Biometric Face Recognition Exploit
clscott writes "A researcher
at the U. of Ottawa has developed an exploit to which most
biometric systems are probably vulnerable.
He developed an algorithm which allows a fairly high
quality image of a person to be regenerated from a
face recognition template. Three commercial face rec.
algorithms were tested and in all cases the image could
masquerade to the algorithm as the target person.
Here are links to a
talk
and a
paper.
Unfortunately, biometric templates are currently considered
to be non-identifiable, much like a password hash.
This means that
legislation gets passed to require
hundreds of millions of people to have their biometrics
encoded onto their passports. This kind of vulnerability
could mean that anyone who reads these documents has access
to the holders fingerprint, iris images, etc."
(P.S. Please no replies from humor-impaired folks.)
maybe i should extend my tin-foil hat to a tin-foil facemask and a pair of shiny gloves... that way they'll never recognise me!
The fallibility of biometric systems has been widely known since a scientific expose was released on the topic no less than five years ago.
Biometric analysis equipment $250,000
Staff time to implement new security procedures $12500
Sledge hammer: $25
Expression on the Project Manager's face after he realized he should have installed a better door: Priceless