Slashdot Mirror
New Fujitsu Laptop Reads Your Palm, For Security
judgecorp writes "Fujitsu has launched a laptop which authenticates users using the veins of their palm. The contactless technology is hard to deceive and — since it detects haemoglobin in the veins, is not so likely to be breakable using the gruesome method of cutting off a hand."
Damn these hairy palms!
Damn them to hell!
Mod me down, my New Earth Global Warmingist friends!
This means that the near-infra-red emitters and camera have become so cheap as to be mass marketable. Hold off for six or so months before buying a vein finder for medical use, you could save 90% on the price ... or maybe the next generation of smart phones will support this?
Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
Not so sure how good this is. From what I can see, the equal error rate of palm identification is 0.17, compared to 0.01 for fingerprint identification.
Deal with reality - the world as it is - rather than ideality - the world as you would like it to be.
XKCD has the last word on this subject
I've fallen off your lawn, and I can't get up.
You lick it. It detects your tongue (much like a finger-print reader) and does a DNA analysis. Not that I've built one.
Politics; n. : A religion whereby man is god.
There are a few people that routinely break "hard to deceive" biometrics on the cheap. Wait till they get their hands on one of these. I predict it will fall fast, just as all the other technologies promoted by lying marketing scum as "secure".
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Not unless you can print a picture that will show different levels of reflection to the near-infrared wavelengths.
If you've seen a thermal images of a house showing where the heat loss is, compare that to the normal image of the house. This method is using the equivalent of a thermal image.
~~
Will it recognize me when I do "the stranger"? I'd be damned pissed off in such a moment of need.
I hadn't the slightest objection to his spending his time planning massacres for the bourgeoisie... (P.G. Wodehouse)
Cut off the hand in such a way as to keep the appendage from bleeding out (think fire-heated axe), and there's still going to be blood (and hemoglobin) in there.
Maybe enough, maybe not.
What about people with poor circulation (older people mostly).
They're going to have real problems using this as an authentication mechanism. Hell, some of them NOW have major issues with capacitive touchscreens.
Chas - The one, the only.
THANK GOD!!!
You can't change your palm vein layout or your fingerprint when an attacker makes a copy of it somehow. You can easily change a password with practically no real effort. Biometrics are a key to a door where the key is unchangeable. I reinstalled everything on a laptop of mine and didn't even waste time putting a driver in place for the fingerprint reader it came with.
How fast can you explain to the guy about to cut off your hand that it's not going to work? Is he going to believe you?
Not unless you can print a picture that will show different levels of reflection to the near-infrared wavelengths.
Actually, you'd just have to print something using a Laser printer (toner contains iron oxide, just like Hemoglobin) and tape it to something, like a copper sheet, to produce a very similar picture to the camera.
Cut off the hand in such a way as to keep the appendage from bleeding out (think fire-heated axe), and there's still going to be blood (and hemoglobin) in there.
Pretty sure it uses the RF properties of iron when in motion. If it does use IR, then the blood needs to be a different temperature than the skin. Cutting off the hand would cause the blood to cool too much.
One of its claimed advantages was (at least what they demo'd) that it used infrared to "see" the heat of your veins through the palm of your hand. Cut the hand off, it ain't gonna work, or so they claimed.
It will be interesting to see how this is accepted in the larger notebook market.
-Red
Yeah I tried that "no honey, it's an ID verification device" line before too.
Are you a man or a woman?
Set your phasers on "funky"!
Just imagine the potential of this - "It is no use logging in - you are going to meet a tall, dark stranger ..."
"You have been authenticated based on your palm print; last login 11/15/2013. Also, you will meet a beautiful but mysterious woman with long blond hair, and you will have a long and healthy life."
Except for the word "iron" that was complete gibberish.
you just need a picture that looks the same in ir..
world was created 5 seconds before this post as it is.
Just as you can use a physical key to open a conventional lock, why can't mobile device manufacturers come up with something that can read a password off a physical electronic key attached to an ordinary key chain.
One password systems are purely stupid, and biometric systems usually involve invasion of privacy of some sort.
If the former, maybe. Might still be gotten around by pumping the hand.
