fingerprints – WindowsTechs.com

Breaking Laptop Fingerprint Sensors

Posted on November 29, 2023 by Bruce Schneier

Security researchers Jesse D’Aguanno and Timo Teräs write that, with varying degrees of reverse-engineering and using some external hardware, they were able to fool the Goodix fingerprint sensor in a Dell Inspiron 15, the Synaptic sensor in a Lenovo ThinkPad T14, and the ELAN sensor in one of Microsoft’s own Surface Pro Type Covers. These are just three laptop models from the wide universe of PCs, but one of these three companies usually does make the fingerprint sensor in every laptop we’ve reviewed in the last few years. It’s likely that most Windows PCs with fingerprint readers will be vulnerable to similar exploits…

Continue reading Breaking Laptop Fingerprint Sensors→

Brute-Forcing a Fingerprint Reader

Posted on May 30, 2023 by Bruce Schneier

It’s neither hard nor expensive:

Unlike password authentication, which requires a direct match between what is inputted and what’s stored in a database, fingerprint authentication determines a match using a reference threshold. As a result, a successful fingerprint brute-force attack requires only that an inputted image provides an acceptable approximation of an image in the fingerprint database. BrutePrint manipulates the false acceptance rate (FAR) to increase the threshold so fewer approximate images are accepted.

BrutePrint acts as an adversary in the middle between the fingerprint sensor and the trusted execution environment and exploits vulnerabilities that allow for unlimited guesses…

Continue reading Brute-Forcing a Fingerprint Reader→

Smashing Security podcast #229: Dating leaks, right to repair, and a stinky bishop

Posted on May 27, 2021 by Graham Cluley

A big cheese ends up in jail, a Japanese dating site spills the dirt after a hack, and we learn all about the right to repair.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security vet… Continue reading Smashing Security podcast #229: Dating leaks, right to repair, and a stinky bishop→

Pitney Bowes Ransomware Attack, Samsung Galaxy S10 Fingerprint Bypass, Top Technology Fears

Posted on October 21, 2019 by Tom Eston

You’re listening to the Shared Security Podcast, exploring the trust you put in people, apps, and technology…with your host, Tom Eston. In episode 91 for October 21st 2019: Pitney Bowes becomes the latest ransomware victim, what are the top… Continue reading Pitney Bowes Ransomware Attack, Samsung Galaxy S10 Fingerprint Bypass, Top Technology Fears→

More than a million people have their biometric data exposed in massive security breach

Posted on August 15, 2019 by Graham Cluley

A biometrics system used to secure more than 1.5 million locations around the world – including banks, police forces, and defence companies in the United States, UK, India, Japan, and the UAE – has suffered a major data breach, exposing a h… Continue reading More than a million people have their biometric data exposed in massive security breach→

Application News – Application Security Weekly #59

Posted on April 30, 2019 by Security Weekly Productions

In the Application Security News, Software update gums up fingerprints, a counterproductive security practice expires thanks to well-considered guidelines, Docker Hub breach response, a path to hacking Ruby Gems, 5 Security Challenges to API Protec… Continue reading Application News – Application Security Weekly #59→

Fingerprint glitch in passports swapped left and right hands

Posted on April 26, 2019 by Lisa Vaas

And just who, exactly, is going to pay for new passports if it’s necessary? Danish police are chatting with Kube Data about that. Continue reading Fingerprint glitch in passports swapped left and right hands→

Using Machine Learning to Create Fake Fingerprints

Posted on November 23, 2018 by Bruce Schneier

Researchers are able to create fake fingerprints that result in a 20% false-positive rate. The problem is that these sensors obtain only partial images of users’ fingerprints — at the points where they make contact with the scanner. The paper noted th… Continue reading Using Machine Learning to Create Fake Fingerprints→

Using Machine Learning to Create Fake Fingerprints

Posted on November 23, 2018 by Bruce Schneier

Researchers are able to create fake fingerprints that result in a 20% false-positive rate. The problem is that these sensors obtain only partial images of users’ fingerprints — at the points where they make contact with the scanner. The paper noted that since partial prints are not as distinctive as complete prints, the chances of one partial print getting matched… Continue reading Using Machine Learning to Create Fake Fingerprints→

Hiding Secret Messages in Fingerprints

Posted on November 12, 2018 by Bruce Schneier

This is a fun steganographic application: hiding a message in a fingerprint image. Can’t see any real use for it, but that’s okay…. Continue reading Hiding Secret Messages in Fingerprints→