I can't believe no one at Samsung thought to try this.
https://arstechnica.com/gadgets/2017/03 ... a-picture/
Galaxy S8 face recognition already defeated with a simple picture
- FlyingPenguin
- Flightless Bird
- Posts: 32773
- Joined: Wed Nov 22, 2000 11:13 am
- Location: Central Florida
- Contact:
Re: Galaxy S8 face recognition already defeated with a simple picture
DOH!
At sites that require REAL security, like Data Centers, they often use biometric data (face recognition, fingerprint scan, etc) BUT in addition to that you also need to provide a pin code or password. Ideal security is "something you have" AND "something you know". Anyone can steal "something you have" so that alone is no good.
That's the ultimate failure point for all these biometric only logins on phones.
Then again, IT'S A PHONE not a nuclear missile bunker. So ultimately the manufacturer is trying to provide you with a convenient way to unlock the phone with some security tradeoffs. It's good enough to prevent some punk who stole your phone from unlocking it, but it was never intended to keep the NSA out of it.
At sites that require REAL security, like Data Centers, they often use biometric data (face recognition, fingerprint scan, etc) BUT in addition to that you also need to provide a pin code or password. Ideal security is "something you have" AND "something you know". Anyone can steal "something you have" so that alone is no good.
That's the ultimate failure point for all these biometric only logins on phones.
Then again, IT'S A PHONE not a nuclear missile bunker. So ultimately the manufacturer is trying to provide you with a convenient way to unlock the phone with some security tradeoffs. It's good enough to prevent some punk who stole your phone from unlocking it, but it was never intended to keep the NSA out of it.
"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "