Slashdot Mirror
How Secure Is Microsoft's Fingerprint Reader?
Moos3d asks: "I recently found out about this Microsoft Fingerprint Reader at the library and ever since then I have been fascinated by using something like this for my own PC. How secure is this compared to using multiple 10+ character long passwords? Some people I've talked to seem to think it isn't safe at all and some people seem to think it is only safe for casual use. I only plan to use it for online forums and other applications that don't require great measures of security so it seems to be perfect for me, but how secure do you think it really is?"
unless you make it a habit of pressing your thumb on gummi bears.r s_defeat_fingerprint_sensors/
http://www.theregister.co.uk/2002/05/16/gummi_bea
How do you plan to use it? You've mentioned online forums etc. - they don't support this (at least majority of forums I know), most of such sites use passwords, often in unencrypted matter - if you are sending unencrypted password between two untrusted hosts etc. really password quality (be it 123809243+ random characters) does not matter at all...
How it is secure depends on how you plan to implement it. Security is not about buing some gizmo, security is a complex project from ground up/design to implementation and also the hardest part - human element.
So this device alone cannot be proclaimed safe or unsafe - it depends on how you will use it.
I don't really track this specific hardware. I just commented about merit of your question in general.
Dan of dansdata.com debunks the myth of 'secure' fingerprint readers in his review of a Lifeview Finger ID machine here.
This is the third story in 2 days about passwords.
The hospital my father works in uses these to control access to data entry in the neonatal ward. The nurses would otherwise be typing in passwords about 300 times a day, as the computers lock whenever someone isn't standing at them. It means that the tracking data for who entered what data is always correct and that time isn't taken up typing in passwords all the time.
I'm not sure how easy they are to fool, but in the hospital, where people wouldn't be at the terminals unless they were a recognised user anyway, they're perfect.
My Journal
Lemme get this straight. You're asking how secure a Microsoft product is on Slashdot?
Let me answer with a question. How smart do I think you are?
... but one that can't be changed and gets left lying around on a regular basis, but also can't (easily) be lost.
Against a casual attacker (all most of us really have to worry about), it's perhaps slightly more secure than the average password and it's much more convenient.
Against a sophisticated attacker, a fingerprint alone is much weaker than any password, unless you have a habit of writing your password on everything you touch. Yes, all of the fingerprint scanners claim to offer liveness verification, but in practice every time someone has seriously tested the claims, they've fallen down.
If you need really high security, a password is better than a fingerprint, but it's even better to use both. Of course, if you need really high security, you shouldn't be using a standard PC with a common operating system, and I'm not just talking about Windows. Everyday PCs are wide open to an attacker that has physical access to them, regardless of what OS you're running. A TCPA-enabled OS would be slightly better, but not much since the TCPA standards don't require any tamper resistance on the TPM, so a clueful attacker with physical access will almost certainly pwn your machine anyway.
IMO, and this is closely related to my day job, for low security and high convenience, go with a fingerprint. For moderate security, use either a good password or a combination of password/fingerprint or password/smart card or fingerprint/smart card. If you need high security, hire someone to help you figure out how to do it right.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
From the reviews by security experts, this is less secure than most other fingerprint readers used in non-consumer applications. It takes a less precise reading of your finger than just about any other fingerprint reader, especially those used in most "secure" applications.
There's also the fact that it sends and stores the fingerprint info, mainly unencrypted, on the local hard drive so that it can match it. If you can get that information and which points need to match, it's relatively easy to make a fake that will match.
Two things are infinite: the universe and human stupidity, though I'm not yet sure about the universe. - A Einstein
First things first: This is a Windows only device. I'm sure someone will figure out how to get it working with something else, but it comes with software for Windows only.
;) and get back to browsing pr0n without anyone getting into your session ;).
This is the Digital Persona http://www.digitalpersona.com/ fingerprint scanner, rebranded by Microsoft. I actually use some of their older sensors at home, they're fairly cheap and easy to use.
How secure are they? Not very - these are the same sensors that can be bypassed with highly advanced Nasa Gummi Bear Technology. Yeah, get some latent prints, extrude them with superglue and a couple other items, then pour melted gummi bears into the mold to make a cool new fingerprint that can bypass the sensor.
That being a given, they are pretty damn cool, and extremely convenient. You just come over to your Wintendo XP system, put your finger on the sensor and you are in. You can whip up authentication for websites and applications in no time (although I haven't figured out yet how to get it to authenticate me into World of Warcraft). It really is a "password database" system, unlocked with a fingerprint.
