They steal /etc/shadow and call the library. Most biometrics give a matching score because you can tune the false positive/false negative acceptable rates.
Adam On Tue, Apr 12, 2016 at 03:32:29PM -0400, dave aitel wrote: | http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.10.7168&rep=rep1&type=pdf | | I want everyone to click on this paper and then maybe help explain it to | me! From what I understand they got a fingerprint reader to tell them | how hot/cold they were to an acceptable fingerprint. So they they modify | a fingerprint to get closer and closer until it matches. | | DOES THAT EVER HAPPEN IN REAL LIFE? I'm so confused at what security | system gives you a "hot/cold" value so you can use this algorithm. Could | this paper be summed up to say in one sentence "Obviously if you give a | matching score from your biometric, you can use a model of that | biometric to retrieve the raw data with enough tries?" | | -dave | | | | | _______________________________________________ | Dailydave mailing list | [email protected] | https://lists.immunityinc.com/mailman/listinfo/dailydave -- Don't miss out on my news, which comes out roughly once a quarter. http://adam.shostack.org/newthing.html _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
