Use your iPhone for biometric scanning

AOptix unveiled AOptix Stratus, the first comprehensive mobile identity solution “Made for iPhone” delivering iris, fingerprint, voice, and face recognition in a truly integrated solution.


The first mobile biometric product built with an open architecture, AOptix Stratus enables SI/VAR partners to develop applications meeting the specific requirements of their customers in a broad range of vertical markets, such as:

• Public safety and border management
• National and civil ID programs
• Humanitarian aid and disaster relief
• Defense
• Healthcare.

“The launch of AOptix Stratus provides a capability for Smart Mobile Identity around iPhone that will open up a new range of applications for biometrics,” said Dr. Peter Waggett, Emerging Technology Program Leader at IBM. “The product provides the basis for an ecosystem of Smart Mobile Identity products and apps that we will use to develop and deliver solutions.”

AOptix Stratus is the only mobile biometric device with iris and fingerprint recognition that is Made for iPhone. Employing familiar Apple iOS conventions, it is designed to be highly intuitive like the iPhone itself. Previous biometric identity systems have been difficult to use and bulky. AOptix Stratus resolves these issues, enabling the use of the product for many applications that cannot be addressed by traditional biometric systems.

The AOptix Stratus family includes AOptix Stratus MX, AOptix Stratus App for iOS and AOptix Stratus SDK. AOptix Stratus MX is a sleek, rugged hardware peripheral that houses an iPhone 4 / 4S and contains a fingerprint sensor and an advanced AOptix iris imaging system.

“Our objective in developing AOptix Stratus was to create a product family that would deliver the benefits of biometric identification to a host of new users,” said Chuck Yort, Vice President and General Manager of Identity Solutions at AOptix. “We’ve received a great deal interest from law enforcement and border control, national and civil ID programs, and defense. We anticipate AOptix Stratus will be embraced by healthcare, disaster relief, humanitarian aid and other areas where identity verification is essential but previous biometric techniques have been impossible or unacceptable. We’ve received strong encouragement from our partners and end users throughout our development and beta process and are delighted that the product is now available for purchase.”

Black Hat Europe: Hacking to spy & remotely control video conferencing systems

Thanks to video conferencing, we don’t always need to travel in order to conduct important business. But the reality of the situation is that an attacker can secretly conduct surveillance by taking control of the video conferencing camera and microphone. At Black Hat Europe, Moritz Jodeit presented “Hacking Video Conferencing Systems” [PDF] and demonstrated how to remotely compromise all variants of the popular Polycom HDX systems.

You might recall when Rapid7’s HD Moore alerted the public to the dangers of poorly configured video conferencing equipment being connected to the Internet. Moore highlighted the need to secure the configuration after showing that “thousands of videoconferencing systems were publicly accessible over the Internet and had the call auto-answer feature turned on." But Jodeit took it to an entirely new level and demonstrated how to remotely own the device.
Jodeit’s Black Hat presentation research [PDF] [slides] is divided into two main sections. First, he shows how to get root access to the Polycom HDX devices in order to find vulnerabilities and to develop exploits. He found vulnerabilities a malicious user might exploit such as by escalating privileges, a command injection when using the firmware update, a format string vulnerability, SQL injection, and a PUP file header MAC signature bypass. Then he explains how to remotely compromise the Polycom video conferencing system in its most secure configuration.