Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Portables IBM Hardware IT

IBM Introduces Biometric Thinkpad 195

Posted by CmdrTaco
from the good-'cuz-i-forgot-my-password dept.
An anonymous reader writes "IBM has added biometric security to its thinkpad notebooks. The next generation of T series thinkpads will have an integrated fingerprint scanner for added security. The latest machines will also include some pretty cool encryption software, that will keep your hard disk safe, but still let you backup and restore images. This guy managed to get his hands on an early prototype T42 with the new security features integrated."
This discussion has been archived. No new comments can be posted.

IBM Introduces Biometric Thinkpad

Comments Filter:
  • swipe scan (Score:5, Interesting)

    by dirvish (574948) <dirvish@foundne w s .com> on Monday October 04, 2004 @11:51AM (#10430231) Homepage Journal
    "IBM has chosen to go with a swipe-scanner rather than a touch-scanner, for a number of reasons. First and foremost is that a swipe-scanner provides better security. Because you have to drag your fingertip across the scanner, there is no way to "lift" a fingerprint from the surface."

    That is a great idea. Such an elegant solution to what could have been a big problem.
    • Re:swipe scan (Score:5, Insightful)

      by saderax (718814) on Monday October 04, 2004 @11:53AM (#10430251)
      ...except for the multitude of partial prints left all over the keyboard and the touchpad...
      • ...except for the multitude of partial prints left all over the keyboard and the touchpad...

        Hmm. I guess the question then becomes: How accurate of a digital recreation can we make from partials? If it's enough to pass biometric verification then there's no need to waste money/time on a fingerprint scanner.

      • except for the multitude of partial prints left all over the keyboard and the touchpad.

        Well, at least it's a little better than yellow sticky notes with 'passw0rd' written on them stuck to the monitor :)

    • Re:swipe scan (Score:5, Informative)

      by cynic10508 (785816) on Monday October 04, 2004 @11:59AM (#10430333) Journal

      That is a great idea. Such an elegant solution to what could have been a big problem.

      Actually, the swipe scanner is cheaper, consumes less power, and has a smaller footprint than the original designs. So it's really best suited for devices such as cell phones, PDAs, etc.

      • Re:swipe scan (Score:3, Interesting)

        by Dman33 (110217)
        I love the swipe scanner that I have been using on my Ipaq H5450 for the past few years.

        (I always wondered why this was not common on laptops when it has been common on my PDA for so long...)
      • by Anonymous Coward
        ... and has a smaller footprint than ...

        I'm afraid you completely misunderstood the article. You are supposed to swipe your finger across the scanner, not your foot!

        I hope this helped!
    • Re:swipe scan (Score:3, Interesting)

      by Anne Thwacks (531696)
      That is a great idea. Such an elegant solution to what could have been a big problem.

      Or maybe not - what is wrong with a lock and key to open the laptop?

      Not only would it protect the data, it would prevent the HD and DVD combo from being stolen from the laptop while its sitting on the desk (happened to two colleagues lately).

      And stop the keyboard from being damaged by children and small animals.

      Given that the T series have titanium cases, a lot of force would be needed to open them and they would probab

      • A lock and key is only good if you make it a point to lock it each and every time you get up from your desk. Your laptop can be just as easily stolen as you make a quick run to the restroom as it can be if you left it unattended overnight.
        • Not only that, but an attacker would probably only find out after taking the laptop. And trust me, they normally won't bring them back after finding out. And you can always get the drive, DVD, battery and harddisk out after trashing the case.
  • by lifeblender (806214) on Monday October 04, 2004 @11:52AM (#10430236)
    Does this mean you can hack it to record your friends' (or co-workers') fingerprints? Sounds fun and scary.
    • by tanguyr (468371) <tanguyr+slashdot@gmail.com> on Monday October 04, 2004 @11:58AM (#10430326) Homepage
      Does this mean you can hack it to record your friends' (or co-workers') fingerprints? Sounds fun and scary.

      No, you can't. From the article:
      "Of course since the Power On security layer is something that occurs well before Windows has started up, the fingerprint data can't be stored in a Windows file or folder. Instead, the fingerprint scanner itself stores the fingerprint data and retrieves it when the Power On security request is made. You can store a total of 21 profiles in the scanner, which should be more than enough, unless you share one notebook between a score of users. If you're worried about someone extracting the fingerprint data from the scanner and breaking your security, dont be. The scanner only stores a tiny amount of data for each fingerprint, just enough to ensure an accurate match, and nowhere near enough to recreate a complete fingerprint."

