Comments on: Fake security – Laptop fingerprint scanner

By: Charles

Charles — Sun, 06 Dec 2009 00:18:34 +0000

One issue with your claim is that not all readers use reflective images. Biometric readers also use ultrasonic transmissions and read them back based on the density of your skin. The frequency is actually designed for skins reception and transmission. This being said, simply creating a gelled fingerprint that you stick on your own finger and swipe would not work because the ultrasound would read right through it. and still read your own print.

By: Michael Lind Mortensen

Michael Lind Mortensen — Thu, 13 Aug 2009 09:29:37 +0000

Well it’s not so much the whole “chopping” technique for gaining access I’m worried about It’s more that whenever you use a laptop, you’re placing an abundance of prints all over the place. Since your fingerprint is essentially the equivalent of your password, we can compare it to this in regards to security. A fingerprint can not be changed! At all! So if it’s stolen, you’re basically fucked! Passwords on the other hand, can be changed if stolen. Also, a fingerprint can easily be lifted off of a laptop, so in regards to security, it’s essentially the same as placing a post-it with your password on the screen!
Obviously I do see the benefits of being able to log in fast and being able to get rid of a screensaver fast – however there are much better solutions that provide this. One is radio-transmitter keys of varying sorts, so that you hold this small device as part of your normal everyday keychain. You can then lock your laptop and go to lunch. When you get back, you simply go over towards your laptop, and when you’re within a few feet of the laptop, it’ll simply unlock itself because it creates a connection to your key and uses it for authentication. This gives waay better security than fingerprints. Especially because it’s possible to change the key if stolen! There’s a general rule of thumb in information security: “For each secret parameter in your system, the longer you hold it constant, the higher likelihood your system will be compromised.” Biometrics in general breaks this rule of thumb, making it inherently flawed.

By: Ziv

Ziv — Tue, 11 Aug 2009 07:48:13 +0000

Well – you said it yourself don’t build the security door stronger than it’s surroundings…
It all depends on what you are protecting. If your laptop contains the launching codes of the US nuclear missiles, there would be someone that would go through the trouble of cloning you fingerprint or even chop your finger to gain access. But normal users like myself, which I would like to keep peeping tom out of my personal corresponding, but I do not wish to re type my 8 letters password every time the screen saver flies on – fingerprint scanner is just a great way.

By: Paul Walmsley

Paul Walmsley — Mon, 10 Aug 2009 00:15:21 +0000

Don’t you think you’ve allowed your imagination to run amock here? Admittedly, biometrics for a high security building wouldn’t be enough (on their own), and they’d need to use Iris recognition etc to make that more secure, but this is laptop security we’re talking about. If somebody wanted access to my laptop so badly that they were prepared to hold a gun to my head, kill me, and chop off my finger, then the last thing I’d care about is my online bank details. For me, as a consumer and a method of easily and quickly logging onto a computer, knowing that nobody else can access my profile without my fingerprint, it’s perfect. I don’t need to type a username, or have another password to remember, I can just swipe. For secretive data, then quite simply it shouldn’t be and isn’t usually stored on a laptop – it should be and usually is stored on desktop PCs in a secure building with 24 hour security if it’s so important that somebody would kill for it.

I understand your point, but really…? Stop ranting for the sake of it.