Re: [OT] Re: data encryption + Biometric security
Malicious people will cut off your finger. Don't laugh, it has happened before. There are proven cases, e.g. where a carjacker cut off the finger of his victim in order to be able to steal the car. Newer fingerprint reader technologies actually account for this pretty well. A detached finger is seen as a spoof attempt, if it even images properly at all. Your information on these sensors, like most people, is outdated. And I don't think that's really an accident. But, let me humor you for a moment. If I'm willing to cut off your finger to get into your mobile device, why wouldn't I be willing to put a gun to your head and/or torture you until you give me your password? 1) full hardware docs (may be under NDA, but allowing GPL software development) 2) small enough for a mobile device 3) cheap enough 4) not easy to fool The sensor Mark's talking about definitely fulfills the last three. As for #1, that's where the political work needs to be done. It should be possible to make this happen though. Most, if not all, fingerprint sensor manufacturers are in the business of selling hardware. The software is basically given away, although the algorithms are guarded. They need to control the software because the quality of the sensor depends on the software. I image all that's needed is an easy way for users to tell that a sensor is being used with the company's software or something else. That way, when used with something else, the reputation of the quality of the sensor is not on the line because of bad software. Eventually, the open software may get good enough that the companies would bless a certain build. On 2/3/07, Ian Stirling [EMAIL PROTECTED] wrote: There are not-bad options - with something like a 4*256 pixel imager. Cheap, pretty small, docs - as it's just a camera, easy to fool... Well, it's a fingerprint sensor. If people are being concerned about faking fingerprint sensors, then this simplistic approach is definitely not a good idea as optical imagers are the easiest to fake out. There are interesting possibilities to add security to fingerprint sensors. For example, which finger? If three fingers of one hand have to be scanned in a particular order, or it requires a password afterwards. Or use it as a little optical mouse backwards, and have a 'signature'. It can even be used as a substitute for a thumbstick in the normal UI. All the above is currently being used. There are swipe-based fingerprint sensors on some tablet PCs that have navigation capability. They are used as scroll wheels and/or as backup when the stylus is lost or not necessary for a simple task. But, as of yet using them for full navigation is not working so great. The main problem I see with all the ones I've tries is that they actually try to mimic touch pads, instead of touch sticks. So, to move across a screen, you have to keep swiping. That's an easy fix though if the open-source community were able to work on things. In fact, I think most of the standard gripes about fingerprint sensors could be fixed if the community could play with the sensors, instead of relying on the algorithms of the few corporate players in the market. --Steve Disclaimer: I USED to work for a fingerprint sensor company. ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community
Re: [OT] Re: data encryption + Biometric security
On 2/5/07, Steven Milburn [EMAIL PROTECTED] wrote: Newer fingerprint reader technologies actually account for this pretty well. A detached finger is seen as a spoof attempt, if it even images properly at all. Your information on these sensors, like most people, is outdated. And I don't think that's really an accident. Yes, there are newer sensors that are more effective at detecting such spoofs, but that doesn't make the problem worth trivializing. It wasn't that long ago (think less than five years) that many COTS fingerprint sensors were shown to be vulnerable to fake finger attacks. These systems used live finger detection schemes such as capacitance sensors and temperature sensors and were handily defeated by imprinted gummy bears moistened by a bit of saliva and held in the attackers hand for a few seconds. Yes, I said gummy bears. The point is that it would be irresponsible to assume that some random COTS sensor is using the most current technology in their products. The fingerprint skeptics' information is probably less outdated than the sensors some of these companies are using. But, let me humor you for a moment. If I'm willing to cut off your finger to get into your mobile device, why wouldn't I be willing to put a gun to your head and/or torture you until you give me your password? You are absolutely right. That being