Fingerprint Scanning Touchpad

Discussion in 'General Mac Discussion' started by Kwyjibo, Sep 5, 2003.

  1. Kwyjibo macrumors 68040


    Nov 5, 2002
    well in the era of the easily stolen laptop I considered the following, what if the trackpad or a portion of it could read your fingerprints.... you could sit down flip open the laptop put your finger on a certain spot and the laptop wakes and authenticates...if you were able to password protect a file...the thumbprint could open it.

    this would work on laptops because everyone wants a fast way to secure their stuff but also decent security... also many laptops are single user machines rather than a desktop shared by a family.

    just imagine it.....and if any company/machine were to do this, i would just see the 17in pbook having it
  2. Elan0204 macrumors 65816


    Apr 16, 2002
    Chicago, IL
  3. aethier macrumors 6502a


    Feb 1, 2003
    Montréal, Canada
    in the macaddict and macworld magasine, there is an advertisemnt for a Sony fingure print reader...

  4. Kwyjibo thread starter macrumors 68040


    Nov 5, 2002
    well i was thinking a bit more streamlined like integrated into the touchpad not external like the micron one or the current SONY usb options...
  5. pseudobrit macrumors 68040


    Jul 23, 2002
    Jobs' Spare Liver Jar
    The problem would be that at a system level, there would need to be a way to reset this password/fingerprint, just as there is a way to reset it in OS X from the CD. So there goes the protection from thieves.

    You can never discount hardware or software failure, so there will always be a workaround. Any thief worth his salt will know this workaround.
  6. legion macrumors 6502a

    Jul 31, 2003
    Some HP iPaq's already have this on them. Fujitsu has them standard on some models (completely integrated.) The biggest problem with these is it is very easy to fool them (for anyone who intends to.) There was a great report on how to do it when they first came out (google for cracking biometric fingerprint scanning.) The established method for using fingerprint scanning (effectively) would be a three step process (plus one hardware requirement above and beyond):

    1) Smart card with algorithmic key
    This provides a physical key that must be present and since the "key" on the card is changing, it has to sync with the laptop on a challenge/response system. The would be a card that would be kept with the user at all times. You normally have to slide these in before the system will even turn on.

    2) Biometric scan (fingerprint, retinal, voice)
    This is the second level after Smart Card verification. Verses typing in the password, you'd have to undergo one of the biometric scans. Fingerprint and voice are easily fakeable, retinal is obviously much harder (not to get morbid, but even if you were killed and the eye removed, there is only a certain amount of time before the retina and cornea clouds over)

    3) A secure password known only by the user and that undergoes a password-cracker before being allowed.
    This would be a password that is supplied by the user over 8 characters and the system would run it against common algorithms to check if it is easily breakable (ie, common dictionary words, match to any of the internal profile stats of the user like birthdate, ssn#) and have to include both letters and numbers and be case-sensitive. Also, the username would have to be typed in and not displayed (having it displayed just kills 50% of effort necessary to break into a system)

    4) Embedded (below BIOS level) encrypted security area to store password keys. (such as IBM's ESS chip)
    This keeps the passwords used above (including the reference Biometric scans) separate from the general system and stores even the microcode passwords for the harddrives (which encrypts and secures them) It is not accessible directly (even from a BIOS menu) since it is more or less a flash rom space that holds encryption algorithms to only store the keys. It can also be used to store Internet passwords. That way even if the hard drive is cracked, the passwords are unavailable.

    Using all of the above, you'll have a near impossible to crack laptop. However, if you forget any of the above, you run the risk of having your system made permanently unusable. For the passwords, you have to set how many attempts are allowed before total lockout (usually no more than 3 times) This defeats even brute force cracking.

    I'm not aware of how many of the above OS X and Macintosh hardware supports (there is UNIX support for all of them and hardware support from IBM (ESS chip) and Cray: both used in certain DoD applications, CIA systems, and certain ThinkTanks used by the CIA and DoD.) I used to have Los Alamos access for certain projects and had to undergo these levels of security to access certain info. The hardest was definitely the user provided password because it had to be changed every 2 weeks and you couldn't write it down (I know you're thinking "duh!" but when you have to pickout passwords that have no connection to you every 2 weeks it's hell on earth trying to recall them)

Share This Page