Slashdot Mirror
Lenovo Trying Face Recognition For Logins On New Laptops
judgecorp writes "Lenovo's new IdeaPads will be using face recognition as a way to replace passwords for users logging onto the laptops. 'Lenovo's VeriFace combines the Windows login and file encryption to password-protect individual files. It identifies users by matching unique features of their faces to photographs taken by the 1.3-megapixel webcam built into the laptop. When Windows users start up their PCs, a camera window pops up in the login frame. The user then just has to adjust their position so their face appears in the window, and VeriFace logs them in automatically.' That could be good, but is the technology really ready for mass market devices? HP ran into trouble when its face recognition software had trouble recognizing people with darker skin."
I'm sticking to a reasonably secure password. Anyone who trusts their security with this is only doing it for the sake of feeling futuristic, it's a dumb idea, nevermind the prospect of showing the thing a picture or video.
Was there any breakthrough in face recognition recently? It was easy to defeat as of last year.
http://www.internetnews.com/security/article.php/3804906/Facial-Recognition-Gets-a-Black-Eye-at-Black-Hat.htm
I hadn't known there were so many idiots in the world until I started using the Internet -Stanislaw Lem
What's to keep me from holding up a picture of my coworker in front of the camera when I want to log in to her computer?
This sounds easier to fool than the fingerprint sensors that can be spoofed with silly putty.
No, really, give it a photo and you're in!
This has been available on Lenovo IdeaPad laptops since they first launched maybe 2 years ago.
So I can just grab a photo of the user whose PC I want to log onto and show it to the cam?
Much easier to crack than that darn retinal scan that requires me to get the eyeballs of my victim...
Violence is the last refuge of the incompetent. Polar Scope Align for iOS
Im tired of unlocking my work blackberry with its tiny keyboard every time I want to check the latest email. Security policy mandates we use a long complicated password, which is a total pain to type every time you want to browse the web, or check the map, or whatever.
How easy is it to fool this thing? For instance, will holding a picture of the laptop's owner in front of the camera unlock the machine?
To make face recognition more secure, perhaps they should use two camera's and get a 3d scan of the face (can be fooled as well but less easy), or require that the face is moving. Perhaps even ask the user to read a randomly chosen word and lip-read the response.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
-complete to teenSchoolgirlsInIceCream.fap?
So apparently they forgot that there's such a thing as identical twins...
Also, what happens if you change your hair or makeup or something else? Suddenly you might not be able to get into your computer
Toshiba's Qosmio line has done this for quite a while....
Earn a % of cash back from Newegg, Tiger Direct, Walmart.com, and more: http://www.mrrebates.com?refid=458505
I have been using it for the past couple of months on my netbook. It does a pretty good job as long as you aren't wearing glasses, and you are well lit. Most of the time, the lighting is not good enough, and I would need to remove my glasses. It seems to do well enough discriminating between other people though. I tried it with several different family members and co workers, and it never allowed them. It will log bad attempts, and save pictures of the attempted logins. It also has a mode to detect if a photo is being used to log in. That seemed to work blocking photos as well. I never tried the encryption mode, but since it is Lenovo, I'd bet it has a back door for the Chinese government.
Unless they get it to work in low light though, it's not ready for prime-time.
"He's lost in a 'floyd hole"
Whats wrong with finger print readers? I have a Lenovo laptop with a finger print reader and I couldnt be happier with it. This article is not entirely correct in saying face recognition to replace passwords since passwords are only used as backup authentication with most existing Lenovos. It sounds interesting but I dont really see the point. Unless of course you dont have fingers but then using a keyboard would be a bit hard to start with. Sound more trouble than its worth tho given skin tone issues.
Those who can, do. Those who cannot, sue.
I'm typing this on a Lenovo Ideapad Y550P that I bought around November of last year, and it came with veriface preloaded.
Raters gon' rate.
My Lenovo ideapad Y510, which I bought about 2 years ago, already has facial recognition login.
are full of bloatware? I thought I read somewhere that these rank number one or something.
Back in 2001 for my Thinkpad T22, when you got the camera attachment for the top of the screen it came with a face recognition screensaver. It was pretty amazing how fast it recognized you and unlocked the screen.
.. how does it handle identical twins?
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
My Dell laptop I bought a year and a half ago shipped with software to do exactly the same thing. I ended up disabling it because it took so much longer for the webcam to fire up and the software to do its thing than for me to just type in a password. This is with a Dell Studio XPS 13, though I wouldn't be surprised if this software shipped on other lappies as well.
Satis clankiller.com
I have to wear a Guy Fawkes mask now?
For someone who grows beards and then shaves them off again as regularly as me, this might be a problem. Good thing I don't buy Lenovo computers.
What do you think, sirs?
I have a lenovo laptop with the new veriface software.
It doesn't work.
