What's happened to biometric protection?

Darat

Lackey
Staff member
Darat
Joined
Aug 3, 2001
Messages
125,987
Location
South East, UK
Had a thought after reading a thread about security of data - how come biometrics seem to have disappeared in personal computing? I remember we had a time when fingerprint scanners were being built into keyboards and the like.

Did it simply not work or people didn't like it?
 
Last edited:
AFAIK, fingerprint scanners are still being built into [at least some] laptops; within the past 6 months I was browsing electronics stores with a friend, I asked him what something was for on a notebook, and he told me it was a fingerprint scanner.

I think that for desktop computers (at least in the home), they're kind of pointless in that having access to the box itself can foil just about any security apart from strong encryption. Besides, most folks have gotten comfortable with passwords.
 
My boss has a laptop that has a fingerprint scanner, and the last time I was fixing it for him I added my fingerprint to the list of allowed ones so that I wouldn't have to remember his password.

My personal laptop has a face recognition program that never works properly, I can't remember the last time it actually managed to log me in, but I bet that if I held a photo of myself up to it, it would probably work more consistently.

But I also have a disk in my desk at work that I can slip into any windows computer with a cd drive and in a couple of minutes strip out the password for the account and then log in normally. Although a lot of the time that isn't even needed, you can slip in by booting into safe mode and if the default administrator account doesn't have a password (as often is the case) slip right in. Or just take the hard drive out and slip it into another computer, and get all the data that way, as long as the disk isn't encrypted at least. And I'll just point out that I'm just a mechanical engineer, who happens to do the computer stuff at the small company I work at because it's a hobby, I'm sure real IT people know many more ways to get around this stuff than I do.

So biometrics in my experience are less reliable than passwords, and if someone takes your computer they are pretty much getting everything on it anyway, so whats the point of having them.
 
I guess my point about having access to the box for a home desktop goes double for laptops and I just wasn't thinking about it very hardat all. :)

You've pointed out the problem with biometric PC security very well, fetchbeer, mainly in that most consumer operating systems and hardware have back doors -- necessarily so since there's nothing stopping a fingerprint scanner or other biometric device from failing, and most consumers want to get the thing working again as cheaply as possible.

Such security measures could be fun and convenient, and could at least keep out the more "casual" attempts to gain access (friends/family members/guests), but for the home user a password should be more than sufficient.
 
I agree that for a determined person, overcoming biometric protection isn't too much of a challenge.

I have had fingerprint scanners in three laptops I've owned or worked with, including the one I'm typing this on. For two of them, I found scanning my finger to be a tad more convenient and faster than having to enter a password. For the third laptop, the scanner rarely worked so I never bothered with it.

So when it works, the advantage may be that it's just a bit more convenient than using a password.
 
many biometric fingerprint scanner can be easily foiled with gelatine/gummy. Especially knowing *where* to get the finger print (on the scanner of the single user laptop, who clean up the latent fingerprint after each scan ? ). Many biometric solution are immature and can be foiled.

Plus many people realize that the added security is not worth the added price, and read many story / watched film where the good or bad guy cut the finger/eye out of the security guard / target person and use it to get access. For some people it is enough to convince them that having the password "your person" is a bad idea, because that force thugs to make you separate from part of your person.

naturally some more expansive scanner try to account for that, but try to fight the bad publicity (we tried in our firm, forget it).

Finally biometric stuff for your average joe is too expansive for no added value.
 
Last edited:
My laptop has one. It's cool, and saves a few seconds every day, but that's about the extent of it's usefulness. I've never tried to fool it, but I assume it wouldn't be impossible.
 
Aepervius said:
many biometric fingerprint scanner can be easily foiled with gelatine/gummy. Especially knowing *where* to get the finger print (on the scanner of the single user laptop, who clean up the latent fingerprint after each scan ? ). Many biometric solution are immature and can be foiled.
Click to expand...

All the scanners I have ever used required you to swipe your finger, not just press it onto the scanner. Foiling it in the manner you described, or any other way really, is not going to work. If it were the only way into the system, then it would be pretty secure. But as has been mentioned, circumventing it through hardware or software in most cases isn't that difficult.

As for the fear of cutting off a finger or such, I think you give movies a little too much credit. Most people are securing just personal information, I highly doubt the average person using biometrics on their pc has even considered the thought that someone would cut off their finger to gain access to their facebook account.
 
Darat said:
Had a thought after reading a thread about security of data - how come biometrics seem to have disappeared in personal computing? I remember we had a time when fingerprint scanners were being built into keyboards and the like.

Did it simply not work or people didn't like it?
Click to expand...

The main issue is that you need a back door in for service. Say you get an issue that causes a need for someone to open the Admin account in safe mode, but it is locked due to biometrics?

Or the scanner fails and you are locked out?

Or the data file gets corrupetd and you are locked out.
 
Crazycowbob said:
All the scanners I have ever used required you to swipe your finger, not just press it onto the scanner. Foiling it in the manner you described, or any other way really, is not going to work. If it were the only way into the system, then it would be pretty secure. But as has been mentioned, circumventing it through hardware or software in most cases isn't that difficult.
Click to expand...

Never mind the scanner. Do you clean your laptop ? keyboard ? Plenty of latent fingerprint.

As for the fear of cutting off a finger or such, I think you give movies a little too much credit. Most people are securing just personal information, I highly doubt the average person using biometrics on their pc has even considered the thought that someone would cut off their finger to gain access to their facebook account.
Click to expand...

I was not saying I fear it, I am saying that many people we asked about using biometric fingerprint with our product mentioned the concern. So a made-up danger trump reality. That remind me of other stuffed up things like E conservator (the E additive scare where one was flagged as carcinogen by some scary leaflet but was citric acid in reality, or maybe sodium mallate) or even fear of other product like cloned beast or GMO.
 
Last edited:
Well, if you think about it, using your fingerprint as a form of identification is really a pretty strange idea. It's like having a password that you write down on every surface you touch, wherever you go.
 
In the area of computer security, there are three methods of access control: what you know, what you have and what you are.

What you know = a password

what you have = a keycard

what you are = your face or fingerprint (the biometrics)

To have vastly improved security, you require two or all three of these categories (called two (or three) factor authentication)

In this case of having the fingerprint scanner, that's still just one of these categories, so it's more of a case of security theater. Two factor authentication would be first pressing your thumb on the pad, verifying, then entering in a password. I dunno, maybe that's how most laptops are already set up, but from what's been said in this thread and what I know (very limited), it's still only a single factor.

And, as has been said upthread, having physical access to the box... eventually it's a done deal, unless the person has some other more extreme data-protection measures set up.
 
Babbylonian said:
Such security measures could be fun and convenient, and could at least keep out the more "casual" attempts to gain access (friends/family members/guests)
Click to expand...

I think this is really the important point. Biometrics are secure enough, and could be much more convenient since you don't need to worry about thinking up and remembering passwords. They're not some sort of magical security solution since they can still be beaten or simply avoided, but they do have some advantages over passwords. The downside is that they also have the disadvantage of requiring extra hardware, adding extra cost and something more to go wrong.

As The Norseman says, for real security one solution will never be enough, so it's not actually a question of biometrics or password for that, it should be at least both. For the home user, either is plenty secure enough. I suspect the main reason biometrics aren't more popular is simply that we're used to passwords. People don't like change. Biometrics, in the UK at least, also have the additional disadvantage of being associated with government databases and monitoring, so even though their use on a home computer has nothing to do with that, people will probably oppose them because of that association.
 
You must log in or register to reply here.

Back
Top Bottom