said, I'd be more worried about a guy with access to my latents, a PCB printer, and some Sour Patch Kids. ;) (See http://www.schneier.com/crypto-gram-0205.html#5) 1) full hardware docs (may be under NDA, but allowing GPL software development) 2) small enough for a mobile device 3) cheap enough 4) not easy to fool The sensor Mark's talking about definitely fulfills the last three. Which sensor was he talking about? I didn't catch it. At any rate, a good resource for comparing fingerprint sensors and algorithms is the NIST Image Group's fingerprint lab. http://fingerprint.nist.gov Sure, the algorithms are guarded, but looking at some of these tests is a pretty decent way of separating the wheat from the chaff. To put this in perspective, the United States government (including the Department of Homeland Security and all other civilian departments and agencies) use these tests to make their equipment requisitions. Disclaimer: I used to consult to NIST and I contributed to a FIPS and a Special Publication on material related to this domain. Cheers, Pius ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community
Re: data encryption + Biometric security
On Thu, Feb 01, 2007 at 10:11:41AM -0700, Ben Burdette wrote: Here are a couple of items for the phone wish list: data encryption and biometric security. data encryption will not be that much of a problem. There will not [yet] be a easy-to-use user interface, but we will have dm-crypt modules in our kernel, and make sure all user data is stored in one specific location. So once you mount a crypto volume there, you have it basically working. As for 'biometric security': In my 'life before OpenMoko', I've been working as an IT security expert. I've been doing a lot of research on RFID security and biometrics, too. Believe me, there is no single fingerprint scanner that I've ever seen which could not be tricked one way or the other. In most cases, it is _EXTREMELY_ easy (see e.g. http://www.ccc.de/biometrie/fingerabdruck_kopieren) Also, what is the end result, if there is some really important stuff protected by a fingerprint scanner? Malicious people will cut off your finger. Don't laugh, it has happened before. There are proven cases, e.g. where a carjacker cut off the finger of his victim in order to be able to steal the car. Thus, I don't think that fingerprint recognition is by any means a contribution to security. -- - Harald Welte [EMAIL PROTECTED] http://openmoko.org/ Software for the world's first truly open Free Software mobile phone ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community
[OT] Re: data encryption + Biometric security
On Thu, Feb 01, 2007 at 01:45:55PM -0500, Heilpern, Mark wrote: Unfortunately I couldn't provide 100% open source on the driver or the application libraries. That's not the point. Just send your device[s] to the Berlin CCC (feel free to route it via me). A proprietary windows app for enrollment+verification is fine. We're more than happy to see how we can do something about it. So far, many capacitive and infrared sensors could be fooled. I don't think the CCC has looked at SAW and related technology. In any case, to get back to the Neo1973, or even future phones: I don't think that there are many sensors that fulfill the following criteria 1) full hardware docs (may be under NDA, but allowing GPL software development) 2) small enough for a mobile device 3) cheap enough 4) not easy to fool You can probably have two or maybe three conditions fulfilled, but not all of them. -- - Harald Welte [EMAIL PROTECTED] http://openmoko.org/ Software for the world's first truly open Free Software mobile phone ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community
Re: [OT] Re: data encryption + Biometric security
Harald Welte wrote: On Thu, Feb 01, 2007 at 01:45:55PM -0500, Heilpern, Mark wrote: In any case, to get back to the Neo1973, or even future phones: I don't think that there are many sensors that fulfill the following criteria 1) full hardware docs (may be under NDA, but allowing GPL software development) 2) small enough for a mobile device 3) cheap enough 4) not easy to fool You can probably have two or maybe three conditions fulfilled, but not all of them. There are not-bad options - with something like a 4*256 pixel imager. Cheap, pretty small, docs - as it's just a camera, easy to fool... Well, it's a fingerprint sensor. There are interesting possibilities to add security to fingerprint sensors. For example, which finger? If three fingers of one hand have to be scanned in a particular order, or it requires a password afterwards. Or use it as a little optical mouse backwards, and have a 'signature'. It can even be used as a substitute for a thumbstick in the normal UI. ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community
