Upcoming Events

A Network Computing Webinar:
Avoiding Downtime: How Virtualization Can Help In Times of Trouble

June 12, 2013
11:00 AM PT / 2:00 PM ET

Are you caught between a desire for the benefits of the cloud and concerns about security and control? Then you should attend this insight-packed webinar to learn how private data networking technologies like MPLS IP-VPNs can address your concerns and allow you to safely and intelligently reap the savings, agility and other benefits associated with cloud computing.

Join us to hear top industry experts discuss the private data network technologies that are best suited for enterprise cloud access requirements. You won't want to miss this opportunity to learn how your organization can best mitigate risk while reaping the full potential benefits of the cloud.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Vendor NewsFeed

More Vendor NewsFeed »

Microsoft's Fingerprint Reader Hacked

Posted by Gregg Keizer
March 07, 2006

Microsoft's Fingerprint Reader, a low-cost biometric device aimed at consumers, doesn't encrypt the fingerprint image, leaving it open to hacking, a security researcher claimed.

Finnish researcher Mikko Kiviharju, who presented his findings last week at Amsterdam's Black Hat Europe conference, laid out a scheme using "sniffers," hardware or software tools that intercept encrypted data, to fool the Fingerprint Reader.

Unlike more expensive biometric gear, Microsoft's reader is labeled only as a tool of "convenience." In fact, the Redmond, Wash.-based company spells it out in the opening of the product's Getting Started guide.

"The fingerprint reader is not a security feature and is intended to be used for convenience only. It should not be used to access corporate networks or to protect sensitive data, such as financial information," the guide reads.

Kiviharju, however, noted that the lack of encryption makes it possible to spoof a fingerprint, which would give an attacker access to a Windows account as well as password-protected Web sites. A phony fingertip isn't necessary, since the unencrypted data can be captured, then "replayed" to the computer, fooling it into thinking a real finger was pressed on the reader.


Page:  1 | 23  | Next Page »


Related Reading

News

Commentary

Most Popular

On the Web

More Insights

White Papers

More >>

Webcasts

More >>

Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
 
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

Research and Reports

May 2013
Network Computing: May 2013

Video


WATCH: Bob Metcalfe Plans Ethernet's 40th

WATCH: CES 2013: It's A Wrap!

WATCH: Intel touts tablets, smartphones at CES 2013


View All Videos
Previous Page First Page Second Page Third Page Next Page

Most Popular

Stories Blogs

More Stories »

Upcoming Events

Featured Whitepapers

 
 
What's this?
More >>


Featured Reports

 
 
What's this?
More >>


BlogRoll

TechWeb Careers