Lock-Screen Bypass Bug Quietly Patched In Handsets

secwatcher shares a report from Threatpost: A design flaw affecting all in-display fingerprint sensors -- that left over a half-dozen cellphone models vulnerable to a trivial lock-screen bypass attack -- has been quietly patched. The flaw was tied to a bug in the popular in-display fingerprint reader technology used for user authentication. In-display fingerprint reader technology is widely considered an up-and-coming feature to be used in a number of flagship model phones introduced in 2019 by top OEM phone makers, according to Tencent's Xuanwu Lab which is credited for first identifying the flaw earlier this year. Impacted are all phones tested in the first half of 2018 that had in-display fingerprint sensors. That includes current models of Huawei Technologies' Porsche Design Mate RS and Mate 20 Pro model phones. Researchers said that many more cellphone manufacturers are impacted by the issue. The most popular phone in the U.S. that is impacted by this vulnerability is the OnePlus 6T. "[A]ll an attacker needs to carry out the attack is an opaque reflective material such as aluminum foil," reports Threatpost. "By placing the reflective material over a residual fingerprint on the phone's display the capacitance fingerprint imaging mechanism can be tricked into authenticating a fingerprint."

Fingerprints

[mentil]

So you're telling me that the fingerprint reader can... read a fingerprint? Le gasp!
Also, using aluminum foil to make electronics LESS secure? That's more heretical than using the Pythagorean formula to prove the existence of irrational numbers.

Re:ummm no

[Anonymous Coward]

Yes, your phone should send a code via txt msg that needs to be typed in before it can unlock. Oh, wait...

Re:

[luvirini]

Indeed.

It is a very common and well known problem. The traditional method for many finger print readers was to blow gently on it so that the heat sensor thinks there is a finger and reads the greasy residual fingerprint.

Re:

[olsmeister]

It's trivially easy to pop out someone's eye after you neutralize them and use it to get you into the secure enemy facility

Re:

[burtosis]

Yeah, but severed fingers and eyeballs tend to shrink after a while and carrying a flask of formalin around is very stinky and messy.

Sounds like a market need isn't being met. Let's get a kickstarter going, there is real money to be made here.

Interim workarounds

[Dan East]

That's a lot better than the interim workaround they sent out, which was to never eat sticky honey buns before unlocking your phone.

I did think the fix of sending out cell phone cases with a wet wipe dispenser built into the back was clever. But then what do you do with the dirty wipes? That was starting cause litter problems.

Another recommendation to lick off the touch sensor area of the screen regularly was highly effective, but it increased the chance of catching the flu by 37%.

I'll stick with the REAR fingerprint sensor

[p51d007]

Thank you.

A description of the actual bug

[najajomo]

“By placing the reflective material over a residual fingerprint [threatpost.com] on the phone’s display the capacitance fingerprint imaging mechanism can be tricked into authenticating a fingerprint.”