

Fun with Fingerprint Readers - geoka9
http://www.schneier.com/crypto-gram-0205.html#5

======
imeikas
Mythbusters also tried some different methods for beating the system
<http://www.youtube.com/watch?v=LA4Xx5Noxyo>

~~~
Deestan
The most interesting bit of that show was how they beat that serious-looking
fingerprint sensor with a licked piece of paper:

Photocopy a fingerprint, lick the copy, push it onto the reader.

------
cstuder
It's from May 15, 2002.

I wonder how the situation is today. Any new findings?

~~~
sp332
Yeah, now you can just pick the fingerprint locks with a paperclip in about 10
seconds.
[http://www.privacydigest.com/2010/08/03/biometric%20and%20ot...](http://www.privacydigest.com/2010/08/03/biometric%20and%20other%20locks%20fail%20foil%20hackers%20defcon)
That's progress for you.

------
Fedons
"After it lets you in, eat the evidence."

This is genius.

------
JangoSteve
I was thinking the first gelatin finger he made was just a smooth finger-
shaped mold and inferred that it worked by simply pressing the pattern left by
the oil residue of the last person to place their finger on the pad. I thought
that was pretty cool, but then wondered why they considered the second more
arduous process of printing and etching a fingerprint with the same success
rate more interesting. I was thinking, well that can be solved simply with
software. Like don't let the same person enter a door twice in a certain time-
window.

Then I realized the first method meant you actually had to mold a finger that
already has access, fingerprint and all. Oh, ok now the second more arduous
method is more impressive.

------
JoeAltmaier
Biometrics of this sort have been known for years as a soft security system -
similar to a text password.

~~~
danielh
A fingerprint is actually worse than a password. You can't change your
fingerprints and you leave them everywhere. You don't go around sticking post-
its with your unchangeable password everywhere.

~~~
relix
Plus you can't actually encrypt anything with your fingerprint, you can only
compare it with an earlier training version.

------
ultrasaurus
Matsumoto's paper is not on the Web. You can get a copy by asking. :(

~~~
geoka9
<http://cryptome.org/gummy.htm>

