What next ? cryoprison ? taco-bell/pizza-hut (depending if your dvd is zone 1 or the rest of the world) winning the restaurant franchise wars ? virtual sex with helmets that transmit your neocortex excitation levels ? 61st amendment to allow schwartzenegger to become president (and the subsequent "Schwarzenegger presidential library") ?
I thing GWB and friends watched that movie once too many
Tsutomu Matsumoto, a Japanese cryptographer, recently decided to look at biometric fingerprint devices. These are security systems that attempt to identify people based on their fingerprint. For years the companies selling these devices have claimed that they are very secure, and that it is almost impossible to fool them into accepting a fake finger as genuine. Matsumoto, along with his students at the Yokohama National University, showed that they can be reliably fooled with a little ingenuity and $10 worth of household supplies.
Matsumoto uses gelatin, the stuff that Gummi Bears are made out of. First he takes a live finger and makes a plastic mold. (He uses a free-molding plastic used to make plastic molds, and is sold at hobby shops.) Then he pours liquid gelatin into the mold and lets it harden. (The gelatin comes in solid sheets, and is used to make jellied meats, soups, and candies, and is sold in grocery stores.) This gelatin fake finger fools fingerprint detectors about 80% of the time.
His more interesting experiment involves latent fingerprints. He takes a fingerprint left on a piece of glass, enhances it with a cyanoacrylate adhesive, and then photographs it with a digital camera. Using PhotoShop, he improves the contrast and prints the fingerprint onto a transparency sheet. Then, he takes a photo-sensitive printed-circuit board (PCB) and uses the fingerprint transparency to etch the fingerprint into the copper, making it three-dimensional. (You can find photo-sensitive PCBs, along with instructions for use, in most electronics hobby shops.) Finally, he makes a gelatin finger using the print on the PCB. This also fools fingerprint detectors about 80% of the time.
Gummy fingers can even fool sensors being watched by guards. Simply form the clear gelatin finger over your own. This lets you hide it as you press your own finger onto the sensor. After it lets you in, eat the evidence.
Matsumoto tried these attacks against eleven commercially available fingerprint biometric systems, and was able to reliably fool all of them. The results are enough to scrap the systems completely, and to send the various fingerprint biometric companies packing. Impressive is an understatement.
There's both a specific and a general moral to take away from this result. Matsumoto is not a professional fake-finger scientist; he's a mathematician. He didn't use expensive equipment or a specialized laboratory. He used $10 of ingredients you could buy, and whipped up his gummy fingers in the equivalent of a home kitchen. And he defeated eleven different commercial fingerprint readers, with both optical and capacitive sensors, and some with "live finger detection" features. (Moistening the gummy finger helps defeat sensors that measure moisture or electrical resistance; it takes some practice to get it right.) If he could do this, then any semi-professional can almost certainly do much much more.
More generally, be very careful before believing claims from security companies. All the fingerprint companies have claimed for years that this kind of thing is impossible. When they read Matsumoto's results, they're going to claim that they don't really work, or that they don't apply to them, or that they've fixed the problem. Think twice before believing them.
Matsumoto's paper is not on the Web. You can get a copy by asking: Tsutomu Matsumoto
Here's the reference: T. Matsumoto, H. Matsumoto, K. Yamada, S. Hoshino, "Impact of Artificial Gummy Fingers on Fingerprint Systems," Proceedings of SPIE Vol. #4677, Optical Security and Counterfeit Deterrence Techniques IV, 2002.