Sometimes it won't let me in even though is my exact same face (maybe different way of combing it). Sometimes it will let a stranger access my computer, and even certain background patters will et confused as an "aproved face". (Once I was in the park, left my computer to start until the logon screen came on, while I went away for a brief moment and prepare some other stuff... as I walked back, the computer was already in the desktop... never knew what activated it).
Te technology might be there, but Lenovo isn't.
-Arc
Now we get to see articles about a new wave of Denial Of Service exploits:
Method #1 - The Lens Scratch - No need for a special Key! You can use your own!
Method #2 - The Face Punch - Requires shockingly little computational resources!
"His name was James Damore."
Just make sure to back up your files on another drive before you go for that plastic surgery...
Oh, that was me. What I said was, "stop staring at me, you creepy little thing!"
Caveat Utilitor
My two year old Lenovo IdeaPad has this feature. Did the press release come out 3 years late?
Well, you were hot. Dumb. But hot.
This is an absolutely terrible idea. I'm a student and bought a Lenovo netbook this January. I thought hey "that's a cool feature". I then immediately took steps to breaking it. I took a picture of myself with my digital camera and held the LCD screen of the camera with the picture I just took in front of the netbook's webcam. Instant access. It actually took less time to recognize the picture of myself than when I was sitting in front of the thing as the picture sat perfectly still.
now instead of scalping someone's finger to access their stuff, now i have to pull a hannibal lecter
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
How do I turn this damn thing off?!
This post contains no rudeness or derision of any kind. All arguments are friendly. Terms and exclusions may apply.
I bought a laptop from Lenovo about a year ago (an IdeaPad Y550) and it came with VeriFace. From my experience the VeriFace software worked fairly well, if the room was well lit. In darker situations it failed miserably. I am not sure how they do the recognition, but it seems to be contrast and location of facial features.
Neat things: You can make movement a requirement for login (like you have to shift your head, open your mouth, etc) in order to bypass people using your picture to login. As for false positives, it seemingly had none. The nice bit is the system takes a picture of someone trying to use the VeriFace login system and stores it for your review at a later date. Not 100%, but surely good enough for standard consumer use.
If you were offended by anything I said... No, I'm not sorry. Please lighten up.
The technology is pretty nifty. At work, where we bring in many customer laptops to do virus cleanings etc., one computer had a very long and annoying password. After logging in once, then needing to reboot, I went to log in again, and the login box flashed away just as I put my hands to the keyboard. I logged back out to check, and I found that it had taken a sample image of my face on my first login without my noticing (it did say it was doing it; I just wasn't paying attention), and on the second login it recognized me before I could start typing the long password. All this without me even trying or realizing it was a feature, or even noticing there was a camera (I wasn't looking for one).
The lighting conditions and my face may have been ideal for the camera and facial recognition software, but if they can get that kind of performance in the less ideal cases, I think this would be very well received by the general masses. I forget what brand the laptop was.
To those bellyaching about "security", It's targeted at the consumer... not the pinnacle of perfection demanding hyper geek crowd who demands absolute security. You can always disable the face recognition in favor of windoze login. If you are a cyber crook like gifted facial contortionist like Jim Carrey aimed at thieving a user's data great. You know who you are! As far as it having trouble recognizing those with darker complexion, perhaps the low resolution camera combined with poor lighting could be a factor. My laptop doesn't always recognize me in low light, and I just have a nice George Hamilton tan :)
I can't wait to set up a guest account ... "sure, you can use my computer, but you must wear this gorilla mask the whole time".
1) They are a secret
2) They can be changed at will
3) They don't require a physical feature (you can keep them in your mind).
Biological features are thought to be great because of their uniqueness. But the problem is that once they are compromised, it is permanent. So they are never good by themselves.
Make it stereoscopic and the security becomes non-trivial.
There's a serious problem in biometric (face recognition is one of them). In 2005, in Malaysia a guy's index finger was cut off by car thieves to access his highly-secured car. Here is the link to the news: http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm Imagine if the same happened to your laptop if it contains highly sensitive data.
I think that something like that was tried in the past, and a picture of the owner of the PC was a good trick to bypass the security and unlock the PC. How they will avoid this kind of trick?
The security officer of Deep Space 9 does not think this is very secure.
I bought a Lenovo laptop over a year ago and it had the Veriface software on it. Why is this just news now?
So, what's to prevent people from holding up a photo of an 'authorized user'. It's not like a 1.5mp camera would be able to judge depth. It's a good IDEA, but it's not likely to implement well. The tech's just not there at the consumer level. Just my $.02
One of my teachers used this on his laptop which was an acer i think. He told me that it wouldn't let him login if he wasn't wearing a tie.
1- The best security is something you know + something you have, so password + face sounds good.
2- Oftentimes, when you use only one of the two (password, key card...) or even with both, people misuse security so much (staying logged in, reusing passwords, weak passwords...) that face on its own feels better.
