Click here to Skip to main content
15,867,895 members

The Insider News

   

The Insider News is for breaking IT and Software development news. Post your news, your alerts and your inside scoops. This is an IT news-only forum - all off-topic, non-news posts will be removed. If you wish to ask a programming question please post it here.

Get The Daily Insider direct to your mailbox every day. Subscribe now!

 
GeneralJugglers ponder how scientists defy limits of human stupidity Pin
David O'Neil8-Apr-20 16:45
professionalDavid O'Neil8-Apr-20 16:45 
GeneralRe: Jugglers ponder how scientists defy limits of human stupidity Pin
GenJerDan8-Apr-20 20:36
GenJerDan8-Apr-20 20:36 
GeneralRe: Jugglers ponder how scientists defy limits of human stupidity Pin
Mark_Wallace8-Apr-20 22:05
Mark_Wallace8-Apr-20 22:05 
NewsAttackers can bypass fingerprint authentication with an ~80% success rate Pin
Kent Sharkey8-Apr-20 6:46
staffKent Sharkey8-Apr-20 6:46 
GeneralRe: Attackers can bypass fingerprint authentication with an ~80% success rate Pin
Mark_Wallace8-Apr-20 7:03
Mark_Wallace8-Apr-20 7:03 
GeneralRe: Attackers can bypass fingerprint authentication with an ~80% success rate Pin
Nelek8-Apr-20 8:32
protectorNelek8-Apr-20 8:32 
GeneralRe: Attackers can bypass fingerprint authentication with an ~80% success rate Pin
Dan Neely9-Apr-20 3:00
Dan Neely9-Apr-20 3:00 
GeneralRe: Attackers can bypass fingerprint authentication with an ~80% success rate Pin
kalberts9-Apr-20 10:37
kalberts9-Apr-20 10:37 
There was an earlier wave of fingerprint reading, maybe 20 years ago, years before smartphone readers were available. We had exactly the same kind of debunkers then. Mythbusters did a program on it, and for years people lost faith in it.

It doesn't matter that the stealing of your fingerprint requires a whole lot of effort (you don't meet that many possible intruders at the pub, and anyone who steals your empty beer glass before the waiter picks it up is somewhat suspicious!) The process from picking up the fingerprint to creating a false finger that can be used is rather complex and expensive. The lock to be opened must be available to the intruder - he must steal your smartphone or portable, or break into the house where the big PC is placed. In most cases, the risk is near-epsilon.

In those days, fingerprint readers were separate devices. Nanufacturers added safety features, like thermosensors to distinguish between a live finger and a cold rubber one. Intruders had to make hollow rubber fingers to be filled with lukewarm water. The sensors got sensors for electrical resistance between two points on the fingertip; intruders had to switch to a semiconducting rubber mixture. Software was extended to store all 10 fingers, asking you to present a randomly selected one - few intruders have picked up your left hand pinky! (Some fingerprint login systems demanded left hand fingerprint for privileged accounts, for improved security.)

And so on. The best readers became very resistant to fake fingers. But media had no interest in reporting about this; everyone "knew" that fingerprints don't work, as proven by Mythbusters; there was no need to reconsider that conclusion!

Until Apple started it up again. Who would raise any critical comment to something that Apple promotes? It had no thermosensing, no conductance reading, it lacked a lot of the safety features that the separate readers (the good ones) had. But coming from Apple, it must be good!

I wish that we could get back the old, advanced readers for use on plain PCs, either integrated (as they were for some years on the ThinkPad portables, although I don't think they had any conductivity or thermosensors), or as USB devices. Especially when used in 2FA, where you both must provide e.g. a password and a fingerprint, the security is way beyond what is needed in 99.99% of all systems. You wouldn't get the same security on your smartphone (until they add an advanced reader with all bells and whistles, and 2FA), but few smartphones hold information that needs military grade top secret protection.
News“Unit tests are a design smell. Do not write unit tests.” Pin
Kent Sharkey7-Apr-20 10:31
staffKent Sharkey7-Apr-20 10:31 
GeneralRe: “Unit tests are a design smell. Do not write unit tests.” Pin
Mark_Wallace7-Apr-20 17:36
Mark_Wallace7-Apr-20 17:36 
GeneralRe: “Unit tests are a design smell. Do not write unit tests.” Pin
kalberts9-Apr-20 11:07
kalberts9-Apr-20 11:07 
NewsHow are .NET APIs designed? Pin
Kent Sharkey7-Apr-20 10:01
staffKent Sharkey7-Apr-20 10:01 
GeneralRe: How are .NET APIs designed? Pin
Nelek7-Apr-20 10:57
protectorNelek7-Apr-20 10:57 
GeneralRe: How are .NET APIs designed? Pin
Dan Neely8-Apr-20 2:21
Dan Neely8-Apr-20 2:21 
GeneralRe: How are .NET APIs designed? Pin
kalberts9-Apr-20 11:23
kalberts9-Apr-20 11:23 
NewsMicrosoft announces IPE, a new code integrity feature for Linux Pin
Kent Sharkey7-Apr-20 10:01
staffKent Sharkey7-Apr-20 10:01 
GeneralRe: Microsoft announces IPE, a new code integrity feature for Linux Pin
Mark_Wallace7-Apr-20 10:08
Mark_Wallace7-Apr-20 10:08 
GeneralRe: Microsoft announces IPE, a new code integrity feature for Linux Pin
Nelek7-Apr-20 10:52
protectorNelek7-Apr-20 10:52 
NewsMicrosoft buys Corp.com so bad guys can’t Pin
Kent Sharkey7-Apr-20 10:01
staffKent Sharkey7-Apr-20 10:01 
GeneralRe: Microsoft buys Corp.com so bad guys can’t Pin
Mark_Wallace7-Apr-20 10:19
Mark_Wallace7-Apr-20 10:19 
JokeRe: Microsoft buys Corp.com so bad guys can’t Pin
Nelek7-Apr-20 10:51
protectorNelek7-Apr-20 10:51 
GeneralRe: Microsoft buys Corp.com so bad guys can’t Pin
markrlondon9-Apr-20 3:24
markrlondon9-Apr-20 3:24 
GeneralRe: Microsoft buys Corp.com so bad guys can’t Pin
Nelek9-Apr-20 3:56
protectorNelek9-Apr-20 3:56 
GeneralRe: Microsoft buys Corp.com so bad guys can’t Pin
markrlondon9-Apr-20 8:06
markrlondon9-Apr-20 8:06 
GeneralRe: Microsoft buys Corp.com so bad guys can’t Pin
Bernhard Hiller8-Apr-20 2:45
Bernhard Hiller8-Apr-20 2:45 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.