Video shows Face Unlock on Galaxy Nexus tricked by photo

Video shows Face Unlock on Galaxy Nexus tricked by photo
Ever since the announcement of Face Unlock as part of Android 4.0 Ice Cream Sandwich (even with the trouble getting it to work at the announcement demo,) people have wondered if it would be possible to trick the system using a photo of the person. The rumor was originally dispelled by Tim Bray, an Android Developer Advocate, who claimed that the system couldn't be hacked with a photo. Now, there's video that may show the hack in full effect. 

A reporter from SoyaCincau has posted video showing Face Unlock being gamed by a photo of himself on a Galaxy Note. The reporter does note that Google has warned that Face Unlock is not as secure as a regular pin or password, and that a "similar looking person" could unlock your device, but Google has said that using a picture would not work. The video shows the reporter unlocking the Galaxy Nexus three times using the photo on the Note. 

There is a bit of skepticism around the video, because the reporter says that he programmed the Nexus to "recognize his picture". The reporter chalked that up to misspeaking, and added a link to the original video when he set up Face Unlock using his actual face. Still, it seems that Face Unlock is not as secure as some would have hoped, and if Google is admitting as much, that may mean the Android team is already working on ways to update the feature and make it more secure. We'll have to see on that though. 


FEATURED VIDEO

34 Comments

1. iwebdroidberry7

Posts: 230; Member since: Jan 17, 2011

Revolutionary....way to get your phone broken in to.

4. protozeloz

Posts: 5396; Member since: Sep 16, 2010

Like we haven't seen others *rolleyes *

14. iamcc

Posts: 1319; Member since: Oct 07, 2011

Yeah for sure. "Excuse me sir, will you stand perfectly still and face this camera so I can take a picture of you to use to break into your phone?" "Of course, I would love to stand perfectly still for 2-4 seconds so you can take that picture." "Awesome, thanks. Now... can you leave your phone around so I can use my phone and this picture I just took of your face to break in?" "Of course!" "Yay!"

16. nimo

Posts: 72; Member since: Jun 11, 2010

Why would they need to stand still for a photo, you could just use one off their facebook or something

19. iamcc

Posts: 1319; Member since: Oct 07, 2011

Yeah, because that's a whole lot easier... my point is that it's not like the average person who wants to break into your phone is going to have access to a close up facial picture of you.

30. Ivan6479

Posts: 250; Member since: Jun 26, 2011

Your right the average person won't have access to this, but for those of us that have women in our lives that like to snoop around, this is an easy way for them to get at our private lives.

20. roscuthiii

Posts: 2383; Member since: Jul 18, 2010

If you find the phone on the street, or perhaps in a bar... how in the world are you going to use their Facebook? Do you even know their name to look them up? Do you even know if that's the social networking site they belong to?. And anyone that has direct contact with you and/or knows you that wants to break into your phone probably has the access/info to break into more then just your phone already.

26. E.N.

Posts: 2610; Member since: Jan 25, 2009

You're definitely right. Strangers won't be able to get into your phones, but your friends and family will. Easily too.

2. protozeloz

Posts: 5396; Member since: Sep 16, 2010

Ha! I guess its just gonna be a fancy trick :) still think the best method was the fingerprint Reader on the atrix

24. choupino

Posts: 69; Member since: May 28, 2011

I agree. I have the Motorola Atrix and the fingerprint scanner works FLAWLESSLY. I have never had an issue with it. I can unlock my device while driving without looking at it. There is also a great Android App I use called Gotya, that uses the front facing camera on your smartphone to secretly take a snapshot of someone that unsuccessfully tries to access your device and emails the picture, time and GPS coordinates of that failed access attempt. I'll stick with my current security measures until the facial recognition guys get the kinks worked out of it.

3. Alantef

Posts: 288; Member since: Sep 14, 2011

is this gonna stop anyone from getting this phone....NO.....if someone wants to get into your phone that bad they will..... that's why you have apps like "Audio manager" doing so well (also known as hide it pro)

5. protozeloz

Posts: 5396; Member since: Sep 16, 2010

Shhh that's our secret!

6. SuperEd

Posts: 132; Member since: Oct 18, 2011

lame...going to fail.