      • I know it's lame, but the first thing that came to my mind when I read the number of prints that could be stored in the laptop was that women don't have the 21 "digits" that men do...

        Weird on a Monday,

        myke
      • "The scanner only stores a tiny amount of data for each fingerprint, just enough to ensure an accurate match"

        Unless I'm an idiot, this means that the amount of data the scanner stores is inversely proportional to its accuracy. For example, if one were to store a critical 20% of the data neccessary to recreate a fingerprint, with use of the partials on the keyboard and the top of the laptop, one should be able to recreate the print accurately enough using means like a laser (3d) printer, a bit of spare rubb
        • Only because you asked for it. =)

          The "partial data" is almost certainly a checksum, that takes hundreds of datapoints and combines them into one non-reversible number. This is also done with text passwords.

          A xerox of a finger won't work, since this is not an optical scanner. it measures the capacitance between ridges. Any fake is going to need to be 3D, have the electrical properties of a human, and be swipeable (so perhaps not jello..)

          Finally, I doubt that the signal to the bios is as simple as a on-

          • Both wrong. The data stored is usually some kind of array or matrix of the finger minutiae (relative position, direction, etc). No serious fingerprint identification system compares -images-. Te image of the fingerprint is analyzed, the minutiae are extracted, and that's used to perform the matching against the database. A single fingerprint can contain more than 50 minutiae, while 12 are enough to identify a person.
    • A new definition for "hacking":

      Pronunciation: 'hak-ing
      Function: verb
      The process of removing someone's finger so that you can gain access to their Thinkpad.

      I'm just glad it isn't retina scanning. Ouch!
  • hal (Score:5, Funny)

    by TedCheshireAcad (311748) <ted&fc,rit,edu> on Monday October 04, 2004 @11:52AM (#10430239) Homepage
    I tried one of these laptops for a while, took me weeks to get the thing to stop calling me Dave.
    • by jpetts (208163)
      For those fans of "Only Fools and Horses," does anybody else think that Trig must be a re-incarnation of HAL-9000, since he keeps on calling Rodney "Dave"?
  • by CyberSlugGump (609485) on Monday October 04, 2004 @11:52AM (#10430240)

    Some models of Micron laptops have had this feature [mpccorp.com] for a while.
  • But... (Score:5, Interesting)

    by Sensible Clod (771142) <dc-7@@@charter...net> on Monday October 04, 2004 @11:52AM (#10430242) Homepage
    will IBM include linux support?
  • IBM is pretty cool (Score:3, Insightful)

    by zoloto (586738) on Monday October 04, 2004 @11:52AM (#10430243)
    I was just at their website configuring a laptop for a business purchace. While I have to say their range of laptops are pretty slick their UI designer should be shot.

    Back on topic now, this laptop is nifty in itself. EArlier on another /. article, the hordes were in an uproar about the data security module in laptops. After seeing one on the website and with technical information, both the prior articles mentioning and this new biometric feature are for the purpose of protecting the users data from theft and not for "corporations" protection against "us". It wasn't engineered that way. Maybe in a few years that will happen, but to appease the paranoid crowd here - this is _FOR_ us. not against.

    =) happy /.ing
  • by Tackhead (54550) on Monday October 04, 2004 @11:53AM (#10430246)

    If they designed it in such a way that the LEA backdoor is secure (say, it's got an LEA public key on it, and the private key is kept in the forensics labs), I'll buy one tomorrow. I don't have a need to defend against .gov adversaries - I just want to know that the data on my drives remains secure even after someone steals 'em to get his or her crack fix.

    If, however, they designed it in such a way that the backdoor is not secure (say, a default password stored in cleartext on a serial EEPROM), that's another story. I'll download the crack when it comes out next week, and my soldering iron and I will have an endless supply of cheap entertainment when the machines start showing up at the surplus stores in 2009.

    • I'll download the crack when it comes out next week, and my soldering iron and I will have an endless supply of cheap entertainment when the machines start showing up at the surplus stores in 2009.br>
      Good thinking, you will need something to do in the evenings anyway...since Conan O Brien is taking the tonight show.