BTW, if you decide to buy these go with Microsoft's sensors - Digital Persona is notoriously stingy with application upgrades. Not that it matters, the supplied software still works with my newest WinXP perfectly, but I feel kinda weird running the 1.0.3 version of a product now in 2.x. MS has traditionally been pretty good about providing updated software for their hardware.
The way I look at it, it can keep people (friends, girlfriend, visitors) away from your Windows box without requiring you to enter a password every time you come back to it:
Now you can press windows-L, get up, get a coke, come back, give the pc the finger (preferrably middle
Not only that, but it will even allow for Fast User Switching just by putting in someone else's finger. Bonus!
-Jack Ash
I really do not mean this just as a troll, but after all the problems with Windows, IE, Outlook, and Office, I find it impossible to feel secure with ANYTHING Microsoft sells. I feel they have proven their focus is on getting a product out and getting the money, THEN worrying about fixing it, which is usually done with upgrades that cost more money. They're a business, and their goal is to get you to buy it, but I have yet to see one shred of evidence that they are as concerned about their products being secure as they are about getting paid.
I think I once read something about Bill Gates saying his business model was to first promise something great, second, get the money, third, deliver it, and fourth, worry about the bugs and fixes later. We all know, though, that once you've sold something, the support from almost anywhere is not as focused as their efforts to produce the next thing they can sell, which is often the upgrade to fix the problems in the earlier version.
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
More secure than the combination on my luggage...
"It takes considerable knowledge just to realize the extent of your own ignorance." - Thomas Sowell
When even the editor offers a "LOL! Mirco$oft 1s teh sux!" response (in the from-the line, no less!) I wouldn't expect too much from the rest of the readership, virtually none of whom have ever seen the thing, let alone used it.
Anyway, you're missing the point about complex, frequently changed passwords. The question isn't whether they're stronger than Batman or just stronger than Aquaman, it's whether their nuisance factor poses an actual risk.
What I'm listening to now on Pandora...
fingerprint readers are not secure, regardless of who is making them. the basic concept of biometrics is flawed. you're just replacing one forgable key with another. fingerprints are especially bad, since any reasonably skilled criminal with latex or a similar material can just replicate the needed print and wear it over their own finger. the best biometric method, retina blood vessel pattern comparison, discriminates against blind people (who can't focus on the target) and puts you at risk for eye damage if they make the scanner beam too powerful -- and you won't know until a decade or so later. but since biometrics is the new fad, you can be sure you'll be seeing more of it -- and stories of exploits.
Fingerprints make terrible biometric keys because you leave your fingerprint everywhere, unlike your password or retinal scan. Yes, fingerprints give that cool "we take security seriosly" aura, but are false security. Gelatin fingerprints are easy to construct from a fingerprint image, and difficult to detect when worn. Moreover once your fingerprint is compromised it is difficult to change. Doh!!!
If you local access to a machine sooner or later any logon security can be bypassed.
But it takes considerable effort - not an job for an average Joe.
Using the reader is very convienient way to logon to the computer.
I have different logons for different people in my family with varing privleges.
I actually brought the reader because of my 4 year old niece who likes to play games.
She has her own account so that she doesn't end up messing with my personal files or preferences.
I did some testing with one once, and the information included with the device (maybe the outside of the package - I forget) tells you it's not meant to be used as a security device. I'm sure it's for liability purposes, but MS is positioning this device to remember web page usernames and passwords. Yes, it's possible for someone to use it to log into a banking page or something, but you can't use it for domain logins.
I'll create an amusing sig when I have something meaningful to post.
Violently remove finger, discard remainder of human. Apply finger to biometric scanner.
I've seen it in movies. What's to stop someone from using this technique?
It is really secure because its based on the principles of bio metrics. So no fare using a ladies compact to reproduce the print.
Um. Isn't "sensitive data" the reason that pages are password-protected in the first place?
So apparently the Microsoft Fingerprint reader is so insecure that even Microsoft can't recommend using it. Now that's scary.
~~~~~~~
"You are not remembered for doing what is expected of you." - Atul Chitnis
I had one of these units for about a week, then returned it and got my money back. The password vault software will work with FireFox, yet Microsoft has disabled it. It will even go through the same "click the box where you enter your password" routine; it just never saves the XML password data properly. Contacting Microsoft tech. support, they informed me that the only application they designed it to work with is Internet Explorer and the Windows logon process.