7. remixfa

Posts: 14605; Member since: Dec 19, 2008

lol. for the average person its secure. just dont get drunk n pass out or your friends could easily break into it.. lol. most people use the same number codes for everything so is 1 more secure than the other? maybe, but not by much for most. pattern lock.. ftw!

8. MichaelHeller

Posts: 2734; Member since: May 26, 2011

Of course a pattern unlock can often be easily gamed as well from the finger smudge left on the screen. Seems that biometrics are probably still the most secure. Come on, eyeball scanner!

9. protozeloz

Posts: 5396; Member since: Sep 16, 2010

HA! i dare you try that trick on my phone (anti glare screen protector) and the fingerprint scanner is much more awesome you have 10 different fingers to add more locks while only two eyes

17. Droid_X_Doug

Posts: 5993; Member since: Dec 22, 2010

And why couldn't an iris scan be tricked as well? The reason that iris scans can't be 'tricked' is there is usually an operator operating the scanner who confirms that a live body is being scanned.

22. remixfa

Posts: 14605; Member since: Dec 19, 2008

screw that, lets just go right for the DNA.. pin prick every time u wanna unlock your phone!! lol. actually.. that would suck. lol

11. beatsandmelody

Posts: 109; Member since: Nov 01, 2011

The password option is the most secure. Password > pin > pattern Also, what if someone snatches the phone from you then points it at your face as you try to get it back? lol

18. Droid_X_Doug

Posts: 5993; Member since: Dec 22, 2010

IMO password combined with device wipe after n failed attempts is the most secure. There are brute force password cracking applications that can hack passwords in minimal time.

23. remixfa

Posts: 14605; Member since: Dec 19, 2008

not really.. the vast majority of people use important dates like a childs birthday or an anniversary. People tend to put that info online so it doesnt take but a minute or 2 for a would be hacker to have a few viable codes ready to try.

27. Droid_X_Doug

Posts: 5993; Member since: Dec 22, 2010

Which is why you need to combine password with device wipe after n failed attempts. The fewer failed attempts before device wipe occurs, the more secure is the password.

28. remixfa

Posts: 14605; Member since: Dec 19, 2008

lol. a device wipe? that's a lil extreme. whatcha got hiding on your phone? :)

29. protozeloz

Posts: 5396; Member since: Sep 16, 2010

Not such a good idea, someone will type your pass wrong several times just to whipe your phone and being an ass

31. Droid_X_Doug

Posts: 5993; Member since: Dec 22, 2010

@remix - some people have Internet banking/brokerage/other financial data passwords on their handset. That kind of info getting into the wrong hands would kind of rain on the handset owner's parade.... :-) @protozeloz - services such as Lookout Premium backup everything that is on your handset. Restoring to the prior day's condition is pretty trivial. The only loss would be whatever was entered locally that didn't get backed up before the handset was messed with. Although if a handset owner were dumb enough to leave their handset unattended so that someone could mess with the password and wipe the handset, they deserve to experience the frustration of recovering their handset. Just have to experience it once, then priorities get re-ordered. :-) So far, wipe after n failed attempts seems to be the most secure model.

12. iKingTrust

Posts: 716; Member since: Jul 27, 2011

I crack pattern locks

15. iamcc

Posts: 1319; Member since: Oct 07, 2011

Can I have your autograph?

10. BReND0

Posts: 74; Member since: Dec 07, 2010

You people read into this stuff too much......... Heres a perfect point, for all you android fans out there ;) you can argue that the Samsung Galaxy Note and Nexus Cameras are SOO GOOD AND CLEAR, that the picture taken is like the real deal , lol take that iphone 4s..... just thought that was funny but yeah truly tho, unless the person who stole your phone off the bar, off a counter , in a spot you left it, honestly has photos of you , which i doubt, why would it matter.......... now if you are sneaking around, and ur girl or man finds it ...uh oh

13. Tmachaveli

Posts: 425; Member since: Apr 01, 2011

Google will having it working with no problem i have trust in them

21. CrazyEyes

Posts: 1; Member since: Nov 11, 2011

Could someone Face Unlock the release date already? Or is it password protected?

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.