In association with heise online

15 November 2011, 15:47

Android 4.0 face recognition flawed

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Android icon

The face recognition unlock feature in Google's Android 4.0 "Ice Cream Sandwich" mobile operating system has been bypassed by a simple photo trick. A blogger recently demonstrated how easy it was to unlock the device. He took a photo of himself using another phone and held it up to the front facing camera on the Samsung Galaxy Nexus, the first smartphone to run Android 4.0, which was then unlocked.

Last October, Koushik Dutta, a CyanogenMod developer who works on custom Android firmware, came to the same conclusion. He tweeted: "The face recognition unlock thing is really easily hackable. Show it a photo." Google Developer Advocate Tim Bray replied: "Nope. Give us some credit."


The Face Unlock feature in Android 4.0 is compromised using a picture on another smartphone

A Google spokesperson told CNET that the feature is considered to be experimental and offers little security. According to the news site, the user interface for the Face Unlock feature also warns users that it is less secure than using a pattern, PIN or password, even going as far as saying "Someone who looks similar to you could unlock your phone". It is unclear if Google will add "Or a photograph of you" to the warning.

See also:

(lcz)

Print Version | Send by email | Permalink: http://h-online.com/-1379290
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit