Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lenovo Trying Face Recognition For Logins On New Laptops

Posted by Soulskill on from the careful-about-shaving-that-beard dept.

judgecorp writes "Lenovo's new IdeaPads will be using face recognition as a way to replace passwords for users logging onto the laptops. 'Lenovo's VeriFace combines the Windows login and file encryption to password-protect individual files. It identifies users by matching unique features of their faces to photographs taken by the 1.3-megapixel webcam built into the laptop. When Windows users start up their PCs, a camera window pops up in the login frame. The user then just has to adjust their position so their face appears in the window, and VeriFace logs them in automatically.' That could be good, but is the technology really ready for mass market devices? HP ran into trouble when its face recognition software had trouble recognizing people with darker skin."

9 of 164 comments (clear)

  1. Old, old news by toppavak · · Score: 4, Insightful

    This has been available on Lenovo IdeaPad laptops since they first launched maybe 2 years ago.

  2. Ehmmm... Photo? by Ecuador · · Score: 5, Funny

    So I can just grab a photo of the user whose PC I want to log onto and show it to the cam?
    Much easier to crack than that darn retinal scan that requires me to get the eyeballs of my victim...

    --
    Violence is the last refuge of the incompetent. Polar Scope Align for iOS
    1. Re:Ehmmm... Photo? by $RANDOMLUSER · · Score: 4, Funny

      Yeah. What a PITA. Now you have to take their whole head.

      --
      No folly is more costly than the folly of intolerant idealism. - Winston Churchill
    2. Re:Ehmmm... Photo? by Bigjeff5 · · Score: 4, Insightful

      The facial recognition has been circumvented on these with a photo of moderate quality. Since the camera doing the recognition is a 1.3mp camera, the absolute most you'll need to beat it is a 2mp photo, and likely a lot less than that will work. A new/clean driver's license photos might work, but a worn one probably wouldn't.

      The only way I see them preventing a simple photograph from circumventing this is using two cameras, scanning at different angles, and making sure the two images are slightly different but still match. In that case you would need a fairly complicated rig to get the cameras to look at two photos at once in order to fool them. Much better, but not exactly secure.

      As it is now, these are even less secure than fingerprint readers, which can be beaten with a lifted fingerprint (laptop readers require a transparency, but doors can be done with black dust and tape).

      The reality is biometrics never work like the movies. An image of your face can be recorded in high enough quality to fool a scanner, your voice can be recorded in high enough quality to fool a scanner, a good camera (around $1k or so) can even get a high quality copy of your retina from a long enough distance that you'd never know it happened, which could then fool a scanner. Fingerprints have always been a joke to bypass. In many cases you can lift the necessary print right off the scanner - you might as well have a sticky note on the screen with your password on it.

      All of them are easier to bypass than a simple non-dictionary password. A pass-phrase is several orders of magnitude more secure than the lot, and the easiest to remember. It's only when you want to make passwords super secure that people start writing them on stickies and slapping them on their monitors (note that I have actually experienced this in secure government facilities - it's extremely common when very complex passwords are required). You might as well just use biometrics then, for all the good it is doing you.

      --
      Security is mostly a superstition... Avoiding danger is no safer in the long run than outright exposure. - Helen Keller
  3. Re:Easy to defeat by houstonbofh · · Score: 5, Insightful

    It doesn't need to be good, it just has to look good. It's all security theater and marketing.

  4. so... by smash · · Score: 4, Interesting

    .. how does it handle identical twins?

    --
    I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
  5. Re:Who the hell would trust this? by Venik · · Score: 5, Informative

    Lenovo is not breaking any new ground here. My 1.5-year-old Toshiba Qosmio can with face-recognition software. The software works equally well with my face or a 1:1 photo of my face - either color or b/w. I think I will stick with passwords for now.

  6. Denial of Service by Rockoon · · Score: 5, Insightful

    Now we get to see articles about a new wave of Denial Of Service exploits:

    Method #1 - The Lens Scratch - No need for a special Key! You can use your own!
    Method #2 - The Face Punch - Requires shockingly little computational resources!

    --
    "His name was James Damore."
  7. Oh come on by nickdwaters · · Score: 4, Insightful

    To those bellyaching about "security", It's targeted at the consumer... not the pinnacle of perfection demanding hyper geek crowd who demands absolute security. You can always disable the face recognition in favor of windoze login. If you are a cyber crook like gifted facial contortionist like Jim Carrey aimed at thieving a user's data great. You know who you are! As far as it having trouble recognizing those with darker complexion, perhaps the low resolution camera combined with poor lighting could be a factor. My laptop doesn't always recognize me in low light, and I just have a nice George Hamilton tan :)