Apple Inc. (NASDAQ:AAPL)’s iPhone 5S isn’t even on store shelves yet, and already hackers are trying to determine if it has any vulnerabilities they can exploit. Mathew J. Schwartz of InformationWeek lists several areas on the handset hackers plan to try to exploit when it comes out.
Security of Apple’s iOS
When Apple Inc. (NASDAQ:AAPL) unveiled iOS 7 earlier this year at its Worldwide Developers’ Conference, one of the key features was better security. Hackers have noted that newer versions of the iPhone line, particularly those starting with the iPhone 4S and moving forward, are particularly secure—as long as they have been properly considered.
Security researchers say the newer iPhones, especially when they are powered off or have a complex passcode, are extremely difficult to hack. Earlier this year Apple Inc. (NASDAQ:AAPL) rolled out an update that was supposed to fix a key bug that enabled hackers to spy on users. Hackers will undoubtedly putting iOS 7 through every possible test to see if this bug has indeed been fixed and whether any new ones have been created.
Apple’s 64-bit upgrade
Security researchers also say that the 64-bit Apple used in the iPhone 5S will also come with some security issues. Some say that the switch could prevent jailbreakers from taking advantage of zero-day vulnerabilities. However, this may only be a short-term problem because the new chip will likely have new vulnerabilities.
The security of Apple’s fingerprint scanner
The key new feature of the iPhone 5S is the fingerprint scanner, and some hackers believe it might be possible to pull a user’s fingerprint off the device’s touchscreen and reuse it in some way to unlock the device. They’re calling this a “phish finger” attack. Hackers could potentially even attack the software which is used to turn the thumbprint into a digital image.
The newest fingerprint scanning technology is supposed to only work with an actual live finger with more than one skin layer, but hackers also say this can be faked.
Biometric security on the iPhone 5S
Hackers say they will also be interested in determining if they can access the biometric data that’s saved on the iPhone 5S. Apple Inc. (NASDAQ:AAPL) could have made it very difficult to gain direct access to this information, particularly with a specific area on the A7 chip known as the Secure Enclave. This area is meant to keep the fingerprint from being pulled of the processor or otherwise exported from the device.
However, some security researchers recommend that iPhone 5S users don’t start relying on TouchID until they have had plenty of time to go over the feature and make sure that it really is secure.