Some slides from the presentation are here: presentati
yeah, atm is used for DSL only to link the modem to the provider because the transport operator's network is atm based for some reason. ATM in itself is not useful in this context, and eats up to 10% of the available bandwith with pure non-necessary overhead
3) the US brag about being able to go into your country all the way up in a week 4) the US complain about "rogue terrorists" kicking their ass (see vietnam & iraq)
nope. atms are equipped with secure IBM-manufactured crypto cards, and check the pin themselves with a complicated algorithm involving the card number and an offset stored on the magnetic stripe
that's what the free "planned parenthood" clinics are for... a simple pill and the problem goes away. Of course, with bush and his religious zealots croonies from hell, you can be sure that these clinics are going away, as happened last week in texas where the contractor decided to stop building the clinic (see cnn for details)
then shame on her parents for not explaining to her earlier that unprotected sex leads to pregnancy and a kid, thus that she may want to force her mate to use a condom during the intercourse...
only those branded machines get to pay the windows tax. the ones built by the sweat shop across the street usually don't, unless the customer specifies (and pays) for it. too many sweatshops have been closed down by giving a pirated version of windows for free with the box, that was supposedly installed for testing.
Hell, the one across my street tests with a knoppix cd and gives that for free with the box;)))
most cities have the red light controllers networked with modems that the central computer can access. you just have to revoke the particular key and that's it. it may be even easy by detecting that you've seen the same key in 2 different parts of the city (or more) at the same time.
Slashdot Mirror
Anything is small compared to US defense budget ..
Lately, it would be more appropriate to call it the US ATTACK budget
to answer to the one that says 20 Billions is a lot, well, not exactly, compared to the 180 Billions the war on Iraq has required so far.
Fine, I just won't spend my American tourist dollars in Brazil.
It ain't worth shit anymore, who cares ?
remember "Demolition Man" ?
What next ? cryoprison ? taco-bell/pizza-hut (depending if your dvd is zone 1 or the rest of the world) winning the restaurant franchise wars ? virtual sex with helmets that transmit your neocortex excitation levels ? 61st amendment to allow schwartzenegger to become president (and the subsequent "Schwarzenegger presidential library") ?
I thing GWB and friends watched that movie once too many
remember this slashdot article that reffered to that
:
crypto-gram issue ???
quote
Fun with Fingerprint Readers
Tsutomu Matsumoto, a Japanese cryptographer, recently decided to look at biometric fingerprint devices. These are security systems that attempt to identify people based on their fingerprint. For years the companies selling these devices have claimed that they are very secure, and that it is almost impossible to fool them into accepting a fake finger as genuine. Matsumoto, along with his students at the Yokohama National University, showed that they can be reliably fooled with a little ingenuity and $10 worth of household supplies.
Matsumoto uses gelatin, the stuff that Gummi Bears are made out of. First he takes a live finger and makes a plastic mold. (He uses a free-molding plastic used to make plastic molds, and is sold at hobby shops.) Then he pours liquid gelatin into the mold and lets it harden. (The gelatin comes in solid sheets, and is used to make jellied meats, soups, and candies, and is sold in grocery stores.) This gelatin fake finger fools fingerprint detectors about 80% of the time.
His more interesting experiment involves latent fingerprints. He takes a fingerprint left on a piece of glass, enhances it with a cyanoacrylate adhesive, and then photographs it with a digital camera. Using PhotoShop, he improves the contrast and prints the fingerprint onto a transparency sheet. Then, he takes a photo-sensitive printed-circuit board (PCB) and uses the fingerprint transparency to etch the fingerprint into the copper, making it three-dimensional. (You can find photo-sensitive PCBs, along with instructions for use, in most electronics hobby shops.) Finally, he makes a gelatin finger using the print on the PCB. This also fools fingerprint detectors about 80% of the time.
Gummy fingers can even fool sensors being watched by guards. Simply form the clear gelatin finger over your own. This lets you hide it as you press your own finger onto the sensor. After it lets you in, eat the evidence.
Matsumoto tried these attacks against eleven commercially available fingerprint biometric systems, and was able to reliably fool all of them. The results are enough to scrap the systems completely, and to send the various fingerprint biometric companies packing. Impressive is an understatement.
