Slashdot Mirror


Biometric Face Recognition Exploit

clscott writes "A researcher at the U. of Ottawa has developed an exploit to which most biometric systems are probably vulnerable. He developed an algorithm which allows a fairly high quality image of a person to be regenerated from a face recognition template. Three commercial face rec. algorithms were tested and in all cases the image could masquerade to the algorithm as the target person. Here are links to a talk and a paper. Unfortunately, biometric templates are currently considered to be non-identifiable, much like a password hash. This means that legislation gets passed to require hundreds of millions of people to have their biometrics encoded onto their passports. This kind of vulnerability could mean that anyone who reads these documents has access to the holders fingerprint, iris images, etc."

8 of 188 comments (clear)

  1. This problem is solved by redundancy by NumberField · · Score: 5, Funny
    This isn't a problem because most people have extras of the body parts used for most biometric schemes. For example, you probably a large supply of fingers (about ten), so it doesn't matter if a few get compromised. Similarly, if you have two eyes, it's not a big deal if your retinal print becomes known to bad guys.

    (P.S. Please no replies from humor-impaired folks.)

    1. Re:This problem is solved by redundancy by gerf · · Score: 4, Funny

      This isn't a problem because most people have extras of the body parts used for most biometric schemes. For example, you probably a large supply of fingers (about ten), so it doesn't matter if a few get compromised. Similarly, if you have two eyes, it's not a big deal if your retinal print becomes known to bad guys. (P.S. Please no replies from humor-impaired folks.)

      I don't get it. The way you're talking isn't in a standard joking format at all. Maybe you Canadians have a different sense of humor?

    2. Re:This problem is solved by redundancy by stefanlasiewski · · Score: 4, Funny

      I don't get it. The way you're talking isn't in a standard joking format at all. Maybe you Canadians have a different sense of humor?

      Yeah really.

      In the States, all of our humor formats have been standardized by the Department of Homeland Security. Currently, I'm 80% done with my ISO9666 humor certification. When I'm done, everyone will be able to understand and interface with my humor.

      --
      "Can of worms? The can is open... the worms are everywhere."
    3. Re:This problem is solved by redundancy by Xzzy · · Score: 5, Funny

      I'm sorry, go back and read chapter two, where they talk about humor types by geographic region. Your above intended format falls into "excessively dry", which if my memory serves is a method perfected, and quite jealously defended, by the British.

      American humor is expected to involve either bodily functions or blonde women.

      Failure to employ region-appropriate humor will potentially flag you for review as a potential terrorist.

    4. Re:This problem is solved by redundancy by YU+Nicks+NE+Way · · Score: 4, Funny

      Please put your tin-foil hat away. The incorrect use of humor will not flag anyone for review as a potential terrorist. There is no reason to be concerned that we will interfere with any humor-related deviance. It is only in those cases where individuals with perverted senses of so-called humor that pose a threat to our national security (as determined by our objective and reproducible criteria), and who aver themselves unwilling to participate in our voluntary humor-retraining camps, who will be marked for review. In order to reduce the number of individuals whose privacy will be sacrificed to review, we will use only publicly available data. In order to incentivize those who will be encouraged to attend humor-improvement camps, we intend to locate them in tropical locations near to the ocean, but not on US territory.

  2. paranoia by klokwise · · Score: 5, Funny

    maybe i should extend my tin-foil hat to a tin-foil facemask and a pair of shiny gloves... that way they'll never recognise me!

  3. Old News by fobbman · · Score: 4, Funny

    The fallibility of biometric systems has been widely known since a scientific expose was released on the topic no less than five years ago.

  4. Re:One thing that is missing from "the spoof" by Emugamer · · Score: 5, Funny

    Biometric analysis equipment $250,000
    Staff time to implement new security procedures $12500
    Sledge hammer: $25
    Expression on the Project Manager's face after he realized he should have installed a better door: Priceless