Slashdot Mirror

← Back to Stories (view on slashdot.org)

Face Recognition Goes Mainstream For Notebooks

Posted by timothy on from the don't-get-too-mangled-at-the-bullfights dept.

MojoKid writes "Consumer and business-class computer security has clearly become more sophisticated over the years. Recent advances in recognition technology have brought forth new capabilities, like what can be found in Toshiba A305 series notebooks. Toshiba's Face Recognition software allows you to log in to the system simply by having your face properly recognized by the integrated webcam during Windows startup. Of course, the system's TrueSuite Access Manager also allows you to do the same, only using your fingers and the integrated fingerprint reader. However, TrueSuite goes a step further with the fingerprint reader, also allowing you to log in to Web sites, applications, and networks as well by using just your fingerprints."

26 of 130 comments (clear)

  1. Reliability by negRo_slim · · Score: 3, Interesting

    Considering windows is already loading by the time this system kicks in I'd say it's value is zero.

    --
    On the Oregon Cost born and raised, On the beach is where I spent most of my days
  2. and the downgrade? by ILuvRamen · · Score: 2, Insightful

    You know how laptops seem to be going downhill in speed and stuff and people are buying ones with waaaay slower hardware that don't even run windows. I never saw that downgrade coming (in the hardware, the OS isn't a downgrade!) but I wonder what the downgraded equivilant of this feature will be. I'm thinking fingerprint recognition or worse, ass recognition. You gotta sit on it lol. But seriously, you hold up a picture of the person and you're in. That's pathetic. And your webcam breaks? Uh oh, can't log in. So obviously there's an emergency thing where you can put in a text password instead. So what's the result of this amazing security feature? Another way to get in in addition to the text password! Total waste of time and money!

    --
    Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
    1. Re:and the downgrade? by finity · · Score: 4, Insightful

      It'd be great to have computers with stereo vision... With so many computers now coming standard with pinhole webcams, surely they don't cost too much. You could place one webcam at each top corner of the screen and then the computer would be able to produce a 3-D image of its environment.

      Now you have to get a 3-D model of the person's face instead of just a photo.

      This whole thing could be really bad. Imagine someone that just underwent massive facial trauma. Now, not even their computer likes them.

    2. Re:and the downgrade? by value_added · · Score: 3, Interesting

      Total waste of time and money!

      Yes and no. For someone buying a laptop and then making regular use of this technology, it's absurd, or at least little more than a toy when viwed from a security perspective. On the other, we all seem to be heading to a future where computers are, or least behave, in a more personal manner, so in that sense, this technology is, for lack of a better word, a really cool idea.

      Then, consider that the world around around us is demanding increased security and is thus subject to increased surveillance and control. That's true from the CCTV cameras monitored by law enforcement, to the folks at your local DMV or voting precinct trying to prevent fraud, to the liquor store owner checking his store while he's at home. It's a fair assumption that with increasing interest in these technologies, we'll see a corresponding increases in research and development, which will, in the end, lead to widespread usage of whatever technology wins out, whether that's iris scans, fingerprints. forearm barcode tatoos, DNA, faces, or a combination of any of the above. If you took a vote on which approach people want, I doubt anyone would say "It's more passwords and PINs for me!".

      If it becomes possible to replace every lock and key with some sort of recognition software, would you complain, or tout all the benefits? Or if you could save tax dollars by replacing local security on the streets and Home Depots everywhere with similar software, would you view that a good or bad idea?

      Let's face it, the above scenarios aren't very likely, at least in the short term. We're still working on voice recognition. For now, however, it doesn't mean we can't have fun playing with Toshiba laptops.

    3. Re:and the downgrade? by Haeleth · · Score: 2, Insightful

      The **AA will start suing everyone to get control over this:

      "Access Denied - You are not the purchaser of these media files and may not listen/view them. Ever"
      Nah, they'll just insist the laptops are also fitted with credit card swipe thingies. Actually, forget the webcam... ;)
  3. Cut off fingers? by David+Hume · · Score: 3, Insightful

    However, TrueSuite goes a step further with the fingerprint reader, also allowing you to log in to Web sites, applications, and networks as well by using just your fingerprints.
    Great. So now somebody has an incentive to cut off my fingers.
    --
    Only Women Bleed (Sex, Sharia remix)
    1. Re:Cut off fingers? by Ieshan · · Score: 4, Insightful

      I realize the parent is probably a joke, but it has become a pervasive story on Slashdot that biometric ID is bad because of things like this ("the criminals might cut off my thumb!").