Re: data encryption + Biometric security
Salve Ben! First it sounds a very smart idea to have biometric security, but sorry, when I give you some sceptical feedback. On Thu, 01 Feb 2007, Ben Burdette wrote: Here are a couple of items for the phone wish list: data encryption and biometric security. Biometric security wasn't discussed by the OpenMoko community yet, I'm no crypto expert, but I'm not convinced that biometric worth the hardware... see: http://www.ccc.de/biometrie/fingerabdruck_kopieren When somebody wants to play with biometric security the Neo1973 could be used for voiceanalysing - Print 7 random words to the screen and the user has to read them aloud ... I'd like the phone to be a secure place for me to store passwords and similar information. Are there plans to have some security features like this, that would prevent someone from extracting secure data from the phone if it was lost? A file could have an encrypted filesystem, acess is given only for a while and only while GPRS connection is on. If it is lost, use Internet or an asterisk server to unmount this file. Having a fingerprint scanner would be more of a convenience feature so I wouldn't have to enter a password whenever I want use the phone, or alternatively when I want to access encrypted data. Sounds nice, but I have doubts that a fingerscanner is given real security. I will going to play with my (Debian) Crytoflex card, but not to make access more easy - to make it more secure. So when I have to lost both - my Neo and my Cryptotoken. projectblackdog.com costs 199US$+Chiping for me to expensive. But this is just my 2cents When somebody has such a finger scanner and likes to make it running with OpenMoko would be fine - but expect also some feedback that the fingerscanner concept is not so secure as it looks like: google finger scanner site:www.schneier.com Greetings, rob ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community
Re: data encryption + Biometric security
On Thu, 2007-02-01 at 10:32 -0700, Knight Walker wrote: http://www.projectblackdog.com/ Yeah. Too bad that company is going under. :) I actually have two of these and I love them. I lost faith in the company and they lost my support because I have yet to see them announce their competition winner. It's almost 2 years after the competition completed. Red ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community
RE: data encryption + Biometric security
Unfortunately I couldn't provide 100% open source on the driver or the application libraries. -Original Message- From: Dean Collins [mailto:[EMAIL PROTECTED] Sent: Thursday, February 01, 2007 1:42 PM To: Heilpern, Mark; community@lists.openmoko.org Subject: RE: data encryption + Biometric security Lol, Mark, want to send a device in for evaluation to the guys. I'm sure they would be up for it. Regards, Dean Collins Cognation Pty Ltd [EMAIL PROTECTED] +1-212-203-4357 Ph +1-917-207-3420 Mb +61-2-9016-5642 (Sydney in-dial). -Original Message- From: [EMAIL PROTECTED] [mailto:community- [EMAIL PROTECTED] On Behalf Of Heilpern, Mark Sent: Thursday, 1 February 2007 1:13 PM To: community@lists.openmoko.org Subject: RE: data encryption + Biometric security There are many competing technologies behind fingerprint scanning and evaluation techniques, some which are rather weak and others which are quite strong. Forming opinions based on tests against a small subset of them is not exactly doing due dilligence. Watching things like tv's MythBusters defeat fingerprint sensors is interesting and entertaining, but when you know they're using several year old, out-dated technology for the sensors they evaluate, you might suspect that there's more to the story that they're telling you. Disclaimer: I work for a fingerprint sensor manufacturer. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Michel Sent: Thursday, February 01, 2007 12:41 PM To: community@lists.openmoko.org Subject: Re: data encryption + Biometric security Salve Ben! First it sounds a very smart idea to have biometric security, but sorry, when I give you some sceptical feedback. On Thu, 01 Feb 2007, Ben Burdette wrote: Here are a couple of items for the phone wish list: data encryption and biometric security. Biometric security wasn't discussed by the OpenMoko community yet, I'm no crypto expert, but I'm not convinced that biometric worth the hardware... see: http://www.ccc.de/biometrie/fingerabdruck_kopieren When somebody wants to play with biometric security the Neo1973 could be used for voiceanalysing - Print 7 random words to the screen and the user has to read them aloud ... I'd like the phone to be a secure place for me to store passwords