Jump to content

Out of 110 tested phones, 42 were unlocked while using photos on face recognition

Bouzoo
1 hour ago, Bouzoo said:

Intelligent scan is iris/face recognition combo. 

So they just need to steal your head.

My Rig:

-i7 7700k @ 4.8 Ghz, delid

-ASRock Z270-ITX/ac mobo 

-16GB G.Skill Ripjaws V @ 3000Mhz

-RX 580 Sapphire Nitro+

-240 AIO, Celsius S24

-Crucial MX300 525GB, 2TB HDD

-Fractal Design Define Nano S

-650 80+ Gold semi modular from EVGA

-1080p 75Hz dell monitor

Link to comment
Share on other sites

Link to post
Share on other sites

I always said fingerprints are a bad idea. You're literally leaving keys to unlock on a device itself! But ok, whatever, lets assume regular opportunistic crooks that might get your phone in their hands won't be able to do it. But face unlock, every idiot can dig your photo from somewhere and just point a phone at the screen.

Here I'll have to give praise to Apple for "overdoing" the feature and having actual 3D scanner for face unlock, meaning you actually need an actual face and not just flat image.

Link to comment
Share on other sites

Link to post
Share on other sites

9 minutes ago, peanuts104 said:

So they just need to steal your head.

Or your eyeball. Whatever works for you. 

The ability to google properly is a skill of its own. 

Link to comment
Share on other sites

Link to post
Share on other sites

4 minutes ago, RejZoR said:

I always said fingerprints are a bad idea. You're literally leaving keys to unlock on a device itself! But ok, whatever, lets assume regular opportunistic crooks that might get your phone in their hands won't be able to do it. But face unlock, every idiot can dig your photo from somewhere and just point a phone at the screen.

Just out of curiousity, if you don't want to use fingerprint or facial scanning what security method would you prefer? Codes, patterns or full passwords? I personally found fingerprint scanning to be secure and convenient.

2 minutes ago, Bouzoo said:

Or your eyeball. Whatever works for you. 

But isn't that specific to Iris Scanning technology? So Samsung where using that technology at some stage. Not all the phones tested in the original article used iris but rather facial.

Link to comment
Share on other sites

Link to post
Share on other sites

2 minutes ago, ZacoAttaco said:

But isn't that specific to Iris Scanning technology? So Samsung where using that technology at some stage. Not all the phones tested in the original article used iris but rather facial.

Yes, specific to Iris. I mean, I am sure it will work only with the eyeball, you just need to get proper light for it. We've gone dark man. 

The ability to google properly is a skill of its own. 

Link to comment
Share on other sites

Link to post
Share on other sites

2 hours ago, BuckGup said:

Not really shocking considering things that just use a camera don't know depth so a picture and a face are the same. Interesting that people flip out when they fool the iPhone with customized expensive handmade masks yet 42 other phones fail from just downloading a picture off facebook and holding it up

Double standards are a favorite among most people.  

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, Bouzoo said:

Yes, specific to Iris. I mean, I am sure it will work only with the eyeball, you just need to get proper light for it. We've gone dark man. 

Fair enough, ok if you can get me the eyeball then I'll try it. ?

Link to comment
Share on other sites

Link to post
Share on other sites

The funny thing is that most anyone who understands how face recognition works could see this coming.  You need hardware that recognizes presence to have truly secure recognition.  Anyone else is really just looking at the 2D image and saying "yep, close enough," which makes it trivial to fool them with a photo

 

The problem is that many Android vendors don't properly convey that.  They just advertise "unlock your phone with your face!" and don't tell you that it's not nearly as secure as what you find on iPhones and a few high-end Android phones.

Link to comment
Share on other sites

Link to post
Share on other sites

2 hours ago, peanuts104 said:

Until someone steals your thumb.

Better than them stealing your face. 

Link to comment
Share on other sites

Link to post
Share on other sites

50 minutes ago, ZacoAttaco said:

Uhh

 

Spoiler

Apple-Event-September-2017-Face-ID-008.thumb.jpg.c1cd937639c2262985af0fdd639bb99a.jpg

 

Wow thats actually kinda creepy lol.

I prefer using the fingerprint sensor, not sure why it has to be more complicated.

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, ZacoAttaco said:

Just out of curiousity, if you don't want to use fingerprint or facial scanning what security method would you prefer? Codes, patterns or full passwords? I personally found fingerprint scanning to be secure and convenient.

But isn't that specific to Iris Scanning technology? So Samsung where using that technology at some stage. Not all the phones tested in the original article used iris but rather facial.

PIN or pattern. Passwords are just too complex to be used for every unlock, makes it impractical. One way would be for all this "Ai" companies like to throw around to figure out whether it's a live snapshot or a static photo in a brief of a second. If it's too static, block login.

