Facial Recognition Technology Get Pwned at Black Hat Conference

10

Comments

+ Add a Comment
avatar

aman

We are living in the age of internet. But the online processes are not safe enough and so that every year new and advance security systems are introduced. But all those efforts went in vain when it is found that advance security systems were breached. Virtualization Security

avatar

yhn

Please give more details regarding the topic facial cream.

 

hairdressing sydney

 

http://www.carmenshairdesign.com.au

avatar

svrep

Just like all security solutions - or even all software packages - it's not the technology concept itself that counts (as the Black Hat research would seem to imply), but the specific implementation of that technology that really matters. While no security solution is or ever will be perfect, it's also true that not all packages have the same weaknesses. 

I say this from experience. I've actually worked at a facial recognition firm (Sensible Vision) for several years. We've successfully protected PCs in security critical organizations such as hospitals and banks - even a maximum security prison - for years now. Our consumer platform on Dell systems (not examined in this study - interesting, yes?) is highly photo resistant, provides other security benefits such as locking the desktop when the user is NOT there, and - critically - has a very easy straight forward second factor feature that all but resolves the photo issue entirely. 

Instead of denying that any vulnerabilities exist, the way to a secure system is to minimize weaknesses as much as possible, publicize those that remain and then to provide tools to address them.

avatar

savage4naves

I wonder if this problem plagues the Dell Studio XPS 16....

avatar

svrep

Although I will admit to my bias as working for the manufacturer of the Dell FastAccess sytem (Sensible Vision), I can say with confidence that it does not. There's a reason that it wasn't included as part of the "research" article! The Dell version is based on enterprise level software that's been used for years in high security environments.

Is a photo attack impossible? Of course not. It is in this case, however, it's both very difficult and very manageable with the optional "Face + Password" feature. This feature prompts the user for just a few characters of their password if they've been away from the system for longer than a specified period of time. This effecitvely addresses photo ("replay") attacks at the same time it does a good job of maintaining the overall convenience of facial recognition (convenience BEING ITSELF a security factor on consumer systems. If it's not easy to use it gets shut off quickly...negating any security benefits altogether!)

avatar

Furii

I'm an electronics security technician for the government and I can tell you the government funded facial recognition systems do NOT have these flaws. However no security system is impervious which is why layered security systems are used in important areas, e.g. Facial Scanner paired with a proximity card reader or smart chip reader, or in some cases a 6-8 digit pin as well.

 Key thing here is never to use a single new means of access control by itself. You want a new laptop with facial recognition? Pair it with a strong password and you'll have no problems.

avatar

AndyYankee17

well if you want real security (like DoD security) you could always make laptops with 2 cameras one on each side that it can make a somewhat 3d photgraph which would be virtually impossible to crack

avatar

rayatwork05

you could still use 2 pics or brute force that method just as easily.

avatar

I Jedi

How so? I mean, I'm not disagreeing with you on the subject or nothing, but I'm interested to know how and why?

avatar

AndyYankee17

added depthperception, like using 2 eyes?

 

or they could always use an infrared camera

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.