Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chaos Computer Club Claims It Can Reproduce Fingerprints From People's Photos

Posted by timothy on from the fonzie's-were-particularly-easy dept.

An anonymous reader writes Chaos Computer Club, Europe's largest association of hackers, claims it can reproduce your fingerprints from a couple of photos that show your fingers. At the 31st annual Chaos Computer Club convention in Hamburg, Germany, Jan Krissler, also known by his alias "Starbug," explained how he copied the thumbprint of German Defense Minister Ursula von der Leyen. Because these fingerprints can be used for biometric authentication, Starbug believes that after his talk, "politicians will presumably wear gloves when talking in public." Even better than gummi bears.

2 of 80 comments (clear)

  1. Re:This is why "biometric" authentication is usele by ancientt · · Score: 5, Interesting

    Not useless, just not sufficient.

    Your house key will work in hundreds of locks, but it's easier to pick the lock than track down exactly which house key might work on the house you want to break into. The reason that biometrics are useful is that they provide a second condition that has to be met for authentication, not because they provide the only one. If you give employees RFID cards and pair it with iris scanning, you're going to have moderately secure door security. It can get a lot better by adding other controls, for example introducing human checks into the system or an employee PIN.

    Most businesses don't even have a second check for door security. I wish people would quit confusing a method of authentication with the idea that any single method is sufficient.

    --
    B) Eliminate all the stupid users. This is frowned upon by society.
  2. Re:This is why "biometric" authentication is usele by Anonymous Coward · · Score: 5, Interesting

    It should actually be a quartet of security: something you know, something you have, who you are & where you are.
    Where you are is interesting for banks for example, they know that it is not possible to have two ATM transactions in the same hour on the other side of the world.

    "Something you are" is not easy to establish by machines.
    Any biometric system needs a guard to check if you are not trying to fake it. For example with a finger print scanner's guard should:
    - Clean the scanner. In case the latent finger print left on the device won't confuse it.
    - Check the person fingers for fake prints, and medical scars.
    - Physically take the person's finger and put it on the scanner (to make sure the person has no possibility to add the fake print to the finger between the check and the scan)
    - Clean the scanner. To make sure the latent finger print will not be lifted from the scanner's smooth surface, when the guard is looking away.

    The person with the finger, should wear gloves everywhere, except when using the scanner.

    Soon we will be wearing, burkas, sun glasses and gloves to make sure our identities will not be lifted.