Tech Friday with Dave Hatter


  • 3D-printed fingerprint used to unlock Samsung phone:
  • Biometric authentication is generally considered more secure that other forms of authentication such as a password
  • A security researcher named "Darkshark"just demonstrated that using a fingerprint may not be as secure as previously thought
  • A video recently posted on the Imgur site shows that a 3D printed fingerprint can defeat the biometric authentication on the Galaxy S10
  • Most all of the Galaxy S10 phones feature a fingerprint reader thatuses ultrasonic technology to bounce sound waves off the user’s finger creating an image of the fingerprint
  • A smartphone was used to take a photo of a fingerprint on a wine glass
  • The image was enhanced and the 3DS Max 3D modeling software was used to make a 3D model
  • An Anycubic Photon resin-based 3D printer ($500) was used to reproduce the print in about 13 minutes
  • While this technique only works with certain types of finger print sensors, Darkshark wrote: "Most banking apps only require fingerprint authentication so I could have all of your info and spend your money in less than 15 minutes if your phone is secured by fingerprint alone."
  • This illustrates that one factor authentication is not enough and you should use multi-factor authentication whenever possible
  • Cybersecurity consultant finds hidden digital camera in his Airbnb:
  • A security consultant on vacation used some cybersecurity techniques to find a hidden spycam in an his family's Airbnb
  • The camera was hidden in a smoke alarm
  • The family only discovered the camera because the father scanned the Wi-Fi network. This proves that just because you're paranoid it doesn't mean they're not out to get you
  • The consultant called Airbnb which was less than helpful
  • He then called the owner who initially hung up on him
  • The owner eventually called back and said that the camera found was the only one, but refused to say if he was recording the livestream or capturing audio
  • According to Airbnb's rules, undisclosed electronic surveillance is forbidden. And it's completely banned in "private" spaces, such as bedrooms and bathrooms, even when disclosed
  • Airbnb only took action against the owner when the story hit the media
  • This is not exclusive to Airbnb. Seoul police arrested two people for setting up spycams to secretly film about 1,600 motel guests over the previous year
  • Here's a link that explains how to scan for hidden digital cameras:https://nakedsecurity.sophos.com/2017/12/04/smile-youre-on-hidden-webcam-airbnb-tv/
  • If you find one, be sure to take photos to document it, report it to the owner and call the police
  • Another study confirms that people choose terrible passwords:
  • Despite many well-publicized stories about people's data being breached, people are still not using strong passwords
  • The United Kingdom's National Cyber Security Centre (NCSC) released a list of the 100,000 most common passwords
  •  23.2 million users are still using "123456"
  • "qwerty" is another top choice with over 3.8 million people using it
  • Other commonly used passwords are things like a series of numbers, the same number being repeated several times or the name of a spouse, child or pet
  • Users should have a strong, unique password for each and every site
  • The length of the password is more important than the complexity
  • Also rather that a series of letters, numbers and symbols such as I10v355KRC!, users should use a long, easy to remember phrase with 3 or more words, for example, 55KRCIsTheBestRadioStationEver!
  • Security experts have determined that a password like Tr0ub4dor&3 could be cracked in as little as 3 days, while a password like "correct horse battery staple" written as one word would take 550 years
  • You can consider using a password manager app that will generate very strong password and store them in encrypted database