Dailydave mailing list archives
Re: Fingerprint biometrics attack paper...
From: Adam Shostack <adam () shostack org>
Date: Tue, 12 Apr 2016 16:38:17 -0400
They steal /etc/shadow and call the library. Most biometrics give a matching score because you can tune the false positive/false negative acceptable rates. Adam On Tue, Apr 12, 2016 at 03:32:29PM -0400, dave aitel wrote: | http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.10.7168&rep=rep1&type=pdf | | I want everyone to click on this paper and then maybe help explain it to | me! From what I understand they got a fingerprint reader to tell them | how hot/cold they were to an acceptable fingerprint. So they they modify | a fingerprint to get closer and closer until it matches. | | DOES THAT EVER HAPPEN IN REAL LIFE? I'm so confused at what security | system gives you a "hot/cold" value so you can use this algorithm. Could | this paper be summed up to say in one sentence "Obviously if you give a | matching score from your biometric, you can use a model of that | biometric to retrieve the raw data with enough tries?" | | -dave | | | | | _______________________________________________ | Dailydave mailing list | Dailydave () lists immunityinc com | https://lists.immunityinc.com/mailman/listinfo/dailydave -- Don't miss out on my news, which comes out roughly once a quarter. http://adam.shostack.org/newthing.html _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Fingerprint biometrics attack paper... dave aitel (Apr 12)
- Re: Fingerprint biometrics attack paper... Adam Shostack (Apr 12)
- Re: Fingerprint biometrics attack paper... Robin.Lowe (Apr 12)
- Re: Fingerprint biometrics attack paper... Adrian Sanabria (Apr 13)