Results 1 to 11 of 11
  1. #1
    3 Star Lounger
    Join Date
    Apr 2010
    Location
    Los Gatos CA
    Posts
    374
    Thanks
    52
    Thanked 12 Times in 11 Posts

    Encryption & Fingerprints

    I was interested in Lincoln Spector's article on encryption. My laptop came with a fingerprint reader built in, swipe to launch Windows, on the face of it it would seem to be a very effective way to lock up data as well as the machine. It works perfectly, can launch programs, log in to Websites etc. but I have no way of comparing fingerprints with encryption keys. The company that wrote the software was bought out and support for the product simply ceased.

    Anyone have any experience of fingerprint readers?

    David

  2. #2
    3 Star Lounger Backspacer's Avatar
    Join Date
    Sep 2002
    Location
    Scappoose
    Posts
    332
    Thanks
    20
    Thanked 12 Times in 11 Posts
    My wife's Dell laptop came with a fingerprint reader, but I can't pry her hands off of the keyboard to figure out how to set it up. It appears to be a poorly integrated tack-on product which will probably go the way of yours as the manufacturer goes defunct, gets bought, or just gets bored with supporting the product.

    That's the problem with trusting any encryption software, too, I suppose. For all its seeming sophistication, Windows isn't really all that much more advanced than CP/M. No firm standards, constant change, constant obsoletion, constant turnover of HW and SW providers, inconsistent product support, etc. It's really a hobby OS which has found its way into the mainstream but has never really adapted to that role.

    I keep all my passwords and account information in a Locknote file. It's straight text, nothing fancy or sophisticated to become obsolete. You execute the locknote file, it asks for a password and opens the 256 bit encrypted text file. When you exit it re-encrypts with your changes. It seems to be as stand-alone as a windows program can be and has survived through many OS upgrades. I think I bought it back in the Windows98 days.

    But eventually it, too, will cease to work. Fortunately, when that day arrives I will be able to plug my thumb drive into an older machine and at least print out the info and/or copy it to a text file until I figure out a new option. In fact, that's partly why I dropped into this security lounge. Time to start thinking about it before it becomes urgent...

  3. The Following User Says Thank You to Backspacer For This Useful Post:

    Rhinoceros (2013-02-07)

  4. #3
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,172
    Thanks
    47
    Thanked 981 Times in 911 Posts
    I'm sure the authors of the software have made every attempt to make the product secure. The good thing is that it's a relatively small attack target because it's not on all PCs, so it's unlikely anyone will write a program specifically for that product. What you will find is key loggers and browser spies that attack Windows and Internet Explorer because every Windows machine has the same keyboard software and browser.

    cheers, Paul

  5. The Following User Says Thank You to Paul T For This Useful Post:

    Rhinoceros (2013-02-07)

  6. #4
    3 Star Lounger
    Join Date
    Apr 2010
    Location
    Los Gatos CA
    Posts
    374
    Thanks
    52
    Thanked 12 Times in 11 Posts
    Thanks for your thoughts on the matter. So far, two years, the fingerprint reader has worked flawlessly, but I also have Roboform, have used it for years, so in effect I have two keys for every door. And since neither of them use keyboard input I have been told that key loggers aren't an issue. I've gone to some trouble to protect my personal information, hugely complicated passwords generated by either the fingerprint reader or Roboform, different for every site, and then I read about some bank clerk who left a laptop containing full details of my bank accounts, and 10,000 other acounts, in taxi with no encryption at all. What gives with these idiots? If it was a hanging offence I suspect that they might take a bit more care with our data.

    David
    Last edited by Rhinoceros; 2013-02-07 at 13:17. Reason: Change of wording

  7. #5
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,172
    Thanks
    47
    Thanked 981 Times in 911 Posts
    It's not the fault of the bod who left the laptop in the cab, it's an organisation that allows portable devices to wander around unencrypted, especially a financial organisation.

    cheers, Paul

  8. #6
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,172
    Thanks
    47
    Thanked 981 Times in 911 Posts
    Key loggers are always an issue. Using Roboform or similar does not stop key loggers from collecting your data.
    Using a password to login to Windows is of no value unless you also encrypt the data on your hard disk. All you need to do is remove the hard disk and put it in another computer. You also need to ensure that you have a backup of your data, particularly from Roboform, and that you have tested being able to recover the Robofom data on another PC.

    As I said in another thread, "My data is much more valuable than my computer, or a bunch of other things I own."

    cheers, Paul

  9. #7
    5 Star Lounger
    Join Date
    Mar 2010
    Location
    east coast
    Posts
    701
    Thanks
    89
    Thanked 8 Times in 8 Posts
    i saw such things at a trade show
    did not work right

    that was some years back
    maybe they got the bad bugs out

    handwriting was a total bust
    i forged the signature and got in during the demo
    the sales rep wrote his own sig and failed

    fingerprints will depend on how well they can do them
    do they do the full protocol the fbi/cia would use
    or did some hacker write some code that seemed to work good enough
    but may have flaws that will end up biting the user in the butt

  10. #8
    5 Star Lounger
    Join Date
    Mar 2010
    Location
    east coast
    Posts
    701
    Thanks
    89
    Thanked 8 Times in 8 Posts
    i always fear teh program will mess up and lock me out forever

    i dont want any of their 3rd party security add ons
    dont even want those passwords they force me to use
    they only cause me problems
    and add no real security

  11. #9
    5 Star Lounger
    Join Date
    Mar 2010
    Location
    east coast
    Posts
    701
    Thanks
    89
    Thanked 8 Times in 8 Posts
    i hope you printed them all out while it is working

    what will you do when it fails
    and you cant get to any of those passwords

  12. #10
    5 Star Lounger
    Join Date
    Mar 2010
    Location
    east coast
    Posts
    701
    Thanks
    89
    Thanked 8 Times in 8 Posts
    i think you give too much credit to teh programmers
    and WAY too much credit to the suits and salesmen

    i would not trust it unless the cia and nsa said it worked right
    and then i would be even more suspicious

  13. #11
    5 Star Lounger
    Join Date
    Mar 2010
    Location
    east coast
    Posts
    701
    Thanks
    89
    Thanked 8 Times in 8 Posts
    and the us govt lost the invasion plans for kuwait on a laptop in a taxi in england before that war
    they got it back - but they can never prove that someone didnt access the info first
    scary that anyone puts any critical data on any laptop ever at all

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •