Masterprints: synthetic fingerprints that unlock up to 65% of phones (in theory)

When the touch-sensors on phones capture your fingerprint, they're really only taking a low-resolution, partial snapshot and loosely matching it to a stored image -- which is how a research team from MSU and NYU were able to synthesize their Masterprints ("a fingerprint that serendipitously matches a certain proportion of the fingerprint population"), which drastically reduce the space of possible "guesses" that an attacker has to make to unlock a phone or other device. Read the rest

Moral panic: Japanese girls risk fingerprint theft by making peace-signs in photographs

Isao Echizen, a researcher at Japan's National Institute of Informatics, told a reporter from the Sankei Shimbun that he had successfully captured fingerprints from photos taken at 3m distance at sufficient resolution to recreate them and use them to fool biometric identification systems (such as fingerprint sensors that unlock mobile phones). Read the rest

Half of all U.S. adults are in face-recognition databases, and Black people more likely to be targeted

One in two American adults is in a law enforcement face recognition network.

“The Perpetual Lineup” report out today from a Georgetown University thinktank makes a compelling case for greater oversight of police facial-recognition software that “makes the images of more than 117 million Americans — a disproportionate number of whom are black — searchable by law enforcement agencies across the nation,” as the New York Times account reads.

Read the rest

Rubber fingertips to use with fingerprint-based authentication systems

Mian Wei, a Chinese student at the Rhode Island School of Design, has created an experimental series of fake fingertips with randomly generated fingerprints that work with Apple and Android fingerprint authentication schemes, as well as many others. Read the rest

EFF: FBI & NIST's tattoo recognition program exploited prisoners, profiled based on religion, gave sensitive info to private contractors

Dave Maass from EFF says, "Right now, NIST researchers are working with the FBI to develop tattoo recognition technology that police can use to learn as much as possible about people through their tattoos. But an EFF investigation has found that these experiments exploit inmates, with little regard for the research's implications for privacy, free expression, religious freedom, and the right to associate. And so far, researchers have avoided ethical oversight while doing it." Read the rest

Company says facial features reveal terrorists and pedophiles 80% of the time

Faception uses 15 secret classifiers of facial features to accuse subjects of terrorism and pedophilia, as well as predicting their poker abilities. Read the rest

Programmers' stress levels can accurately predict the quality of their code

In Using (bio)metrics to predict code quality online, presented at the ACM's 38th International Conference on Software Engineering, two Swiss researchers presented their work on monitoring programmers' biometrics to predict the quality of the code they were writing.

Read the rest

Hacking a phone's fingerprint sensor in 15 mins with $500 worth of inkjet printer and conductive ink

MSU Computer Science researchers Kai Cao and Anil K Jain published a new paper describing a Read the rest

Why biometrics suck, the Office of Personnel Management edition

The nation-state hackers who stole 5.6 million+ records of US government employees (cough China cough) also took 5.6 million+ fingerprints. But it's no problem: those people can just get new fingerprints and revoke their old ones right? Read the rest

Help EFF and Muckrock find out how your biometrics are being tracked

Mike from Muckrock sez, "Police departments are increasingly tracking your face, your fingerprints, your tattoos -- and even your DNA. The Electronic Frontier Foundation and MuckRock are working to uncover how local agencies are tracking you and bring some much-needed transparency to the murky world of biometric surveillance through a free public records audit. Read the rest

Algorithmically evolved masks that appear as faces to facial-recognition software

Sterling Crispin uses evolutionary algorithms to produce masks that satisfy facial recognition algorithms: "my goal is to show the machine what it’s looking for, to hold a mirror up to the all-seeing eye of the digital-panopticon we live in and let it stare back into its own mind." Read the rest

St Louis police offer to fingerprint all the children in #Ferguson

The free fingerprinting kits are part of the long-running national push to fingerprint children in the name of public safety, and are a new tone-deaf low from the region's cops. Read the rest

Vein-scanning payment system

Lund University engineering student Fredrik Leifland is testing a prototype biometric payment system based on vein matching, scanning and analyzing the blood vessels in the surface of the hand. (Lund University) Read the rest

NSA facial recognition: combining national ID cards, Internet intercepts, and commercial facial databases for millions of people

A newly released set of slides from the Snowden leaks reveals that the NSA is harvesting millions of facial images from the Web for use in facial recognition algorithms through a program called "Identity Intelligence." James Risen and Laura Poitras's NYT piece shows that the NSA is linking these facial images with other biometrics, identity data, and "behavioral" data including "travel, financial, behaviors, social network."

The NSA's goal -- in which it has been moderately successful -- is to match images from disparate databases, including databases of intercepted videoconferences (in February 2014, another Snowden publication revealed that NSA partner GCHQ had intercepted millions of Yahoo video chat stills), images captured by airports of fliers, and hacked national identity card databases from other countries. According to the article, the NSA is trying to hack the national ID card databases of "Pakistan, Saudi Arabia and Iran."

This news is likely to be rhetorically useful to campaigners against national ID cards in countries like the UK, where the issue has been hotly debated for years (my own Member of Parliament, Meg Hillier, was the architect of one such programme, and she, along with other advocates for national ID cards, dismissed fears of this sort of use as paranoid ravings).

The development of the's NSA facial recognition technology has been accompanied by a mounting imperative to hack into, or otherwise gain access to, other databases of facial images. For example, the NSA buys facial images from Google's Pittpatt division, while another program scours mass email interceptions for images that appear to be passport photos. Read the rest

UK kids have the right to opt out of school fingerprinting (even if their parents are OK with it)

New provisions of the UK Protection of Freedom Act 2012 went into effect this September, which strictly limits the gathering of biometric information from children. Under the law, kids have the right to opt out of biometric collection (including fingerprinting, which is in widespread use in UK schools). Kids have this right even if their parents or school insist upon their submission to biometric collection. Needless to say, schools have done pretty much nothing to accommodate this legal right, and as Jon Baines points out, this is a great teachable moment for privacy conscious kids (in that they could teach their educators that privacy is worth something, even if you're just a kid). Read the rest

Iphone fingerprint hacker on the limits of biometrics for security

Jan "Starbug" Krissler, the Chaos Computer Club researcher who broke the fingerprint reader security on the new Iphone, had given a long interview to Zeit Online explaining his process and his thoughts on biometrics in general. The CCC's Alex Antener was good enough to translate the interview for us; I've included some of the most interesting bits after the jump. Read the rest

More details, new video showing Iphone fingerprint reader pwned by Chaos Computer Club

Starbug, the Chaos Computer Club hacker who broke the fingerprint biometric security on the Iphone, has given an interview [German] to CT Magazine detailing the hack, and released a new video showing how he did it. Read the rest

More posts