Link to comment
Share on other sites

Link to post
Share on other sites

Recently someone made claims to be able to beat the iPhone X (but not xr, xs) face recognition, and were to give a presentation on it at a conference in Singapore. Was cancelled after their employer said that it was premature and not fully tested yet.

 

Quote

China-based researcher Wish Wu was scheduled to present a talk entitled “Bypass Strong Face ID: Everyone Can Deceive Depth and IR Camera and Algorithms” at the Black Hat Asia hacking conference in Singapore in March. Wu told Reuters that his employer, Ant Financial, asked him to withdraw the talk from Black Hat, one of the largest and most prestigious organizers of hacking conferences.

Ant Financial’s Alipay payment system is compatible with facial recognition technologies including Face ID.

 

Quote

Wu told Reuters that he agreed with the decision to withdraw his talk, saying he was only able to reproduce hacks on iPhone X under certain conditions, but that it did not work with iPhone XS and XS Max.

“In order to ensure the credibility and maturity of the research results, we decided to cancel the speech,” he told Reuters in a message on Twitter.

https://www.reuters.com/article/us-apple-cyber-conference/cyber-researcher-pulls-public-talk-on-hacking-apples-face-id-idUSKCN1OX1TA

CPU: Intel i7 6700k  | Motherboard: Gigabyte Z170x Gaming 5 | RAM: 2x16GB 3000MHz Corsair Vengeance LPX | GPU: Gigabyte Aorus GTX 1080ti | PSU: Corsair RM750x (2018) | Case: BeQuiet SilentBase 800 | Cooler: Arctic Freezer 34 eSports | SSD: Samsung 970 Evo 500GB + Samsung 840 500GB + Crucial MX500 2TB | Monitor: Acer Predator XB271HU + Samsung BX2450

Link to comment
Share on other sites

Link to post
Share on other sites

I like how they tested the different storage options for each of the phones

5 hours ago, Bouzoo said:

neither do dutch for that matter

lol

Link to comment
Share on other sites

Link to post
Share on other sites

So it's either having something that's fooled by a photo or something that requires an intricately developed mask to fool. 

 

Yeah, I'd take the latter. I doubt any old thief would be so desperate to the point where they would have to mould a mask. 

The Workhorse (AMD-powered custom desktop)

CPU: AMD Ryzen 7 3700X | GPU: MSI X Trio GeForce RTX 2070S | RAM: XPG Spectrix D60G 32GB DDR4-3200 | Storage: 512GB XPG SX8200P + 2TB 7200RPM Seagate Barracuda Compute | OS: Microsoft Windows 10 Pro

 

The Portable Workstation (Apple MacBook Pro 16" 2021)

SoC: Apple M1 Max (8+2 core CPU w/ 32-core GPU) | RAM: 32GB unified LPDDR5 | Storage: 1TB PCIe Gen4 SSD | OS: macOS Monterey

 

The Communicator (Apple iPhone 13 Pro)

SoC: Apple A15 Bionic | RAM: 6GB LPDDR4X | Storage: 128GB internal w/ NVMe controller | Display: 6.1" 2532x1170 "Super Retina XDR" OLED with VRR at up to 120Hz | OS: iOS 15.1

Link to comment
Share on other sites

Link to post
Share on other sites

Tried on my own honor 10 and couldnt get it to unlock with quite a few pictures at various qualities which is good i guess.

cpu: intel i5 4670k @ 4.5ghz Ram: G skill ares 2x4gb 2166mhz cl10 Gpu: GTX 680 liquid cooled cpu cooler: Raijintek ereboss Mobo: gigabyte z87x ud5h psu: cm gx650 bronze Case: Zalman Z9 plus


Listen if you care.

Cpu: intel i7 4770k @ 4.2ghz Ram: G skill  ripjaws 2x4gb Gpu: nvidia gtx 970 cpu cooler: akasa venom voodoo Mobo: G1.Sniper Z6 Psu: XFX proseries 650w Case: Zalman H1

Link to comment
Share on other sites

Link to post
Share on other sites

18 hours ago, Bouzoo said:

This is why I honestly like Samsungs Intelligent scan. I still believe it is the most secure if you opt for biometrics.

Er, did you see your list? 5 out of 23 Samsungs failed the test. I'd rather not put my bet on those that passed either... To argue that it's the MOST secure won't make sense if I had to pitch this to my IT head.

Link to comment
Share on other sites

Link to post
Share on other sites

4 minutes ago, Tenelia said:

Er, did you see your list? 5 out of 23 Samsungs failed the test. I'd rather not put my bet on those that passed either... To argue that it's the MOST secure won't make sense if I had to pitch this to my IT head.

Correct me if I'm wrong but they were some of Samsungs' older and more budget orientated models. I think the newer flagship models have far superior biometrics.

