NEW MAJOR ONEPLUS 6T FINGERPRINT SENSOR BUG FOUND!!

[Snieky]

Thanks for reading,

 

So me and my friend just figured out this bug and are trying to spread the word. People's security is in danger because of this software/ hardware flaw

 

(This is how we believe it works)

If you quickly swipe the fingerprint sensor while opening the camera on the lockscreen you can trip the sensor by thinking its reading a registerd fingerprint because of the illumination for the optical sensor. This causes you to be able to bypass it and get into the phone.

 

https://youtu.be/sxz3FXNobhw

[Fnige]

Ouch, I dont want my such unique fingers to be stolen

[straight_stewie]

2 minutes ago, Snieky said:

Me and my friend just figured out this bug and are trying to spread the word. People's security is in danger because of this software/ hardware flaw

Wow. If it's real that's a major flaw.

[XR6]

It's quite similar to those flaws the iPhone had a few years ago.

Still, it's quite good to know this now. Thanks for sharing the word  

[sazrocks]

1. Good job on responsible disclosure! /s

2. 

 

[Snieky]

1 minute ago, sazrocks said:

1. Good job on responsible disclosure! /s

2. 

 

Sorry, I am in quite a rush to get the word out, please dont close the thread!

[Noctus]

56 minutes ago, Snieky said:

Thanks for reading,

 

So me and my friend just figured out this bug and are trying to spread the word. People's security is in danger because of this software/ hardware flaw

 

(This is how we believe it works)

If you quickly swipe the fingerprint sensor while opening the camera on the lockscreen you can trip the sensor by thinking its reading a registerd fingerprint because of the illumination for the optical sensor. This causes you to be able to bypass it and get into the phone.

 

https://youtu.be/sxz3FXNobhw

That's quite the bug. Good find.

[S w a t s o n]

fuck responsible disclosure, oneplus gonna get bent over

[DocSwag]

Dang... I know someone with a 6T. The next time I see them I'll see if I can try it out.

1 hour ago, Snieky said:

Sorry, I am in quite a rush to get the word out, please dont close the thread!

It won't get locked, the mods will just move it to a different sub forum if they feel it's not following the guidelines and once you edit it to be fixed they'll move it back. I personally think your post is probably fine since videos are usually a bit unique in that you can't exactly quote text or anything

[Fnige]

Im sorry but

 

@leadeater

[S w a t s o n]

18 minutes ago, DocSwag said:

Dang... I know someone with a 6T. The next time I see them I'll see if I can try it out.

It won't get locked, the mods will just move it to a different sub forum if they feel it's not following the guidelines and once you edit it to be fixed they'll move it back. I personally think your post is probably fine since videos are usually a bit unique in that you can't exactly quote text or anything

This guy is the original source, his quote is his own word anyways.

[79wjd]

2 hours ago, 1kv said:

It's quite similar to those flaws the iPhone had a few years ago.

Still, it's quite good to know this now. Thanks for sharing the word  

Was there actually a bug with the iPhone's touch ID, The one I recall wasnt actually a bug but rather touch ID accurately detecting the finger and unlocking and someone quickly opening the camera to make it seem like an exploit. (And is the same thing happening here? I haven't watched the video)

[XR6]

1 hour ago, 79wjd said:

Was there actually a bug with the iPhone's touch ID, The one I recall wasnt actually a bug but rather touch ID accurately detecting the finger and unlocking and someone quickly opening the camera to make it seem like an exploit. (And is the same thing happening here? I haven't watched the video)

I don't think it was a bug with the touch ID itself. I believe it was something like you'd open camera, take a photo, select 'share the photo using iMessage' or whatever and it'd let you in. It isn't anything to do with physical hardware like it is here, but it does utilise the camera app, which is why I suggested it was similar.

[79wjd]

23 minutes ago, 1kv said:

I don't think it was a bug with the touch ID itself. I believe it was something like you'd open camera, take a photo, select 'share the photo using iMessage' or whatever and it'd let you in. It isn't anything to do with physical hardware like it is here, but it does utilise the camera app, which is why I suggested it was similar.

I meant that the 'bug' didn't actually exist at all (unless there is another that I don't remember), but rather was just sleight of hand with the camera to fool viewers -- e.g. the person would actually unlock the phone, but switch to the camera to make it seem like there was an exploit to bypass Touch ID, when in reality, TouchID had authenticated correctly and the phone was already unlocked (correctly), but because of how things played out on film, it appeared as though TouchID was tricked by going through the camera app.

[XR6]

1 minute ago, 79wjd said:

I meant that the 'bug' didn't actually exist at all (unless there is another that I don't remember), but rather was just sleight of hand with the camera to fool viewers -- e.g. the person would actually unlock the phone, but switch to the camera to make it seem like there was an exploit to bypass Touch ID, when in reality, TouchID had authenticated correctly and the phone was already unlocked (correctly), but because of how things played out on film, it appeared as though TouchID was tricked by going through the camera app.

Ohh, I see.. Sounds interesting.

Guess I might've got bamboozled then lol

[S w a t s o n]

I see this was moved to general discussion but why is this not news? The rule says 

Quote

Your thread must include a link to at least one reputable source. Most of the time, this should be a respected news site.

but if this guy found this and doesn't work for a news site he can't report it as news?

Breaking fingerprint is pretty bad for security in general