    • If they designed it in such a way that the LEA backdoor is secure (say, it's got an LEA public key on it, and the private key is kept in the forensics labs), I'll buy one tomorrow. I don't have a need to defend against .gov adversaries

      LEA means Law Enforcement Access. Some crypto and other security tokens [as in hardware, not Kerberos] have what is called LEAF - the Law Enforcement Access Field. The tokens themselves can be referenced as 'non-LEAF' and 'LEAF-enabled'.
    • ... I don't have a need to defend against .gov adversaries...

      That may be true, but, playing devil's advocate, just because information (e.g., keys) is stored on government information systems doesn't mean that the government is the only body who has access to it. You are implicitly relying on a specific department or agency to secure their information systems.

    • If they designed it in such a way that the LEA backdoor is secure

      If it's got an LEA backdoor, it's broken by definition.

      -jcr
  • ...John Doe from Se7en. If he buys one of these how in the world will he ever get past the added security?
  • Yes, but... (Score:5, Insightful)

    by ProudClod (752352) on Monday October 04, 2004 @11:54AM (#10430258)
    Can it be fooled simply and easily by a piece of jelly [puttyworld.com], like most fingerprint scanners on the market. Surely you can drag the jelly across.
    • The difference though, is that you can't lift a fingerprint from a swipe scanner, like you can with an ordinary flat one.
    • Re:Yes, but... (Score:3, Informative)

      by Anne Thwacks (531696)
      Probably not ... the I-paq one allegedy uses the thermal imprint and not optical, so you would need jelly with suitable infrastructure of arteries and veins.
      • So long as you put the jelly over your real finger (which is the normal mode of usage), those types of scanners do get fooled (if I remember the original paper correctly).

        Also, arteries and veins don't really show up on a thermal imprint, especially not the fine vessels you would see in fingertips. So it's not necessary to fake that level of detail.

        So, IR over optical shouldn't make that big a difference.
    • Re:Yes, but... (Score:3, Informative)

      by HalfStarted (639977)
      Even if it can... it is not totally useless. Strong authentication theory basically says for an authentication method to really be strong it has to be comprised of two parts: something you have, and something you know.

      Biometric measurements are attractive candidates for the "something you have" part because they are unique, in most cases easy to read and convenient... i.e. never left behind. On there own though they do not provide a strong authentication solution... but even then, a large bit-length key
      • I guess it depends on what you mean by "steal". Sure, your actual physical fingerprints might be a bit tricky to grab without you noticing...

        However, given that you leave thousands of impressions of them all over the place every day I wouldn't really call them that hard to steal.

        Do you plan on wearing cotton gloves everywhere?
        • Do you plan on wearing cotton gloves everywhere?

          There have been stranger fashions throughout history. If fingerprint identification became a big deal, then yes it's quite likely that one might wear gloves as a matter of course.

          It might even be a sign of trust to remove one's gloves in another's home.

  • by PetoskeyGuy (648788) on Monday October 04, 2004 @11:54AM (#10430264)
    I can't wait to see all the support websites.

    "Cut my finger slicing tomoatoes, can't access my Thinkpad, HELP!!"

    • by jormurgandr (128408) on Monday October 04, 2004 @11:59AM (#10430330)
      That would be the reason why it allows you to store multiple profiles, and actively encourages users to store more than one finger, and on more than one hand (just look at the screenshots).

    • There was an interview in Business 2.0 a couple years ago with an individual who claimed she had had a very similar problem: she had just finished a presentation for a conference; the weekend before the conference she had a mishap in the kitchen and burned her finger, so she couldn't use the biometric authentication mechanism on her laptop. Her solution? She got on a plane and went to see her twin sister in Florida. She actually claimed in the article that "twins have identical fingerprints" and her s
  • by DHalcyon (804389)
    When I break my Finger? I need my files, you know...
    • by mobby_6kl (668092)
      You can set it up to use more than one finger, so if you break one you can use the one on the other hand, in case all fingers on the first hand are broken/cut off/missing.
    • by dr_dank (472072)
      When I break my Finger? I need my files, you know...

      Sounds like a good pretense for Social Engineering ones way into such a system.
  • The fingerprint setup software looks identical to the iPAQ that has the bioscan feature. That was a PktPC app, tho, so the real issue is whether someone will develop a Linux bio-encrypter for this laptop.

    Otherwise it would remain a Win-only feature and useless to the converts.
  • by Schreckgestalt (692027) on Monday October 04, 2004 @11:55AM (#10430274)
    Now the Mafia have finally got another reason to cut your fingers off! And they can shoot you before you talk, as you don't have to talk.

