Skip Navigation
BlackBerry Blog

This Week in Security: That Time ENHANCE Actually Worked


The scene is all too familiar: a pivotal case against a suspected child predator is being analyzed by digital forensic experts, and it has all come down to a single grainy JPEG image. Cybersecurity experts and law enforcement officers pack a room filled with aerodynamically-crafted desks, custom-made quad-LCD screens and other futuristic gear, scanning the image for any clue that could blow the case wide open.

After a few tense moments, the team notices the tell-tale orange cylinder of a prescription bottle in the background of the image. The team becomes excited, shouts commands to the voice-recognition software. “Zoom,” they say, and the software snap-focuses on the prescription bottle. The software goes through cycles of Gaussian edge detection, and suddenly, the potato-camera image is replaced with an image whose details a $75,000 Hasselblad camera owner could only dream of capturing. A partial name and address is exposed, and agents begin scrambling to piece the new info together.

One agent points to the side of the now-crisp image, at the suspect’s hand. “Enhance,” he commands, and the image recognition software seemingly bends physics, logic, time, and space as it isolates the ridges of the suspect’s skin, revealing their fingerprints. In seconds, a fingerprint is extracted by the software and scanned into the CODIS database, exposing the perp and pulling up his home address. The team high-fives and celebrates yet another job well done.

Apparently, the Department of Homeland Security (DHS) made this scene actually happen. Whether or not futuristic office supplies were involved is still up for debate; however, the mad scientists and research engineers of DHS Science and Technology (S&T) have now developed new algorithms for analyzing low resolution digital images for crucial forensic data.

This software provides the team with new and unique ways to extract identifiable details from blurry, grainy, and otherwise hard to read images. The new technology, dubbed Photo DNA, utilizes edge-enhancing technology to separate noise from images as well as selectively extracting key points from photos. This ultimately reduces the physical and psychological burden put upon investigators and allows them to categorize and analyze over 500,000 images a week.

Cybersecurity experts and privacy advocates have long warned that with the current megapixel count in digital cameras increasing year over year, photographs that show people’s hands may soon give malicious individuals the ability to extract fingerprint data. Many fear that stolen fingerprint data could be used to extract data from locked mobile phones, or to potentially frame innocent individuals for crimes or other nefarious acts. However, the Department of Homeland Security’s case against Stephen Keating proves for the first time that this level of forensic data is now obtainable and reliable enough to be used in court to convict people of actual crimes.

With this level of forensic capability confirmed and the moody landscape of a dystopian 1984 lurking just around the corner, we wonder if new types of privacy and anti-surveillance fashion and makeup will kick in and we’ll finally have the kind of future we were promised by Blade Runner. We can’t help but wonder how soon social media websites will implement protection from fingerprint scanning by offering automatic finger detection and fingerprint scrubbing features.

Until then, the best practice for staying safe online is to avoid uploading close-up pictures where your hands and fingertips are clearly exposed… and try not to think about how the human ear is actually the largest uniquely identifiable source of biometrics on the human body.

Holy Cow, Even WiFi On Your Phone Isn’t Safe

When your OPSEC isn’t being betrayed by your WiFi, it may soon become the latest platform for malicious attackers to gain unfettered access to your mobile device.

The bright minds of Google’s vulnerability discovery team, Project Zero, have uncovered a series of vulnerabilities that could allow bad guys within WiFi range to send malformed wireless signals to Broadcom devices in order to compromise those devices. For those of you who are shrugging Broadcom off as some third-party company who is only in a few mobile devices, you are partially right – Broadcom just happens to be the main third-party WiFi provider for Samsung, Nexus, iPhone, and about 20 other devices.

Gal Beniamini first discovered the vulnerabilities, which are due to a series of logic flaws and overflows in the devices’ 802.11r Fast BSS Transition(FT), CCKM Fast and Secure Roaming, and Tunneled Direct Link Setup (TDLS) sub-protocols. These vulnerabilities can be exploited without user interaction and merely require WiFi to be enabled on the targeted devices in order to exploit. To make matters worse, the exploitation occurs on the WiFi chip itself, which, unlike modern operating systems, does not implement stack cookies, DEP, or any other modern defense-in-depth procedures to protect against exploitation.

Once an attacker has crafted an exploit designed for your device, you merely have to be sitting in a public area with your WiFi on and preferably not looking at your device (since a reboot is likely required to gain full access). It seems that standing in line at that Hipster coffee shop which sells those glorious triple-shot, half-sweet, non-fat, soy/almond/hemp-milk-mix caramel Macchiatos would be the ideal attack location. At this point, your mobile device’s fate can be summarized in the words of the recently late great Bill Paxton, “It’s Game Over, Man.”

Luckily, Apple has released a timely update covering the fix for their devices, with Samsung and Google and other manufacturer’s devices being patched as soon as possible. Beniamini has promised to divulge more details of the vulnerability in a follow-up blog series once security patches have been rolled out.

In the meantime, researchers and curious folk can look over the current timeline and all 3 bug fix request entries to get some idea of the massive scope that this vulnerability encompasses. 

The Cylance Research and Intelligence Team

About The Cylance Research and Intelligence Team

Exploring the boundaries of the information security field

The Cylance Research and Intelligence team explores the boundaries of the information security field identifying emerging threats and remaining at the forefront of attacks. With insights gained from these endeavors, Cylance stays ahead of the threats.