|
Vulnerability Development
mailing list archives
RE: Hacking USB Thumbdrives, Thumprint authentication
From: <hugh_fraser () dofasco ca>
Date: Mon, 26 Jan 2004 12:21:44 -0500
Have a look at the paper called on fooling biometric scanners from the
4th Australian Information Warfare and IT Security Conference 2003. It
talks about some weaknesses of fingerprint biometrics. It's at
www.stdot.com/pub/ffs_article_asten_akaseva.pdf
Realize that this doesn't discuss protocols or other software hacking.
There are basic problems with thumbprint biometrics that offer much
simpler ways to assume the identity of another person.
-----Original Message-----
From: m e [mailto:mje () list intersec com]
Sent: Sunday, January 25, 2004 12:31 AM
To: vuln-dev () securityfocus com
Subject: Hacking USB Thumbdrives, Thumprint authentication
I'm interested in research regarding hacking USB drives
unlocked with a thumbprint
http://www.thumbdrive.com/prd_info.htm
Or any thumbprint biometric hacking.
Client is considering USB drives to offload laptop data
and at first glance seems like a better solution
than keeping sensitive data on laptops. Encryption software
on laptops requires more password management and software
hassles. The above device has no software drivers to install
so deployment headaches are minimized with (what seems) like
better security (obviously not maximum security) at low
deployment cost.
I'm guessing one can take the flash chip off the device
and plug into regular USB drive. Or rewrite the thumbprint hash.
Or hacks to fool the drivers. Or reverse engineer the
login program to always return "Yes".
Thanks,
dreez
mje () secev com
 By Date 
By Thread
Current thread:
- Re: Hacking USB Thumbdrives, Thumprint authentication, (continued)
|
Intro