  • If Bad Guys really want your data, they'll take you along with your laptop and say "Unlock your machine or we'll cut off fingers until we find the one that works. Starting with your toes."

    • Yes, but if your data is worth *that* much, I suppose you'll have a better way of protecting it, won't you? For most of the stuff on my computer, I'd just laugh and give them my password if it came to that ...
    • Under threat of physical violence, most security systems that involve humans tend to break down.

      I'd give up my PGP private key to someone who put a gun to my head - that doesn't mean that PGP itself is insecure.
  • by Infinite93 (664963) on Monday October 04, 2004 @11:56AM (#10430279)
    But Motorola has sold a laptop with this for law enforcement for over a year now.

    http://ruggedpower.motorola.com/ [motorola.com] Our local PD has them for detectives. Heavy, but nice feature set.

  • Hype Factor 9 (Score:5, Informative)

    by cynic10508 (785816) on Monday October 04, 2004 @11:56AM (#10430282) Journal

    For an IT manager, biometric security will make life much easier. Gone will be all those phone calls from users who've forgotten their passwords. And there will be no more worries about insecure passwords, or even keystroke loggers, trapping passwords and passing them onto hackers and fraudsters.

    Gone may be phone calls for forgotten passwords but there'll be plenty of new calls as to why their fingerprints aren't scanning. The function of accuracy for fingerprint scanners varies according to things such as the skin's elasticity. This changes with age, humidity, cuts, etc. So biometrics aren't a 100% fix. There will always be "goats," the people for whom biometrics just doesn't work well, including the biometrics professor around here who's missing a fingertips (not due to any experiment mishap, mind you). I'd also worry about the security of your stored biometric data. Hopefully it'd be a hash and not the raw data, which could be harvested and used. Then again, I wonder what the incidence of collisions in a hash that uses biometric data is?

    • Well you beat me to revealing the PR hype. In addition, if the fingerprint suddenly stops working for some reason (let's say our employee was bricklaying the last weekend, or doing an intensive Vitamin C exfoliation) is there a way of getting the computer to boot? And if there is, what's the point? It's just expensive snake oil.

    • But an increase in calls to helpdesk along the lines of: "I forgot my fingerprint, could you reset it please?"
    • Re:Hype Factor 9 (Score:3, Informative)

      by lesinator (459276)
      Not only easier, but also more secure. A common username and password is only 1-factor authentication (they're both something you can know). Using a username and biometric is 2-factor authentication (in this case, someting you are and something you know). For 3 factor authentication you need to cover: something you know, something you have, and something you are.

      Biometrics stored for authentication are stored in a reduced, non-reversable format. Its designed to be searched and matched, but not extracte
  • False security (Score:5, Insightful)

    by GraWil (571101) on Monday October 04, 2004 @11:56AM (#10430283)
    This is nothing more than false security for pointy haired induhviduals. A clueful cracker with console access can usually get access to data. If the laptop is stolen, so is the data and no fingerprint widget will prevent it.
    But what makes SafeGuard Easy so special is that it works with IBM's own Rescue and Recovery utility. The problem with encrypted data is that when you try to restore an image of an encrypted hard drive, all the data, including the boot records just look like garbage to the restore program. But with SafeGuard Easy, you can keep the entire contents of your drive encrypted, and still be safe in the knowledge that should your hard disk crash, you can restore all your data to a new drive despite the fact that it's encrypted.
    Has anyone here used or admined IBM's lotus notes? I feel real good about trusting IBM with my encrypted HD.
    • Re:False security (Score:3, Informative)

      by browncs (447083)
      Has anyone here used or admined IBM's lotus notes? I feel real good about trusting IBM with my encrypted HD.

      Are you aware that:

      • Lotus Notes had the first commercial implementation of a Public Key Infrastructure (PKI), and it's still by far the largest commercial deployment of a PKI.
      • Lotus Notes has never had a security incident where a virus or worm successfully attacked it via Notes native interfaces or e-mail. (There have been some security patches required in the Internet-compatible interfaces.)
      • Lotus Notes has never had a security incident where a virus or worm successfully attacked it via Notes native interfaces or e-mail. (There have been some security patches required in the Internet-compatible interfaces.)

        Would that be because it runs on a popular OS that has a security model based on Swiss cheese, thus eliminating the need to crack the app? I am actually asking not trolling, I do not know what Notes runs on.
    • Re:False security (Score:4, Informative)

      by darkwhite (139802) on Monday October 04, 2004 @01:23PM (#10431474)
      A clueful cracker with console access can usually get access to data. If the laptop is stolen, so is the data

      RTFM.