and similar information. Are there plans to have some security features like this, that would prevent someone from extracting secure data from the phone if it was lost? A file could have an encrypted filesystem, acess is given only for a while and only while GPRS connection is on. If it is lost, use Internet or an asterisk server to unmount this file. Having a fingerprint scanner would be more of a convenience feature so I wouldn't have to enter a password whenever I want use the phone, or alternatively when I want to access encrypted data. Sounds nice, but I have doubts that a fingerscanner is given real security. I will going to play with my (Debian) Crytoflex card, but not to make access more easy - to make it more secure. So when I have to lost both - my Neo and my Cryptotoken. projectblackdog.com costs 199US$+Chiping for me to expensive. But this is just my 2cents When somebody has such a finger scanner and likes to make it running with OpenMoko would be fine - but expect also some feedback that the fingerscanner concept is not so secure as it looks like: google finger scanner site:www.schneier.com Greetings, rob ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community
RE: data encryption + Biometric security
No I meant to the MythBuster guys. Regards, Dean Collins Cognation Pty Ltd [EMAIL PROTECTED] +1-212-203-4357 Ph +1-917-207-3420 Mb +61-2-9016-5642 (Sydney in-dial). -Original Message- From: [EMAIL PROTECTED] [mailto:community- [EMAIL PROTECTED] On Behalf Of Heilpern, Mark Sent: Thursday, 1 February 2007 1:46 PM To: community@lists.openmoko.org Subject: RE: data encryption + Biometric security Unfortunately I couldn't provide 100% open source on the driver or the application libraries. -Original Message- From: Dean Collins [mailto:[EMAIL PROTECTED] Sent: Thursday, February 01, 2007 1:42 PM To: Heilpern, Mark; community@lists.openmoko.org Subject: RE: data encryption + Biometric security Lol, Mark, want to send a device in for evaluation to the guys. I'm sure they would be up for it. Regards, Dean Collins Cognation Pty Ltd [EMAIL PROTECTED] +1-212-203-4357 Ph +1-917-207-3420 Mb +61-2-9016-5642 (Sydney in-dial). -Original Message- From: [EMAIL PROTECTED] [mailto:community- [EMAIL PROTECTED] On Behalf Of Heilpern, Mark Sent: Thursday, 1 February 2007 1:13 PM To: community@lists.openmoko.org Subject: RE: data encryption + Biometric security There are many competing technologies behind fingerprint scanning and evaluation techniques, some which are rather weak and others which are quite strong. Forming opinions based on tests against a small subset of them is not exactly doing due dilligence. Watching things like tv's MythBusters defeat fingerprint sensors is interesting and entertaining, but when you know they're using several year old, out-dated technology for the sensors they evaluate, you might suspect that there's more to the story that they're telling you. Disclaimer: I work for a fingerprint sensor manufacturer. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Michel Sent: Thursday, February 01, 2007 12:41 PM To: community@lists.openmoko.org Subject: Re: data encryption + Biometric security Salve Ben! First it sounds a very smart idea to have biometric security, but sorry, when I give you some sceptical feedback. On Thu, 01 Feb 2007, Ben Burdette wrote: Here are a couple of items for the phone wish list: data encryption and biometric security. Biometric security wasn't discussed by the OpenMoko community yet, I'm no crypto expert, but I'm not convinced that biometric worth the hardware... see: http://www.ccc.de/biometrie/fingerabdruck_kopieren When somebody wants to play with biometric security the Neo1973 could be used for voiceanalysing - Print 7 random words to the screen and the user has to read them aloud ... I'd like the phone to be a secure place for me to store passwords and similar information. Are there plans to have some security features like this, that would prevent someone from extracting secure data from the phone if it was lost? A file could have an encrypted filesystem, acess is given only for a while and only while GPRS connection is on. If it is lost, use Internet or an asterisk server to unmount this file. Having a fingerprint scanner would be more of a convenience feature so I wouldn't have to enter a password whenever I want use the phone, or alternatively when I want to access encrypted data. Sounds nice, but I have doubts that a fingerscanner is given real security. I will going to play with my (Debian) Crytoflex card, but not to make access more easy - to make it more secure. So when I have to lost both - my Neo and my Cryptotoken. projectblackdog.com costs 199US$+Chiping for me to expensive. But this is just my 2cents When somebody has such a finger scanner and likes to make it running with OpenMoko would be fine - but expect also some feedback that the fingerscanner concept is not so secure as it looks like: google finger scanner site:www.schneier.com Greetings, rob ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community
