|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Hacking USB Thumbdrives, Thumprint authentication
hugh_fraser
dofasco.ca
Date: Mon Jan 26 2004 - 11:21:44 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Have a look at the paper called on fooling biometric scanners from the
4th Australian Information Warfare and IT Security Conference 2003. It
talks about some weaknesses of fingerprint biometrics. It's at
www.stdot.com/pub/ffs_article_asten_akaseva.pdf
Realize that this doesn't discuss protocols or other software hacking.
There are basic problems with thumbprint biometrics that offer much
simpler ways to assume the identity of another person.
> -----Original Message-----
> From: m e [mailto:mjelist.intersec.com]
> Sent: Sunday, January 25, 2004 12:31 AM
> To: vuln-devsecurityfocus.com
> Subject: Hacking USB Thumbdrives, Thumprint authentication
>
>
>
>
>
>
> I'm interested in research regarding hacking USB drives
>
> unlocked with a thumbprint
>
>
>
> http://www.thumbdrive.com/prd_info.htm
>
>
>
> Or any thumbprint biometric hacking.
>
>
>
> Client is considering USB drives to offload laptop data
>
> and at first glance seems like a better solution
>
> than keeping sensitive data on laptops. Encryption software
>
> on laptops requires more password management and software
>
> hassles. The above device has no software drivers to install
>
> so deployment headaches are minimized with (what seems) like
>
> better security (obviously not maximum security) at low
>
> deployment cost.
>
>
>
> I'm guessing one can take the flash chip off the device
>
> and plug into regular USB drive. Or rewrite the thumbprint hash.
>
> Or hacks to fool the drivers. Or reverse engineer the
>
> login program to always return "Yes".
>
>
>
> Thanks,
>
> dreez
>
> mjesecev.com
>
>
>
>
>
>
>
>
>
>
>
>
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]