A German security firm claims a vulnerability in Touch ID and iCloud allows a hacker to access a locked device and potentially gain control over an owner’s Apple ID. This is one of several vulnerabilities associated with Apple’s new fingerprint sensor.
The hack is detailed by German security firm SRL, which explains the hack in the video below. Once the thief has an iPhone 5s, he can turn on airplane mode using Launch Center. This is critical as it will prevent the original owner from performing a remote wipe or otherwise locking down the device. The ensuing hack then hinges on a thief’s ability to lift a fingerprint from the stolen device. If the fingerprint is captured and printed at a high enough resolution, it can be used to spoof Apple’s Touch ID sensor.
With an unlocked phone in hand, the hacker can access all the email accounts on the device and potentially change the password on a variety of accounts, including the owners Apple ID. Thus far, experts claim all the described hacks are complex and should not be a concern to the average consumer. It’ll be interesting to see how these experts respond to this latest published hack.