      Do you know how password protection and data encryption works on laptops? No, you don't.

      There are several layers of security involved. First, the BIOS and the HDD both have password authentication mechanism. The BIOS stores its passwords on a custom chip which scrambles its I/O. Resetting the BIOS master password is possible, but it requires a highly modified chip programmator and a skillful person.

      The HDD stores its password on the platter and requires it before it will allow access to any data. To bypass this mechanism, you must engineer your own HDD controller chip which will skip the authentication and the PCB for it and transplant it in place of the one on the HDD. This is virtually impossible unless you have very good friends in the HDD manufacturer company.

      Finally, after the HDD allows access, the software encrypts selected files using strong encryption and stores the keys on the secure (TCPA) chip. The secure chip requires a passphrase before it will allow access to the keystore. It is virtually impossible to bypass this and retrieve the keys from the secure chip without knowing the passphrase.

      Therefore, to retrieve the data from the stolen laptop's HDD, you must first possess either extreme competence in electronics or extremely good illicit connections in the industry, and second, brute-force industrial-strength encryption on the files. Good luck.
      • This is virtually impossible unless you have very good friends in the HDD manufacturer company.

        Until someone in some other country with a chip fab does it, and then starts selling the controller boards.
  • by Anonymous Coward
    To stop the casual snooper? Screensaver passwords do that already.

    If the thief has physical access to the machine, nothing short of encryption is going to prevent him or her from getting at your data.
  • Notebook Nirvana... (Score:3, Interesting)

    by NetJunkie (56134) <.jason.nash. .at. .gmail.com.> on Monday October 04, 2004 @11:57AM (#10430300)
    I love my Thinkpad. I had a T30 before that stayed on 24/7 for over a year. The only time it was turned off was to/from vacation. The rest of the time it was a workhorse. Now I have a T42P and love it as much or more. Functional and VERY stable. Sure, it doesn't have some super new gizmos like others, but it works every time.

    Every time someone asks me about a notebook I recommend IBM. They go out to Best Buy and get some other brand with 20 other options they don't need and then get mad when it breaks or isn't stable. Thanks IBM!
  • by Anonymous Coward
    "Please push your scrotum on the biometric sensor to login."
  • by CyberLord Seven (525173) on Monday October 04, 2004 @12:05PM (#10430402)
    This is cool though. I like how IBM put the fingerprint ID tech in front of Windows. That means Linux based OSs can also take advantage of this when these machines are being sold as refurbished in a few years.

    I'm a little disappointed that the encryption stuff may not transfer well to non-Windows OSs.

    Now what happens when someones finger is damaged to due fire, electrical shock, or blunt trauma? I had this problem with an old Compaq laptop that had a system password at the BIOS level. It made the laptop permanently mine since I didn't want to disclose my password to anyone else.

    I know there's room for 21 different fingerprints, but I wonder how many end users are going to think to register more than one of their fingers...just in case.

  • If you don't want an IBM Thinkpad for the fingerprint scanner, the APC fingerprint scanner/biometric reader seems to work pretty well. I saw it for $29 or so at Fry's yesterday.

    My friend bought one a while back and used it rather successfully on his Dell D800 before he had to give the computer back to his employer. It was pretty accurate in scanning his fingerprint. He never got locked out of his machine.

    I can't remember if the machine would NOT allow a login without the reader or not. If it would, th
  • In theory and from what I have read on the article, it will be a great device for security. But I don't think people will really realize how annoying this feature will become. If it gets damaged, no more using computer. If you get a nice little scare on the finger you choose to scan, no more using comptuer (unless of course you add more than one finger, but still). I guess this is one of those things that the government should use, I don't know how easy or useful it would be used for a personal use compute
  • fingerprint biometrics are notoriously spoofable [securityfocus.com]. only 1 in 1000 even mention "liveness detection" with an adequate threat model.

    vascular scan biometrics are the only adequate security solution to date (with the possible exception of facial geometry). even iris scanners are susceptible to spoofing.

    vascual ! always = retinal scan; many foreign banks are using hand vascular scans for banking transactions. facial vascular scans can also be less intrusive than retinal scans.
  • Changing your password just got a lot harder :)
  • So what happens if I get a papercut, lose a finger, lose a hand, somehow wind up with a scar over my finger or something? Is there any way to get at the data or is it lost forever unless I brute force the keys?
  • by xanthines-R-yummy (635710) on Monday October 04, 2004 @12:34PM (#10430832) Homepage Journal
    A la this article [slashdot.org].

