Navigation
Recherche
|
Lock-Screen Bypass Bug Quietly Patched In Handsets
samedi 17 novembre 2018, 11:00 , par Slashdot
secwatcher shares a report from Threatpost: A design flaw affecting all in-display fingerprint sensors -- that left over a half-dozen cellphone models vulnerable to a trivial lock-screen bypass attack -- has been quietly patched. The flaw was tied to a bug in the popular in-display fingerprint reader technology used for user authentication. In-display fingerprint reader technology is widely considered an up-and-coming feature to be used in a number of flagship model phones introduced in 2019 by top OEM phone makers, according to Tencent's Xuanwu Lab which is credited for first identifying the flaw earlier this year. Impacted are all phones tested in the first half of 2018 that had in-display fingerprint sensors. That includes current models of Huawei Technologies' Porsche Design Mate RS and Mate 20 Pro model phones. Researchers said that many more cellphone manufacturers are impacted by the issue. The most popular phone in the U.S. that is impacted by this vulnerability is the OnePlus 6T. '[A]ll an attacker needs to carry out the attack is an opaque reflective material such as aluminum foil,' reports Threatpost. 'By placing the reflective material over a residual fingerprint on the phone's display the capacitance fingerprint imaging mechanism can be tricked into authenticating a fingerprint.'
Read more of this story at Slashdot.
rss.slashdot.org/~r/Slashdot/slashdot/~3/gopTLrOLApU/lock-screen-bypass-bug-quietly-patched-in-hands
|
56 sources (32 en français)
Date Actuelle
jeu. 21 nov. - 21:55 CET
|