There's both a specific and a general moral to take away from this result. Matsumoto is not a professional fake-finger scientist; he's a mathematician. He didn't use expensive equipment or a specialized laboratory. He used $10 of ingredients you could buy, and whipped up his gummy fingers in the equivalent of a home kitchen. And he defeated eleven different commercial fingerprint readers, with both optical and capacitive sensors, and some with "live finger detection" features. (Moistening the gummy finger helps defeat sensors that measure moisture or electrical resistance; it takes some practice to get it right.) If he could do this, then any semi-professional can almost certainly do much much more.
More generally, be very careful before believing claims from security companies. All the fingerprint companies have claimed for years that this kind of thing is impossible. When they read Matsumoto's results, they're going to claim that they don't really work, or that they don't apply to them, or that they've fixed the problem. Think twice before believing them.
Matsumoto's paper is not on the Web. You can get a copy by asking:
Tsutomu Matsumoto
Here's the reference:
T. Matsumoto, H. Matsumoto, K. Yamada, S. Hoshino, "Impact of Artificial Gummy Fingers on Fingerprint Systems," Proceedings of SPIE Vol. #4677, Optical Security and Counterfeit Deterrence Techniques IV, 2002.
Some slides from the presentation are here:
presentati
yeah, atm is used for DSL only to link the modem to the provider because the transport operator's network is atm based for some reason. ATM in itself is not useful in this context, and eats up to 10% of the available bandwith with pure non-necessary overhead
swapping the electronics board should work (been there, done that)
you should put the design in the open so as to embarass them more...
or more likely
3) the US brag about being able to go into your country all the way up in a week
4) the US complain about "rogue terrorists" kicking their ass (see vietnam & iraq)
if you had bother reading the contents, you'd have seen that the GCC is already ported, and that ecos is running satisfactorily on these
the last sentence would be wrong, it should read
EU: I say, go fuck yourself, we have nukes too
Is china working on a similar system?
china is part of the gallileo project now
(...)but both France and UK have n(...)
I don believe the UK would retaliate against their great friend of all times, the US...
they'll probably turn their nukes on the french !!!
(...)want to hold onto Euro dollars, an incre(...)
it's euro (EUR) goddamit, not "Euro Dollars"...
nope. atms are equipped with secure IBM-manufactured crypto cards, and check the pin themselves with a complicated algorithm involving the card number and an offset stored on the magnetic stripe
uh, that's the same diebold doing the voting machines ???
that's why articles redactors should use the preview feature and re-read whatever they have written...
a Florida woman found herself speaking with a British accident
easy, do like I do, go back investing money in lego, instead of those supposed "artistic" works...
the protocol goes something like this...
1) have sex (with condom)
2) discover condom has failed... oops
3) the next day, go get that damn pill
how hard is it ???
that's what the free "planned parenthood" clinics are for... a simple pill and the problem goes away.
Of course, with bush and his religious zealots croonies from hell, you can be sure that these clinics are going away, as happened last week in texas where the contractor decided to stop building the clinic (see cnn for details)
then shame on her parents for not explaining to her earlier that unprotected sex leads to pregnancy and a kid, thus that she may want to force her mate to use a condom during the intercourse...
Hi there
I have been working on a project that does that and more (ogg playing) for the past year or so.
check it out and tell me what you think (you can help too)
navsys, here
ain't gonna happen anytime soon, now that bush jr. and his goons/henchmen are there...
only those branded machines get to pay the windows tax. the ones built by the sweat shop across the street usually don't, unless the customer specifies (and pays) for it. too many sweatshops have been closed down by giving a pirated version of windows for free with the box, that was supposedly installed for testing.
;)))
Hell, the one across my street tests with a knoppix cd and gives that for free with the box
Of course it makes sense to patent this, as it's done with a computer
most cities have the red light controllers networked with modems that the central computer can access.
you just have to revoke the particular key and that's it.
it may be even easy by detecting that you've seen the same key in 2 different parts of the city (or more) at the same time.