Samsung has invested millions in improving the security of its phones and informing its customers. They think all this money is enough to ward off the threat of a $ 2 silicone case. Apparently not.
$ 2 Phone Case Against Tech Mega Group
If there's ever a time to call a "red faced" tech conglomerate, it's probably now. In a brief statement released yesterday, Samsung acknowledged that the fingerprint sensors on the Galaxy S10, the Galaxy 10 Plus, the Galaxy S10 5G, the Galaxy Note 10 and the Galaxy Note 10 Plus can be bypassed with some clear cases and protective films ,
You do not need a 3D printer, high-resolution camera, latex shapes or any nonsense with a cloak and dagger. A dirt-cheap cell phone case is everything you need to unlock Samsung's flagship.
S10, 10 기종 기종 케이스 인식 해봤습니다 해봤습니다 해봤습니다 ….
갤럭시 10 시리즈 시리즈 사용자 당장 세요 1945 pic.twitter.com/tbmzErrmkP
– StaLight (@Sta_Light_) October 16, 2019
It's hard to to apologize for this massive breach of trust, and it's even harder to understand why Samsung has so far failed to apologize to customers. However, this embarrassing mishap is not so surprising.
Biometrics already provides poor security
In fact, fingerprints and other biometric authentication methods are flawed. You should not rely on them if you really care about mobile security. PINs and passwords are much safer – albeit less convenient – than authentication methods.
There are several reasons why an old-fashioned password is preferable to fingerprint readers, face scanners or retina / iris scanners.
It's easier to force someone to unlock their device with their fingerprint or face than normally reveal a password or PIN. It's much easier to get people to unlock their device – sometimes it's enough to put the device in front of them while they sleep (just ask the Google Pixel 4 reviewers).
Old-fashioned password is preferable Fingerprint scanner, facial or retina / iris scanner
There are also legal implications. In some countries, you can not be forced to enter a password for self-defense purposes, however, you may be required to touch a sensor or to look at your phone as you may be forced to give A DNA swab. The number of people who will ever encounter this problem is relatively small. However, there can be legitimate reasons why you do not want to give the authorities access to your device.
Then there is the problem of the numerous possibilities that sensors and scanners can offer to be hacked. Sometimes it requires expensive equipment and a determined attacker. In other cases, a picture of the owner or a simple silicone case is sufficient.
It could be argued that fingerprint and face scanners are good enough for 99% of users. Granted, most people will never have to worry about authorities scanning their messages or stealing dodgy fingerprints from their Facebook profile. It is also true that biometric sensors have improved the security for millions of users who otherwise would not bother to enter a PIN every time they unlock their phones.
How do you update your fingerprints or retina?
The stakes are getting higher. We now use our faces and fingerprints to unlock our bank accounts, authorize payments in stores, and gain access to password lockers such as LastPass. That means your digital identity for the time being. In a few years, Smartphones will be your identity both online and in real life.
Finally, passwords have another big advantage over biometric authentication methods: they are available. You can change your PIN or password at any time. But what happens if your immobile physical features are lost? How do I update my fingerprints or my retina?
If I'm concerned about my smartphone's safety, there are a few simple ways to protect myself:
- Choose a secure authentication method (PIN or password), but do not be lazy: The more characters you use, the safer.
- Avoid pattern blocking. They are easier to spy on and less secure than a good PIN or password.
- Disable features such as Smart Lock that keep the device unlocked in certain areas or when connected to a Bluetooth device.
- Familiarize yourself with the difference Between the different methods of unlocking faces, those that scan your face with laser or infrared are safer than those using the camera on the front.
- Turn on lockdown mode, which is available for Android Pie and above. This will allow you to quickly disable all unlock methods except the PIN or password.
- Familiarize yourself with the security features of your phone. Some devices offer options such as the ability to hide specific apps or content behind a given fingerprint.
- Buy equipment from reputable manufacturers that receive more frequent periodic security and system updates.
- In general, you should apply basic safety hygiene. The likelihood of being hacked remotely is far greater than the likelihood of someone gaining physical access to your device.
What is your preferred method of locking the phone?