Public bug reported:

Dear all,

In this package, a random seed is used for generation key for obfuscating a 
fingerprint image in uru4000 driver.
Unfortunately, it seems that the seed always exhibits the same sequence of 
numbers each time since it is generated from rand() in libc by default.
Then I reported this issue to the upstream with the patch.

However, the maintainer insists that the obfuscation-feature can be broken 
since the key for encryption is composed of just 4-bytes length.
Thus, there is no need to patch about random seed anyway.
It's pretty weird to say that.

Would it be all right if I leave this as it is?

Many thanks!!

** Affects: libfprint (Ubuntu)
     Importance: Undecided
         Status: New

You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to libfprint in Ubuntu.

  Found broken a feature for fingerprint image obfuscation

To manage notifications about this bug go to:

desktop-bugs mailing list

Reply via email to