3- And it can re-authenticate periodically without being too intrusive, which is good, too. It could maybe even detect as soon as the user changes ?
The one question is , how often do webcams fail, because the day I'm locked out of my computer by a faulty cam, I'll be pissed.
The Cloud - because you don't care if your apps and data are up in the air.
What the hell happened to fingerprint scanners? I thought they'd be on every keyboard by now and we'd be passed all this password crap.
:T:R:A:N:S:
A friend of mine (non-techie) got a new Lenovo computer and asked me to help him set it up. We took it out of the box and I sat in front of it and powered it up and started booting it. The damn thing immediately started taking my picture, which for all I know is now etched forever in some internal flash memory. I had a camera-equipped cell phone that did the same thing too. My laptop has no built-in camera but if I ever buy one that does, I'm going to cover up the camera with a post-it as part of the initial unboxing process, before I power it up for the first time.
Asus does this too
Using the caera to log me in and log out when other persons approach the camera.
I didn't test it with a picture yet but it already is not working 50% of the time (with 60 sample sample shots taken in different lighting conditions).
....of the laptop owners face and making a cheap restaurant style menu mask to defeat the image recognition?
Seriously what the fuck /.? Lenovo has had this on their netbooks for 1...2 years now?
http://tech.slashdot.org/story/10/06/13/1456251/Lenovo-Trying-Face-Recognition-For-Logins-On-New-Laptops#It's a novelty. SO much faster to type in 6 characters than wait for a scan and get in. Ive tried with photos and such and didn't work so it's not 100% retarded. I'd say only 99%.
All locks are DELAYING DEVICES. Real security is an armed guard who will not hesitate to act with deadly force.
If you are running windows anyway, why bother trying to do ANYTHING securely?
The MAFIAA is a bunch of mindless jerks who will be the first up against the wall when the revolution comes
I remember reading a story about face recognition being built into cigarette machines to verify age. The kids just held up magazines with pictures of old people and got their cigs.
Read what I mean, not what I wrote.
The Lenovo laptop I purchased for my wife almost two years ago had this capability. How is this new?
So you steal a laptop and want to get into it.
Can you just open your cell phone, go to FaceBook, get a profile image of the laptop owner onto the screen and hold it in front of the camera?
I have a 2004 Toyota Prius with a more or less keyless operation. I just keep the key on my person and as I approach the car, the doors unlock. When I sit down in the car and press a button, the car starts. When I walk away from the car, the car beeps at me to tell me that it's still running and I should turn it off.
I'm already investigating the possibility of altering the lock of the front door of my house to electronically open as I approach the door and I would like to do the same with my laptop. I think controlling the door of the garage would also be nice like this.
For convenience, this sounds a lot nicer and even more secure than facial recognition. Of course, it wouldn't be suitable for government use as passwords are still able to hold up against physical theft or murder/abduction of the laptop owner and putting them within proximity of the machine.
I had this toy in my Lenovo laptop a few months ago. Thing is, it is an additional way to log in besides just, you know, typing in a password-- so, it's an additional security hole. You could log on in two different ways, one of them just involving showing your face. The software tries to avoid being fooled by static photos, by looking for a little movement-- so jiggle that picture a little. It's a kind of sexy idea. It's like the idea of a flying car, it seems charming, but... in practice, it's just not very sensible. How hard is it to type in an eight-character password? That's fast and functional. It works. I deleted the picture log-on software the day I got the laptop.
I haven't seen a mention here of the central problem with biometrics, so I will point it out. The central problem with biometrics is not that it can be faked, but that it cannot be revoked. No matter how good the biometric system, if someone does fake it, you can't change your biometrics. You can't change your face, your finger prints, your retinal print or whatever in the same way you can easily change a password if someone finds out your password. This is the real problem with biometrics, and one that can't be solved by making the biometrics better.
My brother had an Acer with face-based login. I could always get it to let me log in with my face instead (he was around, we were messing with it), no matter how many times he trained it.
I can see it now - oh, sorry, can't get into my computer because I haven't shaved for a few days.
I wouldn't trust the Face Recognition technology. The fingerprint scanner on my ThinkPad T500 ceased to work after three months. No, my fingerprints didn't change, get burned, etc. It just stopped recognizing any of my digits. The twerp in tech support suggested I re-flash the BIOS. Yeah, right.
Oh, and the hard drive failed after six months. That was fun.
I thought I was paying for the best in order not to have any of these problems.
Never again a Lenovo.
Slashdot entertains. Windows pays the mortgage.
I tried it on my Lenovo S-10-2, it didn't seem to work as well as I'd like.
Firstly I usually compute with netbook when I wake up and when I go to bed. At both these times, my room is dark. The little webcam is unable to distinguish my face in these light conditions. Also, if you wear glasses, it is unable to get your full facial profile. It had issues with my glasses, so I had to record the face "fingerprint" with my glasses off. Later, when I had my glasses on, it wouldn't recognize me.