Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Fingerprint Reader Security Risk?

  • 30-05-2007 02:24AM
    #1
    [Deleted User]
    Posts: 0 CMod ✭✭✭✭


    Lots of laptops are now produced with fingerprint readers in lieu of passwords. What's the risk that a hacker/cracker could somehow use a modified RAT (or whatever programme) to capture the fingerprint and then use it to access the administrator of your laptop when online?

    Second question. If using Vista Ultimate with a fingerprint reader activated, is there a way to also require a password (in addition as an added measure of security) after using the finger and before opening the administrator?


Comments

  • #2
    Capt'n Midnight
    Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 96,130 Mod ✭✭✭✭Capt'n Midnight


    just use superglue fumes to get the finger print

    or a clear plastic bag filled with water


  • #3
    [Deleted User]
    Posts: 0 CMod ✭✭✭✭ [Deleted User]


    *Humour noted*

    I guess nobody knows?


  • #4
    ecksor
    Moderators, Social & Fun Moderators Posts: 10,501 Mod ✭✭✭✭ecksor


    My understanding is that a small sample of the fingerprint is used, but then hashed for checking against a database for the purposes of authentication, so there's no significant risk of reverse engineering a fingerprint. However, I'm not quite sure if that's what you're asking.


  • #5
    [Deleted User]
    Posts: 0 CMod ✭✭✭✭ [Deleted User]


    OK, I'll try to reword my question...

    Most users of rigs equipped with a fingerprint reader use it to open the administrator account, taking the place of a password. If someone is trying to hack someone else's rig, can they install software similar to a keylogger (except one that captures the fingerprint image rather than characters) and gain access to the administrator account? Is this a real security risk?


  • #6
    Cake Fiend
    Registered Users, Registered Users 2 Posts: 5,333 ✭✭✭Cake Fiend


    Depending on the fingerprint scanner used, you might be more at risk from someone hacking a "rig" like this with a photocopy of a fingerprint. Seriously - several of the low-end types are fooled by this method (or similar). I seem to recall seeing a mythbusters episode on it?


  • Advertisement
  • #7
    koloughlin
    Closed Accounts Posts: 97 ✭✭koloughlin


    I like the idea of using gummy bears to defeat the security :Dhttp://www.theregister.co.uk/2002/05/16/gummi_bears_defeat_fingerprint_sensors/


  • #8
    [Deleted User]
    Posts: 0 CMod ✭✭✭✭ [Deleted User]


    Cake Fiend wrote:
    Depending on the fingerprint scanner used, you might be more at risk from someone hacking a "rig" like this with a photocopy of a fingerprint. Seriously - several of the low-end types are fooled by this method (or similar). I seem to recall seeing a mythbusters episode on it?
    Methinks that this would work if you could physically access the rig with your photocopy. A techie at CompUSA had tried it and said it worked. What I was wondering was if it could be done remotely and electronically?


  • #9
    dubdvd
    Registered Users, Registered Users 2 Posts: 1,557 ✭✭✭dubdvd


    have a read through this


    https://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-Kiviharju/bh-eu-06-kiviarju.pdf

    http://www.reactivated.net/weblog/archives/2006/01/breaking-encryption-the-easy-way/

    http://www.reactivated.net/weblog/archives/2006/02/more-fun-with-fingerprints/


  • #10
    H3LLg0d
    Closed Accounts Posts: 104 ✭✭H3LLg0d


    I seem to recall seeing a mythbusters episode on it?

    me too:D

    dam must use my free time better;)


Advertisement