Re: data encryption + Biometric security
Salve Mark! On Thu, 01 Feb 2007, Heilpern, Mark wrote: Watching things like tv's MythBusters defeat fingerprint sensors is interesting and entertaining, but when you know they're using several year old, out-dated technology for the sensors they evaluate, you might suspect that there's more to the story that they're telling you. The German Chaos Computer Club ccc.de is not a TV program, that are quite good hackers - and also Bruce Schneier is. Rodolphe gave allready a good feedback that lake of information does not creats trust. E.G. the team of the GPG-crypto-card had to sign a NDA - so I do not trust this cards that - the algorithm didn't get extention - that the random generator is good enough - that this cards didn't have a backdoor - that the encryption result doesn't have hidden the private key inside. I wrote I'm no crypto expert - but that does not mean that I have my knowledge from the TV. BTW I trust several years old CPU and network chips more than modern chips. Disclaimer: I work for a fingerprint sensor manufacturer. I doe very welcome that people of fingerprint sensor manufactures are active here on this list. I'm just a normal member on this list (btw a civil engineering student with some ICT interest) I'm not speaking for more than for myself. I will not negate that finger sensors could be interesting, but security is not just a quetion of products and money you spent into - the slogan you always get what you paid for is definitve wrong for security. For secure systems it is relevant good when everybody understand how it is working - e.g. voting box and paper votings are IMHO more secure then voting PC could be... So the question is for what is the fingerprint sensor used on the phone 1.) avoiding calls on your bill 2.) secure your adressbook 3.) secure your private keys For 1. and 2. a fingerprint sensor brings more comfort and would be IMHO OK. But about 3 IMHO we are talking about a field - where simple and open solutions would be better - and security is more important then comfort. Let us assume I would become maintainer of some OpenMoko packets and my private key to sign would be on my Neo1973 - I hope it will be so trustworthy that this would not be seen as negligent/careless how could a fingerprinter enhanced the security for this private key? Don't get me wrong, there are many fields where not as much security as possible would be neccessary and a Neo1973 with build in fingerscanner could become a very interesting product, e.g. when somebody has employees which he could/will trust less then your company authentec.com So I do see a perspective for next generation Neos or Third party modificated Neos with buildin fingerscanners - so playing with external scanners to have some prototypes would help starting this market field - and I personal would like to see individuell modification of OpenMoko and the Neo1973 - train ticket device with printer - barcodescanner for logistic task - fingerscanner for... So yes this topic is interesting for some markets. I don't think that for normal skilled linux user a fingerprint sensor could be a full replacement of his password protection - I only would use it __only__ as additional feature, __not__ as password replacement (for real secure task like protecting private keys). Ok let us speak Tachels - the calculation of the iphone has become publish and the AGPS chip producer GlobalLocate had published in his presentation that when buying more than 10k chips the AGPS costs less then 5 US-$. Can you tell us more about your products and which level of security would be possible with costs of 5 US-$ or less. Again, I'm just a student interested in this project and I would like to compare the cost and benefit of additional components for further Neo modells. ;) But beside my direct question, I would like see this discussion going on, not only the next days - experiances with OpenMoko and more information about fingerprint sensors could build a basis that it will continous in weeks or month - so please stay active here ;) Ah, and what you are thinking about the potential of multitouch screen sensors, could they be used for a fingersensor? This would have the advantage that no additional sensor field must be in/on the device. Greetings, rob ___ OpenMoko community mailing list community@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/community
