RSS

Low Tech Food Defeats High Tech Sensors

16 Apr

Biometric security has been around for a while, but just recently has the technology become popular in the world of securing many kinds of systems.  Essentially, biometric security technology collects information concerning a part of your body- most commonly fingerprints, but also retinal scans, voice recognition and measurements of the face between certain parts.  You have all seen the super spies easily dupe these such systems in movies.  This fiction has recently turned into reality by a Japanese cryptographer named Matsumoto.

This story is pretty old (2002), but a buddy referred it to me when he was doing a research paper on Biometrics and Bioinformatics. Matsumoto first managed to fool fingerprint detectors four out of five times with a gummy bear (yes, the candy), everyday kitchen supplies and a camera. He was able to transfer the fingerprint found on a surface to the gummy bear (or a mold similar in chemical make-up) to apply to the scanner.

In a more scientific and more successful operation, he lifted a fingerprint from a piece of glass then applied super-glue fumes to it to bring greater detail to the contours of the fingerprint. Next, he digitally enhanced a picture he took of the fingerprint with Photoshop and printed the result onto a piece of paper. Then, he would trace the image onto a piece of printed circuit board with copper with the printed transparency. Then, he would apply the raised, traced circuit board to the same gummy bear type material from the previous method. He managed again to fool the scanners four out of five times. He was able to best eleven different scanners through the same means.

It isn’t like Matsumoto paid a fortune for the supplies he needed to fool supposedly high security devices.  And, it doesn’t take a genius to execute this operation either.  It is highly surprising that this supposed highly secure security system is so vulnerable to exploitation.  The Biometric Security and Bioinformatics industry is a booming industry, and an exploit like this successfully undermines an entire section of their product niche.  Matsumoto has single-handedly rendered this technology a great deal less useful.  Even with this fact, it seems in the past six years since this story broke, the industry is still doing fine and the general population of consumers still believes this technology to be infalliable.  Fingerprint scanners are being found in more and more products including cars, laptops, buildings and in institutions like banks for identity assurance.  It is scary to see such low tech approaches effectively rendering high tech systems useless.  In the future, I hope to post on other physical vulnerabilities that high tech is susceptible to.

Over and out.

Steve

Advertisements
 
1 Comment

Posted by on April 16, 2008 in Security

 

Tags: , , , , ,

One response to “Low Tech Food Defeats High Tech Sensors

  1. Brian Reitz

    April 16, 2008 at 2:48 am

    You might be interested in a hacker club in Germany which recently lifted the fingerprints from the German Secretary of the Interior, who had said words to the effect that biometrics had no inherent weakness and were secure to use on German passports.

    The relatively simple method is at http://www.ccc.de/biometrie/fingerabdruck_kopieren?language=en.

     

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: