Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fingerprint Scanners Still Easy to Fool

Posted by michael on from the mission-possible dept.

Anlan writes "A Swedish student wrote her Master's thesis about current fingerprint technology. After a thorough literature study some live testing took place. Simple DIY fingerprint copies were used (detailed how-to in the thesis). Have current commercial products improved as much as proponents claim? Well, this qoute from the abstract says it all: 'The experiments focus on making artificial fingerprints in gelatin from a latent fingerprint. Nine different systems were tested at the CeBIT trade fair in Germany and all were deceived. Three other different systems were put up against more extensive tests with three different subjects. All systems were circumvented with all subjects' artificial fingerprints, but with varying results.' You can guess how happy the sales people at CeBIT were - most systems claim to be spoof proof..."

17 of 378 comments (clear)

  1. Airport Police by mirko · · Score: 5, Insightful

    So, will they remove these fingerprint scanners, in the US Internaitonal Airport ?

    --
    Trolling using another account since 2005.
    1. Re:Airport Police by dave420 · · Score: 5, Insightful
      No, because it appears like they're actually doing some good. Just like when they had the national guard monkeys running around with M16s. Absolutely no use whatsoever, but makes the American public go "Gee - we're so protected! I love our President(tm)!"

      The war on terror isn't about the terrorists, it's all PR.

    2. Re:Airport Police by wo1verin3 · · Score: 5, Funny

      >>So, will they remove these fingerprint
      >>scanners, in the US Internaitonal Airport ?

      No, they'll just continue to refuse letting travellers use gelatin molds in place of their real hands.

    3. Re:Airport Police by XryanX · · Score: 5, Insightful

      I'm sure someone that was trained in stage makeup could easily make a fake finger that would slip over their real one, and yet still look realistic.

    4. Re:Airport Police by CreatureComfort · · Score: 5, Interesting


      I think you missed his point, Dook"43".

      He did not say that efforts to stop terrorism shouldn't be made, only that the efforts that are currently being made are pure PR fluff. Having M16 armed national guardsmen at airports was absurd. What were they supposed to accomplish? In any instance, opening fire with a machine gun in a crowded airport lobby would kill far more innocent people than terrorists. Not to mention, just how were these guardsmen supposed to tell if someone was a terrorist, before blowing themselves up or driving an explosive laden vehicle into the terminal?

      Lets talk about other "safety" measures:
      1) Turn all airport screeners into government employees. Well, now our dear TSA is moving to recertify airports to use private screeners.
      2) Even with government screeners, security is like tissue paper. I attended a conference last week, and one of the vendors was giving out "swiss army" type knives, 5 blades + corkscrew, etc. He told me he had dumped a box 50 of these into his bag, and at the last minute decided to carry that bag on instead of checking it. He didn't even remember that the box was in there until he was in the air. He stayed quiet about it until after he landed, because he didn't want to get stuck somewhere in middle america. Security never even noticed. (BTW, he said he did report it to airport security after he landed and was outside the secured zone.)

      If we are going to be serious about security follow El Al's proceedures, most of which are deliberately kept very quiet and out of the public view. Instead the current administration follows a typical american penchant to do something, anything that makes a lot of noise and is very visible for "feel good" moments, but which accomplish either nothing, or the opposite of what they are supposed to.

      --
      "Unheard of means only it's undreamed of yet,
      Impossible means not yet done." ~~ Julia Ecklar
  2. As a self-appointed representative of ... by burgburgburg · · Score: 5, Funny
    the Security Industry, I'd just like to say:

    Shhhhhhhhhhhhhhhhhhh!!!!!

    Please remember this the next time a non-productive "feature" is uncovered.

  3. Easy Solution by Mz6 · · Score: 5, Funny

    Don't let your fingerprints get copied. Wear gloves ALL the time. Problem solved.

    --
    Hmmm.
  4. J311-0 by lunarscape · · Score: 5, Funny
    The experiments focus on making artificial fingerprints in gelatin from a latent fingerprint

    That's great to know that some of the world's most sophisticated security systems can be circumvented with Jell-O

  5. In the great words of Sean Connery by imranius · · Score: 5, Funny

    "I'll show you a finger, Trebek!"

    - SNL Celebrity Jeopardy

  6. Something you have and Something you know by VinceWuzHere · · Score: 5, Insightful
    I really don't think that ANY biometric system will be foolproof until the old basic of security is implemented. The scheme is called "Something you have and Something you know" (someone out there does know the right name even if I can't remember it at the moment).

