samsung_galaxy_s5

Samsung

Security


U.S. Sen. Al Franken is raising questions about the security of Samsung’s Galaxy S5 smartphone in the wake of reports that its fingerprint scanner has been hacked.

In a letter to the South Korean electronics giant, the Minnesota Democrat expressed concern about the apparent security vulnerability and Samsung’s use of fingerprint technology beyond granting access to the device — such as sending money through PayPal.

“I am concerned by reports that Samsung’s fingerprint scanner may not be as secure as it may seem — and those security gaps might create broader security problems on the S5 smartphone,” Franken wrote. “I am writing to request information on how Samsung is addressing these and other privacy questions.”

Researchers in Germany demonstrated how to hack the Galaxy S5 using a rubber mold made from latent fingerprints lifted off the phone’s screen. They posted a YouTube video demonstrating the security flaw.

Apple’s Touch ID technology was similarly hacked, Franken noted in his letter. But unlike the competitor’s product, Samsung allows for unlimited attempts to access the device without requiring a password and permits the broad use of the fingerprint scanner to access apps. This, he notes, invites abuse by “bad actors.”

Franken posed more than a dozen questions to Samsung, inquiring how it secured the fingerprints, whether such data could be accessed remotely and how third-party applications interact with this biometric information. He also asked whether Samsung could assure its users that it would never share their fingerprints with any government, absent the proper legal authority and process, such as a warrant.

“I’m not trying to discourage adoption of fingerprint technology for consumer mobile devices,” Franken wrote. “Rather, my goal is to urge companies to deploy this technology in the most secure manner reasonable — and create a public record around how companies are treating sensitive biometric information.”

Samsung declined a request for comment.




3 comments
jmmx
jmmx

I think there may be other issues for Samsung, but this one is a bit silly.


True, it can be done, but if you watch the videos you need a pristine finger print to start with. On the 5s they started with a perfectly clean screen, and then carefully pressed the finger firmly and squarely onto the screen, being sure to get a complete print. I cannot imagine anyone getting something like this off your smartphone - perhaps off a glass in a setup situation.


So - if you travel around with state secrets on your smartphone, perhaps this is not a safe idea to use the fingerprint system. If you have an insanely jealous/curious spouse - again - don't count on it. If you are a criminal, again not a great idea.


If none of the above applies, I don't think one has much to worry about. The effort required to get a the print is well beyond a normal security level.

thirteenburn
thirteenburn

This asshat is so transparent. Where was he when Apple first came out with their version, that we already know has been hacked, if for nothing else than to prove it was possible?


Oh right... Apple is chock full of uber-leftist, fund raising/donating Democrat Party members, so you know... 

gkpm
gkpm

What are you talking about?

Sen Al Franken wrote a similar letter to Apple as soon as the iPhone 5S came out.

Apple replied, hence his comments about how Apple handles security.

Hopefully Samsung will do to.

Follow

Get every new post delivered to your Inbox.

Join 301,260 other followers