If the latter, I wouldn't worry too much. A human hand doesn't bleed heat off that quickly.
Chas - The one, the only.
THANK GOD!!!
The advantage of this system is that, as well as handling the security of your laptop, it is also able to tell you that you will meet a tall dark stranger, you will live to an old age and will be lucky in love but not in money.
No left turn unstoned.
slighly discomfort
Say what? Gunshots range from ~143-174+. Hearing damage is pretty much instant at 130db.
That means you need hearing protection, but when hunting hearing is still very useful, so 'active' hearing protection that shuts down for the gunshot but otherwise amplifies quiet signals are helpful assists.
As for the cost of hearing aides, it's my understanding that the expensive ones are much more configurable than 'simple' devices like bluetooth headsets, and are designed to last longer(with better warranty), plus often include the cost of the configuration in the cost for the device. But yeah, a lot of medical device paperwork&liability expense baked into the price.
I don't read AC A human right
Biometric devices aren't particularly secure plus if they are compromised somehow you cant change your fingerprints or iris pattern or voice print or palm veins or DNA in the way that you can change a password or a security card.
Oh and using a device secured by biometrics rather than a good strong password can reduce your legal protections if the cops want to get at whatever it protects
so we can know for sure! Wait, that would be an anecdote, not equivalent to real statistical evidence. It will have to be tried many times before we have a definitive answer. Unfortunately for the rest of us, the sort of people (drug cartels?) who might test this aren't the sort who are likely to announce the results. I guess we'll never know.
Whether it's port knocking, fingerprint reading or palm reading as in this case, can anybody point out why this is a more 'secure' authentication method than anything else?
I tend to think that a fingerprint or similar may possibly serve as a substitute for a user name, but would you want to let people sign in using usernames only, no password, ssh key or a generated one time pad? Other than that it was probably fun to make, I don't see any advantage at all to using a known constant as a substitute for the familiar user name plus password and/or other changeable secret.
-- That grumpy BSD guy - http://bsdly.blogspot.com/
Photograph user's hand in the appropriate IR band. Print to film stock that uses silver (or some other metallic/conductive) based emulsion. Place print in microwave* oven to selectively warm the image of the vein patterns. Place on keyboard and log in.
*Other heating technology could be used, including a print with conductive layers and resistive heating.
Have gnu, will travel.
Why do you think you have to use your own hand? Think! Just as criminals can cut of your hand, you can cut of the hand of others whenever you need a new password!
If the biometric sensor can read the key (hemoglobin in your veins), then so can a key duplicator. And using what the duplicator reads, you can make a duplicate key which unlocks the biometric sensor just like the original key.
The only benefit biometric sensors bring to the table is that the keyholder cannot misplace the key. If you want real security, you need to go with public/private key encryption or rolling codes (essentially a continuous one-time pad), and multi-factor authentication. Biometrics can't do the former, and can only do part of the latter.
Dear god... stop talking. By what mechanism would an affordable laptop component measure the movement of the tiny amounts of iron in your blood via RF well enough to map your veins?
It is likely looking at the near IR (not thermal IR, so temperature isn't even being measured) absorption of hemoglobin. It's similar to what's being measured in pulse oximetry, but you don't really care about whether the blood is oxygenated or not.
If you want a vision of the future, imagine a youtube comments section scrolling - forever.
Good thing that IR-band pigments aren't already commercially available (never mind the tedious-but-likely-cheaper process of just looking for random stuff at Staples that happens to have the right property despite being formulated for visible-band applications, you only need to get lucky once and you'll probably have something you can spit out at usefully high resolutions on some ghastly inkjet that costs less than the ink it takes). This might actually be easier than cloning fingerprints...
As far as I know, absolutely none; in particular, throwing out enough RF to get a usable signal back would probably do your battery life and relationship with the FCC no good at all; but the large, precise, and sensitive PCB antenna arrays in Wacom tablets would be my off-the-cuff candidate for 'component most likely to be able to do the sensing' (but not the illuminating, they only work with the passive pens because those pens are designed to behave usefully in response to the quite feeble field put out by the tablet PCB, and nature is unlikely to be nearly so helpful). Plus, they look cool.