Link to comment
Share on other sites

Link to post
Share on other sites

23 minutes ago, Tenelia said:

Er, did you see your list? 5 out of 23 Samsungs failed the test. I'd rather not put my bet on those that passed either... To argue that it's the MOST secure won't make sense if I had to pitch this to my IT head.

Iirc only flagships have intelligent scan and they passed, i.e. S9 and Note9. 

By that logic you can choose to not believe any phone even if they passed. It's like you expect same protection on a $300 and $800 phone. 

The ability to google properly is a skill of its own. 

Link to comment
Share on other sites

Link to post
Share on other sites

What about fingerprint recognition.?

 

Has anyone tested the phones which have that installed?.

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

3 minutes ago, IceCold008 said:

What about fingerprint recognition.?

 

Has anyone tested the phones which have that installed?.

 

 

I'd imagine it a bit more complicated to trick a fingerprint scanner as you would need a scan of the fingerprint itself (slightly harder than a picture of someone), and then you would probably need some form of high quality printer to print it on some kind of material that can transmit electrical signals and heat effectively enough to make it think there's a finger there.

 

Of course that's assuming the fingerprint scanner is competently done -- but I'd expect that to be more likely than a competent facial recognition system.

PSU Tier List | CoC

Gaming Build | FreeNAS Server

Spoiler

i5-4690k || Seidon 240m || GTX780 ACX || MSI Z97s SLI Plus || 8GB 2400mhz || 250GB 840 Evo || 1TB WD Blue || H440 (Black/Blue) || Windows 10 Pro || Dell P2414H & BenQ XL2411Z || Ducky Shine Mini || Logitech G502 Proteus Core

Spoiler

FreeNAS 9.3 - Stable || Xeon E3 1230v2 || Supermicro X9SCM-F || 32GB Crucial ECC DDR3 || 3x4TB WD Red (JBOD) || SYBA SI-PEX40064 sata controller || Corsair CX500m || NZXT Source 210.

Link to comment
Share on other sites

Link to post
Share on other sites

Yeah quite expected. Kinda lame when it's lt made properly but half assed just to say it has the feature. Though I wouldn't use it, fingerprint and just a regular pattern. 

| Ryzen 7 7800X3D | AM5 B650 Aorus Elite AX | G.Skill Trident Z5 Neo RGB DDR5 32GB 6000MHz C30 | Sapphire PULSE Radeon RX 7900 XTX | Samsung 990 PRO 1TB with heatsink | Arctic Liquid Freezer II 360 | Seasonic Focus GX-850 | Lian Li Lanccool III | Mousepad: Skypad 3.0 XL / Zowie GTF-X | Mouse: Zowie S1-C | Keyboard: Corsair K63 Cherry MX red | Beyerdynamic MMX 300 (2nd Gen) | Acer XV272U | OS: Windows 11 |

Link to comment
Share on other sites

Link to post
Share on other sites

Blackberry failing is really disappointing, they should reevaluate their marketing after this. Good to see the One Plus models passed, I might be getting one soon. Too bad they didn't test any Windows Phones, would have liked to see how the Lumia 950 and the HP Elite faired.

Link to comment
Share on other sites

Link to post
Share on other sites

I'm not surprised, because all these brands took a "let's just copy Apple" approach to making facial recognition.   I have a low opinion of these mid tier Android phones because they're all the same damn thing with a different logo on the front, and Mr. Chen don't know what the fuck he's doing.  Even on an Apple phone I'd rather have TouchID than FaceID.

Workstation:  13700k @ 5.5Ghz || Gigabyte Z790 Ultra || MSI Gaming Trio 4090 Shunt || TeamGroup DDR5-7800 @ 7000 || Corsair AX1500i@240V || whole-house loop.

LANRig/GuestGamingBox: 9900nonK || Gigabyte Z390 Master || ASUS TUF 3090 650W shunt || Corsair SF600 || CPU+GPU watercooled 280 rad pull only || whole-house loop.

Server Router (Untangle): 13600k @ Stock || ASRock Z690 ITX || All 10Gbe || 2x8GB 3200 || PicoPSU 150W 24pin + AX1200i on CPU|| whole-house loop

Server Compute/Storage: 10850K @ 5.1Ghz || Gigabyte Z490 Ultra || EVGA FTW3 3090 1000W || LSI 9280i-24 port || 4TB Samsung 860 Evo, 5x10TB Seagate Enterprise Raid 6, 4x8TB Seagate Archive Backup ||  whole-house loop.

Laptop: HP Elitebook 840 G8 (Intel 1185G7) + 3080Ti Thunderbolt Dock, Razer Blade Stealth 13" 2017 (Intel 8550U)

Link to comment
Share on other sites

Link to post
Share on other sites

If you need any help with translation, let me know

 

Ik spreek namelijk vloeiend Nederlands

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×