      Biometric ID has it's bad points, and certainly, in the most secure settings, you'll probably want to make sure you have contingencies for these. But these are not notebooks designed for the FBI, they are designed for the security conscious business user.

      With that in mind, suppose, today, that a criminal was sitting before you with a knife, threatening to cut off your fingers one by one if you did not give him your notebook password. Are you really willing to sit there and tell me that you would rather have your hands butchered than give up your text-based password?

      If someone was really willing to go to lengths like cutting your fingers off, then they probably have all sorts of incentive to do all sorts of awful things. I'm not sure Biometric security appreciably changes the situation for 99.9% of users.

    2. Re:Cut off fingers? by Anonymous Coward · · Score: 3, Funny

      With that in mind, suppose, today, that a criminal was sitting before you with a knife, threatening to cut off your fingers one by one if you did not give him your notebook password. Are you really willing to sit there and tell me that you would rather have your hands butchered than give up your text-based password? That's where plausible deniability tech comes in. You'd give the criminal an alternative password which works but decrypts a dummy disk instead.

      Though, the same technique could work for fingerprints. One finger gives you the real files, another gives you the dummy. Though testing for this isn't that hardm as there are only 10 to check.
    3. Re:Cut off fingers? by finity · · Score: 2, Insightful

      But these are not notebooks designed for the FBI, they are designed for the security conscious business user.

      That's the problem. People believe that these things are secure enough for the security conscious business user. Laptops are stolen all the time, whether for corporate espionage purposes or for resell value. The thing most people don't realize is that you don't have to cut someone's finger off to use their fingerprint on common scanners. There are many ways (the gummy bear technique) to fake a person's finger and print for these cheap fingerprint scanners.

      How hard is it to type in a ten character password that means something to you? It becomes muscle memory after a while. I've used some of those scanners before and it took longer to load the software, recognize my finger and relay that to Windows than it did for me to enter my password. And that's when the scanner was clean. I think biometrics are a case of giving people what they think they want, when they want things simply because characters like Jason Bourne use them. It's capitalism, so whatever. Just don't fall into this security theater trap.

    4. Re:Cut off fingers? by moonbender · · Score: 2, Insightful

      Are you really willing to sit there and tell me that you would rather have your hands butchered than give up your text-based password?

      No, of course not. I'd give up the password in an instant. That's the point! There better be a text-based alternate login.

      --
      Switch back to Slashdot's D1 system.
    5. Re:Cut off fingers? by bloodninja · · Score: 3, Funny

      One finger gives you the real files, another gives you the dummy. That technique is very popular on the interstate.
      --
      Lock the wife and the dog in the boot of the car.
      Return one hour later.
      Who's happy to see you?
    6. Re:Cut off fingers? by yakumo.unr · · Score: 3, Informative

      March 2005 this had stopped being a joke: http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm "Malaysia car thieves steal finger"

  4. Evil twin by tsa · · Score: 4, Funny

    I guess when my evil twin gets hold of my shiny new face-recognizing laptop I'm doomed.

    --

    -- Cheers!

    1. Re:Evil twin by zmollusc · · Score: 4, Funny

      Only once EvilTsa shaves off his goatee beard.

      --
      They whose government reduces their essential liberties for temporary security, receive neither liberty nor security.
  5. This seems so gimmicky. by Capitalist+Piggy · · Score: 4, Insightful

    Really, if people are worried about security, then they should probably be looking at the copy of Windows instead of investing in gimmicks. Something tells me the ability to circumvent a program running during Windows startup is going to be relatively easy, no matter what form of trickery it uses.

    It's also likely the package is designed to be circumvented out of the box, as there could be some painful customer support issues if their software ever manages to lock out a legitimate user without such a feature.

    Even with this, there's nothing to stop a common criminal who will just nuke and pave the system for export to South America or another country, which occurs quite often.

  6. Oh no! Not again. by pesc · · Score: 4, Informative

    From TFA:

    It is important to note that both fingerprint and face-recognition technologies are not foolproof--there are a number of known, low-tech means of circumventing them. As such, depending on how secure access to your system, data, and Web sites needs to be, you might want to think twice before relying on these alternatives to typewritten passwords.

    Right! Such as presenting it with a photo of the owner. Or using one of several well-known techniques to lift a fingerprint from somewhere (the computer itself?) and create a fake finger.

    Why isn't this kind of "security" generally laughed at by the consumers?

    http://www.youtube.com/watch?v=LA4Xx5Noxyo
    http://www.theregister.co.uk/2002/05/16/gummi_bears_defeat_fingerprint_sensors/

    And from 1998:
    http://www.schneier.com/crypto-gram-9808.html#biometrics

    --

    )9TSS
    1. Re:Oh no! Not again. by drgruney · · Score: 2, Insightful

      Because it's like a movie.

