I'm not positive how this works, but I was pondering today...

I assume it reads your print and puts the unique data points into an algorithm and outputs ascii chars for a windows password. If this is the truth, then wouldn't it be pretty unsecure? With just the algorithm and a pwd file you could pretty much storm the combinations. much like wep cracking.


Is this how it works? Has it already been foiled?


btw, I'm referring to these:

http://www.dealtime.com/xPC-Microsoft_FINGERPRINT_READER_WIN_USB_PORT

[Edited on January 16, 2006 at 12:26 PM. Reason : mkay]

1/16/2006 12:24:16 PM

that is why when you open the package it says "Do not use as a means of secuirity"

its just a conienience thing...rather than having to remember all your passwords etc

1/16/2006 12:35:46 PM

no, of course it doesn't work that way. if you're talking about the microsoft fingerprint reader in best buy...

you give it 1 or 2 or up to 10 of your fingerprints. you also give it all your login/password data. it compares input fingerprints as per http://computer.howstuffworks.com/fingerprint-scanner4.htm

because comparing the entire fingerprint is processor intensive, it only matches a bunch of critical points. this does leave room for error, but for home applications it's fine. business/security applications usually use fingerprint scanners in conjunction with other security measures (if they use it at all). retinal scanners are far more accurate.



as for being foiled: a dismembered finger keeps an identifiable fingerprint for a LONG time, so stealing a finger is a means for doing so. also about 1 in 1,000 fingerprints or so will scan as a match. if you want real security on your home PC get a retinal scanner. a stolen eye is insufficient to pass the scan because blood flows from the blood vessels of a removed eye making them unreadable to the scanner and theres far less error (~1 in millions instead of 1 in thousands)

[Edited on January 16, 2006 at 12:41 PM. Reason : ]

1/16/2006 12:37:59 PM

I don't own one, so I wasn't aware of that.


gg on the backdoor though, MS.

1/16/2006 12:38:21 PM

its not MS's fault. it's the technology's weakness.

1/16/2006 12:44:51 PM

I was talking about the disclaimer:

Quote :

""Do not use as a means of secuirity" "

Keeps them out of court due to idiocy.

1/16/2006 12:51:31 PM