Pfft.
I'd rather just use a password management system, anyhow. There's plenty of free and open source ones out there, even for Windows. After entering my long passphrase (about 20 characters) I have access to all of my forum logins, etc..
Not All Who Wander Are Lost
Microsoft? Secure!?
</needed_bash>
But seriously, I'm not sure how a thumbprint reader would be that secure. It's pretty obvious that Microsoft isn't using professional-quality fingerprint security hardware, so if someone has a similar enough print, they can probably get in. On the other hand, if your attacker doesn't have a similar print, then they're pretty much screwed.
So I guess a lot of it's luck.
- dshaw
Anything digital can cracked. Although I don't want to come across as some sort of M$ lover, but M$ is being slamed constantly because it is currently the biggest fish in pond (or is it bullie in the neighborhood? but I digress...) There is little doubt in my mind that when Linux overtake M$, it will be on the receiving end of same treatment.
ELOI, ELOI, LAMA SABACHTHANI!?
I use a password vault called RoboForm from a company Siber Systems. It is Windows only :/ and has plugins for IE based and Mozilla based browsers (no Opera, sorry. :/). It also has a read only synchronization with your Palm or PocketPC PDA.
Most important, it has a portable version that will let you carry it around on a USB drive. You pop the USB drive into a computer and you have access to all your passwords.
It has a master password which you can use to selectively protect your login information and online purchasing information with a strong encryption.
You can also use it to keep your contact information and random notes all in one place. Again this is especially useful if you have more than one Windows box you use.
The free version has limited storage, the Pro version cost $30. Portable and PDA addons are $10, so you could easily spend $50 which might be a bit pricey for some people, but I am very happy with the functionality it provides me.
I have randomly generated passwords for all my logins, and any secure sites I have to enter my master password to access. If I unplug the USB drive, all my password information is gone from the host system automagically.
All I wanted was a rock to wind a piece of string around, and I ended up with the biggest ball of twine in Minnesota
The Fingerprint Reader should not be used for protecting sensitive data such as financial information or for accessing corporate networks. We continue to recommend that you use a strong password for these types of activitie
I believe there are basically two ways to do biometric devices like this. The first is for the device to basically measure something and send the measurements to the computer. For example, a fingerprint reader would basically be a specialized scanner that sends essentially a picture of the finger to the computer. The software on the computer would then compare the fingerprint to the ones on file to determine which user owns that finger, and then would unlock their password.
Note that with such a scheme, the password is stored on the computer--hopefully encrypted to protect it from casual observers, but all information necessary to decrypt it is also on the computer. So, if someone were to steal the computer, they would have everything they need to get the passwords.
The other way to make a fingerprint reader system would be to store the passwords themselves in non-volatile memory in the reader. The reader itself would handle comparing the current finger with the known fingerprints, and if there is a match, sending the appropriate password to the computer (where this would probably be used as the key to decrypt a master password file for that user that would contain the other passwords).
Ideally, the non-volatile memory in the reader is tamper-proof and will be erase if someone fiddles with it.
All of the cheap readers, I believe, use the first approach.
we thought about this in a ward setting, and the problem is that it doesn't add any value. they can't use gloves, they can't remove and refit biogel gloves quicker than they can type in a simple short password, and it's layering complexity for no good reason. they duplicate the standard windows logon so they still need to know their password in plaintext, so what's the point? RFID proximity buttons might be useful but it's not really too hard to type in a 5 character password....
there are *vast* numbers of people doing this: in clinical trials where electronic data capture systems control dosing, in hospitals using electronic records - all over the place. certianly in the UK, the 30 BILLION POUNDS they're spending on NHS IT systems currently suggests a LOT more people will be doing it in the future.
... Are Belong To Us!
"If you think the problem is bad now, just wait until we've solved it." --- Arthur Kasspe
It's optical.
Wipe off the surface when you're done. It's possible to "breathe" on the reader with some models and have the condensation on the oil pattern be enough to trigger a "read" and you therefore impersonate the last person to use the reader.
--- Jump!! Fire!! Bullet time!! - Lego version of the Matrix
http://www.microsoft.com/hardware/mouseandkeyboard /features/fingerprint.mspx
"The Fingerprint Reader should not be used for protecting sensitive data such as financial information or for accessing corporate networks. We continue to recommend that you use a strong password for these types of activities."
nT