  7. This is new? by Verteiron · · Score: 2

    From TFS: "However, TrueSuite goes a step further with the fingerprint reader, also allowing you to log in to Web sites, applications, and networks as well by using just your fingerprints."

    Thinkpads have done this for at least two years already. The password manager app even has a plugin for Firefox. Mind you, I disabled it almost immediately because it adds an addition, out-of-place "Save this password?" prompt to every ever remotely passwordy prompt in Windows, IE, or Firefox.

    But the functionality is there, and has been for some time. I hope these TrueSuite guys don't genuinely think they've got something new.

    --
    End of lesson. You may press the button.
  8. Another gimmick by Anonymous Coward · · Score: 4, Insightful

    "Consumer and business-class computer security has clearly become more sophisticated over the years.

    Rubbish. Without full disk encryption, laptops today are as vulnerable as they were 15 years ago. If anything they're *more* vulnerable nowadays, simply because we store more on them, keep them connected to the net all the time, and more people are using them.

    Gimmicks like fingerprint readers and face recognition are worthless if someone steals your machine. Simply boot knoppix, mount the fat/ntfs partition and copy all that juicy data right off the drive. In fact this happened to a high-profile person recently - someone recovered Adrian Sutil's (F1 driver) discarded hard disk and tried to get money off him in exchange for not publishing his photos and emails.

    Face recognition is probably good fun to try out in the store and maybe help sell a few machines. But disk encryption and strong passphrases are inconvenient and require a bit of work, so nobody uses it.

  9. Now, wiith preloaded crapware! Do not buy. by Animats · · Score: 5, Informative

    The A305-S6845 comes with a fairly crowded Windows desktop, filled with icons for pre-loaded software and web links to numerous free offers.

    This thing has substantial crap preloaded onto it. It even has Vongo pre-installed, which is very hard to uninstall. It has PowerCinema installed, which not only is hard to uninstall but uses resources when idle. And those are just the ones known to be malware. Buy from another vendor.

  10. Not really new by Zorque · · Score: 4, Insightful

    My Lenovo ideapad has had face recognition for a few months now. It's actually kind of a nuisance having to line my face up with the camera every time, so I uninstalled it and went with a plain old password.

  11. Yes, they do cut off fingerss. by DingerX · · Score: 4, Informative

    At least once in a while.

    Of course face recognition is good: hold up a photo to the camera, and you're good.

  12. Physical Acces by pmontra · · Score: 2, Insightful

    If someone has physical access to my pc... all my data are belong to her/him anyway. These companies should scrap all these kind of biometric software development and invest in hard disk encryption. The fingerprint reader in my notebook is great to impress my friends but it's one of its weakest points. Another one used to be the firewire port but I disabled it.

  13. sounds like a good lock by alizard · · Score: 3, Insightful

    Good for separating honest people from temptation.

    Otherwise, if the "bad guys" have access to your machine, you're Pwn3d. Demos have been done using pictures of people to fool facial recognition software.

    Of course, if an owner has cosmetic surgery or a really nasty accident, it's the owner who'll get locked out of the machine. If they want to use biometric ID for anything but security theater, they need it as part of at least two-factor authentication. . . meaning "something you know" (i.e., a password) or something you've got (e.g. an RFID token key)

    --
    Tech Public Policy stuff
    1. Re:sounds like a good lock by Beltonius · · Score: 2, Interesting

      I (briefly) had an HP business laptop (nc8430), and while I had a plethora of hardware issues compounded by poor tech support, I thought it's security suite was fantastic...better than what's on my current Thinkpad T60. It allowed me to choose which factors I wanted used for accessing various things, from logging in to handing out website passwords: password, fingerprint, smart card or USB 'token' (eg it would put a key file on an attached storage device). I could've had 4-factor authentication to log on. That would've been ridiculous, but I liked having the option, and if I'd had the damn thing long enough to get a smart card, I would've used that too, just for kicks, if nothing else.

  14. I'd rather get info from people with a clue. by alizard · · Score: 4, Insightful
    like these.

    Biometrics are powerful and useful, but they are not keys. They are useful in situations where there is a trusted path from the reader to the verifier; in those cases all you need is a unique identifier. They are not useful when you need the characteristics of a key: secrecy, randomness, the ability to update or destroy. Biometrics are unique identifiers, but they are not secrets. - Bruce Schneier
    --
    Tech Public Policy stuff