Main Area and Open Discussion > Living Room
silly humor - post 'em here! [warning some NSFW and adult content]
Stoic Joker:
@panzer - Thank you, I really needed a laugh this morning. I'm about to be forced into a job change and haven't even smiled in over a week ... That actually made me laugh out loud.
Arizona Hot:
silly humor - post 'em here! [warning some NSFW and adult content]
Receivers feeling festive! 🎄❄️🎅 😂
IainB:
Brilliant!...or should that be some other word...?
(Copied below sans embedded hyperlinks/images.)
Windows 10 Facial Recognition Feature Can Be Bypassed with a Photo
By Catalin Cimpanu
December 20, 2017 04:41 AM 1
Microsoft has released updates earlier this month to patch a vulnerability in the Windows 10 Hello facial recognition system that allows an attacker to bypass the facial scan with a printed photo.
Windows Hello is a Windows 10-only feature that uses near infrared (IR) imaging to authenticate and unlock Windows devices, such as desktops, laptops, and tablets that use compatible cameras equipped with a near IR sensor.
The feature is not that widespread since not many devices with the necessary hardware, yet when present, it is often used since it's quite useful at unlocking computers without having users type in long passwords.
You can bypass Windows Hello with a low-res printed photo
In a report published yesterday, German pen-testing company SySS GmbH says it discovered that Windows Hello is vulnerable to the simplest and most common attack against facial recognition biometrics software — the doomsday scenario of using a printed photo of the device's owner.
Researchers say that by using a laser color printout of a low-resolution (340x340 pixels) photo of the device owner's face, modified to the near IR spectrum, they were able to unlock several Windows devices where Windows Hello had been previously activated.
The attack worked even if the "enhanced anti-spoofing" feature had been enabled in the Windows Hello settings panel, albeit for these attacks SySS researchers said they needed a photo of a higher resolution of 480x480 pixels (which in reality is still a low-resolution photo).
Updates are available
According to SySS researchers, Microsoft delivered updates to patch this attack only for Windows 10 branches 1703 and 1709, but not earlier 16** releases.
"SySS recommends to update to the latest revision of Windows 10 version 1709, to enable the 'enhanced anti-spoofing' feature, and to reconfigure Windows Hello Face Authentication afterwards," researchers say.
The last step of reconfiguring Windows Hello is necessary because the attack would still work even after the update and also if the user was already using the "enhanced anti-spoofing" feature before the update, as per the third proof-of-concept video released by SySS and embedded below.
BIOMETRICS FACIAL RECOGNITION MICROSOFT WINDOWS 10
____________________________________
Copied from: Windows 10 Facial Recognition Feature Can Be Bypassed with a Photo - <https://www.bleepingcomputer.com/news/microsoft/windows-10-facial-recognition-feature-can-be-bypassed-with-a-photo/>
--- End quote ---
IainB:
This LiveLeak video had me larfing. The guy is very good.
How a Fluorescent Lamp Turns On
barney:
:tellme: :huh: :Prolly the best noninstructonal I've seen in a mort of years :Thmbsup:.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version