Careers & Certifications

06:40 PM
Connect Directly
RSS
E-Mail
50%
50%

Microsoft's Fingerprint Reader Hacked

Microsoft's low-cost biometric device doesn't encrypt fingerprint images, leaving it open to hacking, a security researcher claimed. MS responds however that the tool was never designed to provide massive

"With no crypto, one will not even need a gelatin finger," he said in his presentation notes.

Microsoft licenses the underlying technology for its reader from Redwood City, Calif.-based Digital Persona; that company's U.are.U 4000 reader does encrypt image data.

But sans encryption, Kiviharju said, Microsoft's implementation of Digital Persona's technology exposes some of the latter's security methods to hackers.

"MSFR unencryption reveals some anti-forgery strategies used by Digital Persona elsewhere," said Kiviharju in an accompanying white paper. Among them: Digital Persona's use of a checksum.

Vance Bjorn, Digital Persona's chief technology officer, denied that any sensitive information about the technology had been disclosed to potential attackers by Microsoft's lack of encryption.

Previous
2 of 3
Next
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed