Researchers Develop Way to Unlock Smartphone With 2D Fingerprints
Today's topics include a university professor’s discovery of an alternative way for law enforcement to unlock smartphones, Google’s initiation of new customer-supplied cloud data encryption keys, IBM’s X-Force Red security team that was created with the goal of identifying vulnerabilities in enterprise IT systems and Instagram’s introduction of its new “Stories” feature to make it more competitive with Snapchat.
Back in February, as Apple and the Federal Bureau of Investigation wrangled over the locked iPhone used by mass killer Syed Farook, more than one online commenter suggested using the finger of the deceased Farook to unlock the phone.
That wouldn't have worked because the skin of living people is conductive and that's part of what makes biometric phone locks work.
So explained Anil Jain, a distinguished professor of computer science and engineering at Michigan State University, who, with doctoral student Sunpreet Arora and postdoctoral student Kai Cao, figured out how to unlock the Samsung Galaxy S6 of a different dead man, using his inky fingerprints from a previous arrest.
Jain and Cao used special conductive paper, a 3D printer and an image-enhancing algorithm to create a replica of the victim’s fingerprint that was able to successfully unlock the phone.
Google this week announced general availability of an option that lets customers of its cloud services use their own keys to encrypt sensitive data stored online.
Google first introduced its Customer-Supplied Encryption Keys for Compute Engine in beta form last year. The feature enables enterprises to protect their data using encryption keys that are not owned or managed by Google.
The company claims it will only require and hold customer keys temporarily to fulfill requests such as starting a virtual machine or attaching a disk. Currently, Google's cloud platform encrypts all customer data stored on its servers by default, without the customer having to do anything to initiate the process.
IBM this week announced the creation of X-Force Red, a new elite security testing team consisting of security experts and ethical hackers familiar with a variety of industries including health care, financial services, retail, manufacturing and the public sector.
The new team will conduct penetration tests to try to uncover security vulnerabilities for IBM clients. Charles Henderson, a penetration testing expert and security professional with more than 20 years of experience in the information security industry, is the team’s leader.
Henderson, who is Global Head of Security Testing and X-Force Red for IBM Security, said he has been working on putting the X-Force Red team together since October 2015. The team will focus its vulnerability testing on four primary areas—applications, networks, hardware and the human resources that make up an organization’s workforce.
Instagram, borrowing a move from the Snapchat playbook, will soon introduce Instagram Stories, it announced in an Aug. 1 service update. Stories will feature an unlimited number of photos, videos and drawn doodles to tell a story, which will disappear after 24 hours.
The Stories won't appear in a user's grid or feed. Snapchat has attracted users by being in large part ephemeral and thus low-pressure, while Instagram has become dominated by ever more professional-looking photos.
The pressure of posting high-quality photos has led to a reduction in user activity—or to the practice in many cases of just posting once a day.