suit with whatever they felt they could spare. Most offered $100 (or 100 euros), but some ponied up Bitcoins, expensive bottles of liquor and, in one instance, "a dirty sex book."
"It's about putting our money where our mouth is," Graham said. "Just do it and win the money. If you're claiming a theoretical approach will work, but you're not actually willing to do it and win the money, you're going to look like an idiot."
Graham himself put up $100, and is fully prepared to surrender it within the next few months. He expects someone will think of a totally unorthodox method that's never been tried before and wow the experts.
"It'll be some weird, off-the-wall, no-one-ever-thought-of, strange thing," he said.
There is, of course, a chance that a teenager will discover a way to hack the Touch ID, meaning that sending bottles of booze could land the well-meaning security experts in a lot of trouble.
When the time comes to pay, though, it'll be up to each individual expert to make good on his or her promise.
"This isn't really Kickstarter. This is more of a LOLstarter," Graham said, referring to the common Internet abbreviation for "laughing out loud." "I think 80 percent [of the experts] will make good."
Graham includes Rosenbacher and his generous $10,000 offer in the 80 percent.
There's even an off chance that the Touch ID could be hacked by using a body part aside from a finger entirely. After all, if the device can read a cat's paw, as one tech blogger has already proved, it could theoretically read an elbow or a toe.
"That's one plausible thing that might happen," Graham said.