    Think of the simple RSA keyfob some of us carry; it gives us a number and we use that PLUS a password to get into secure systems (have + know).

    Carry this one step further and have the system check your fingerprint/handprint/iris/whatever PLUS ask for a password.

    I personally think it's damn scary in this age of terrorism that someone could fake a biometric and get onto a plane; if the airlines for example issued me a unique password to go along with fingerprint (or whatever) recognition then I'd feel a whole bunch better about the entire process and the underlying technologies.

    1. Re:Something you have and Something you know by MindStalker · · Score: 5, Funny

      Now, a clever man would not use a plane, because he would know that only a great fool would repeat the same method. I am not a great fool, so I can clearly not choose to attack with a plane. But you must have known I was not a great fool, you would have counted on it, so I can clearly have to attack with a plane.
      Because counter-terrorist come from America, as everyone knows. And the America's is entirely peopled with infidels. And infedels are used to having people not trust them, as you are not trusted by me. So I can clearly not attack with a plane.
      and you must have suspected I would have known you where an infidel, so I can clearly have to attack with a plane.
      You've beaten my Sadam, which means you're exceptionally strong. So, you could have placed your men on the plane, trusting on your strength to save you. So I can clearly not choose to attack with a plane. But, you've also bested my sleeper cells. And in studying, you must have learned that terrorist are dangerious so you would stay as far away from us as possible, so I can clearly attack with a plane.

  7. Re:fix? by tomcio.s · · Score: 5, Insightful

    Not at all actually, your extremedies (hands, feet) change temperature faster than the core of your body, and most people's extremedies are either colder (more common) or warmer (?) than the core of their body. So to make it heat sensitive would be to deny access to most users.

  8. fingerprints at all... by tuxette · · Score: 5, Interesting
    Probably old news to some, but here's an interesting article about how fingerprints are perhaps not infallible, unique ID, with a link to this article

    Who cares about the scanners when the real problem lies in something entirely different?

    --
    People say I'm crazy, I got diamonds on the soles of my shoes...
  9. Re:fix? by stratjakt · · Score: 5, Insightful

    The temperature of your fingertips is going to vary widely. If you've been holding a cup of coffee, it'll jack up to 110, 120 maybe, if you just came inside it could be down around 60 or so.

    98 degrees is an average core body temperature, extremedies generally run cooler. Thats why your testicles hang down - they dont work at 98 degrees, they need to be cooler. It's also why briefs and tight pants make you sterile.

    Besides, all you'd have to do is put the fake finger in a cup of warm (98 degree) water..

    I think the real solution is to realize that this kind of shit only works in movies or cartoons right now.

    --
    I don't need no instructions to know how to rock!!!!
  10. Okay. by Red+Dane · · Score: 5, Insightful

    Just wanted to interject... I suppose it depends on whether you have one that bounces small radio signals off of the inside of your finger or one that simply captures an image. Certain fingerprint readers bounce radio signals off of the inside of your finger and read the underlying tissue structure (no, I'm not going to plug the product here). This prevents people from doing what she did at the trade convention. Fingerprint technology is always improving, and I'm sure that the industry will take this to heart and make these things even more complex. When you get right down to it, the systems aren't as complex as you might think. Most fingerplate templates weigh in from anywhere to 300 - 600 bytes in size.. but that is more to ease hardware requirements. I think they will combine other methods in the fingerprint taking process and eliminate these problems. Just my take on it, tear it apart guys ;)

  11. Re:Could someone explain 4.5.3 to me? by Apocalypse111 · · Score: 5, Informative

    I myself have an identical twin brother, and our fingerprints are nothing alike. Fingerprints are a developmental feature, not a genetic one.

    --
    There is no mod option "-1: Disagree" for a reason. "Overrated" is not an acceptable substitute. Post something instead.
  12. calcium hydroxide burns by SuperBanana · · Score: 5, Informative
    In a former career I spent time mixing cement. One day I was mixing a small amount in a 5 gallon bucket. At the time I had nothing to mix it with so I used my hand. After mixing I washed my hand and it was amazingly smooth. I didn't think much more about it. I looked at it and noticed that the mixing had worn down the top layes of skin on my hand.

    Uh, that's because calcium hydroxide -burned- it off, not "wore it down". It's actually quite common, because there is a delay between exposure and reaction. Well, that and people think "hey, it's just rocks and dirt and stuff, i don't have to wear gloves..."

    --
    Please help metamoderate.