<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>fingerprints &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/fingerprints/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Sun, 12 Jan 2025 15:08:10 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Google Is Allowing Device Fingerprinting</title>
		<link>https://noise.getoto.net/2025/01/02/google-is-allowing-device-fingerprinting/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 02 Jan 2025 20:22:50 +0000</pubDate>
				<category><![CDATA[data collection]]></category>
		<category><![CDATA[fingerprints]]></category>
		<category><![CDATA[google]]></category>
		<category><![CDATA[identification]]></category>
		<category><![CDATA[Privacy]]></category>
		<category><![CDATA[tracking]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69728</guid>

					<description><![CDATA[Lukasz Olejnik writes about device fingerprinting, and why Google&#8217;s policy change to allow it in 2025 is a major privacy setback.
EDITED TO ADD (1/12): Shashdot thread.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Breaking Laptop Fingerprint Sensors</title>
		<link>https://noise.getoto.net/2023/11/29/breaking-laptop-fingerprint-sensors/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 29 Nov 2023 12:09:48 +0000</pubDate>
				<category><![CDATA[authentication]]></category>
		<category><![CDATA[biometrics]]></category>
		<category><![CDATA[fingerprints]]></category>
		<category><![CDATA[identification]]></category>
		<category><![CDATA[reports]]></category>
		<category><![CDATA[sensors]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68143</guid>

					<description><![CDATA[<p>They’re <a href="https://arstechnica.com/gadgets/2023/11/researchers-beat-windows-hello-fingerprint-sensors-with-raspberry-pi-and-linux/">not that good</a>:</p>
<blockquote><p>Security researchers Jesse D’Aguanno and Timo Teräs write that, with varying degrees of reverse-engineering and using some external hardware, they were able to fool the Goodix fingerprint sensor in a Dell Inspiron 15, the Synaptic sensor in a Lenovo ThinkPad T14, and the ELAN sensor in one of Microsoft’s own Surface Pro Type Covers. These are just three laptop models from the wide universe of PCs, but one of these three companies usually does make the fingerprint sensor in every laptop we’ve reviewed in the last few years. It’s likely that most Windows PCs with fingerprint readers will be vulnerable to similar exploits...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Brute-Forcing a Fingerprint Reader</title>
		<link>https://noise.getoto.net/2023/05/30/brute-forcing-a-fingerprint-reader/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 30 May 2023 11:16:43 +0000</pubDate>
				<category><![CDATA[academic papers]]></category>
		<category><![CDATA[authentication]]></category>
		<category><![CDATA[cracking]]></category>
		<category><![CDATA[fingerprints]]></category>
		<category><![CDATA[smartphones]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67393</guid>

					<description><![CDATA[<p>It’s <a href="https://arstechnica.com/information-technology/2023/05/hackers-can-brute-force-fingerprint-authentication-of-android-devices/#p3">neither hard nor expensive</a>:</p>
<blockquote><p>Unlike password authentication, which requires a direct match between what is inputted and what’s stored in a database, fingerprint authentication determines a match using a reference threshold. As a result, a successful fingerprint brute-force attack requires only that an inputted image provides an acceptable approximation of an image in the fingerprint database. BrutePrint manipulates the false acceptance rate (FAR) to increase the threshold so fewer approximate images are accepted.</p>
<p>BrutePrint acts as an adversary in the middle between the fingerprint sensor and the trusted execution environment and exploits vulnerabilities that allow for unlimited guesses...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 58/59 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-05 23:23:15 by W3 Total Cache
-->