« New York explores antiterror Metrocard machines | Main | Has a hacker stolen your fingerprint? »
March 09, 2006
Has a hacker stolen your fingerprint?
A recent study by the Finnish military indicates hackers can steal your fingerprint thanks to a security loophole in Microsoft Corp.'s Fingerprint Reader, Computer World reports.
Fingerprint Reader is a PC authentication device that allows users to log onto Web sites more quickly. Microsoft introduced the device in September 2004.
Because the fingerprint image is transferred unencrypted from the Fingerprint Reader to the PC, it could be stolen using a variety of hardware and software technologies, called sniffers, that monitor such traffic, said [Mikko] Kiviharju, a researcher with the Finnish Defense Forces. "The fingerprint that can be sniffed is pretty good quality," he said.The fingerprint image could either be used to break into a PC or simply be stolen by attackers.
Microsoft licenses the technology for Fingerprint Reader from Digital Persona, a Redwood City-based company, which sells a similar device that does encrypt the data.
Experts have speculated that Microsoft's product lacks encryption because of a licensing agreement, which seeks to differentiate the two products.
Posted by Jessica Bernstein-Wax at March 9, 2006 02:38 PM
Trackback Pings
TrackBack URL for this entry:
http://observer.medill.northwestern.edu/cgi-bin/movtyp/mt-tb.cgi/134