    I didn't RTFA, admittedly, but did IBM take her results into consideration before designing/implementing this feature?

  • Is it still possible to get IBM laptops without the DRM? I would like a new laptop, and I like the fact that IBM's are not Dells, but I don't want to fork out any cash for DRM harboring kit.
  • Sure, thats all well and good, but is the API to the hardware scanner components exposed in such a way that allows Linux developers such as myself to poke at it, and write a compatible AES encryption layer to interface with it?

    Encrypting a Windows machine prior to login is nice, but in the rest of the world, the GUI is the last thing we run, not the first.

    In Windows, you run the GUI, and execute the shell.

    In Linux (and most Unixes), you run the shell, and execute the GUI. Its a very different paradigm

  • by Aumaden (598628) <Devon.C.Miller@NoSPAM.gmail.com> on Monday October 04, 2004 @01:03PM (#10431207) Journal
    Never use biometrics to control access to critical data. Barring such silliness as using toeprints, biometrics allows you 10 credentials (or only 2 is using full palm prints).

    If your RSA key is compromised, you can just generate another. You can do this as often as necessary. However, if you fingerprint is compromised, all you can do is switch fingers. Nine compromises later, you're SOL.

    Now for ordinary folks who just use this to keep others from messing with their laptops, this isn't an issue. However, if security is critical, biometrics just won't cut it.

    And, yes it's fairly easy to fool a finger print scanner. All it takes is some Krazy glue and a Gummi bear [theregister.co.uk].

  • So many critics... (Score:4, Insightful)

    by nunley (760422) * on Monday October 04, 2004 @01:13PM (#10431349) Homepage
    I am the guy they quoted in the original press release. I have one of these babies in my hands and let me tell you... pretty cool stuff.

    My 2 cents...

    The fingerprint reader is of a type that has not been 'fooled' yet. Yes, contact readers are easy to fool. This is not a contact reader. It reads the capacitive properties of the ridges and valleys that make up your finger print. This is actually quite cool since a severed finger does not have the same capacitive properties, and the reading is of live tissue *under* the skin, not your dead skin at the surface. So, a minor injury isn't going to be a big deal and the mafia cannot cut your finger off and use it. Furthermore, the extra small footprint of the reader is nice because there is less opportunity to damage the reader with scratches.

    The idea is to register more than one finger and fingers from both hands. Of course, nothing is foolproof, but the idea here was to include a low cost yet effective way to provide biometric access control to the laptop. The embedded security system (ESS) protects a lot of things including a password vault. Password vaults have their drawbacks, the most obvious of which is if you have the 'master' password, you now have *all* of the passwords that user has stored in the vault. Average users tend to use simple master passwords, making the password vault a huge risk. This is a way to provide the functional equivalent of a strong password to unlock the vault without making the user have to remember a complicated password or some hardware key.

    I am very impressed with the entire package. I think it will make it much simpler for IT to deploy things like ESS without destroying all of the value in ESS because users choose crappy passwords. There are a number of add-ons that make it very appropriate for enterprise deployment, including centralized key storage and disaster recovery software.

    My biggest problem to date with this kind of software was it hasn't been real reliable in the recovery category. I could make it very secure, but God help me if I had a hard drive crash or an OS go belly up. The 'backups' of this data were often times 'too secure' to be recovered. This latest package of hardware/software has many of the previous holes filled in and I am happy to report success in all of the tests I have conducted so far.

    Of course, anybody can implement this poorly. However, IBM has done a stellar job with it this time. I feel privileged to get to play with stuff like this.

    -Shawn
  • copycat (Score:3, Interesting)

    by oneishy (669590) <jczebota@oneishy. c o m> on Monday October 04, 2004 @01:24PM (#10431484) Homepage
    . The latest machines will also include some pretty cool encryption software, that will keep your hard disk safe, but still let you backup and restore images.

    How is this different than apples FileVault [apple.com] feature in OSX which uses 128bit AES encription on your home directory?

    I have a powerbook and I must say that the FileVault works beautifully (and seamlessly)

    It used to be Microsoft copying Apple, but I guess IBM can do it to. Granted my powerbook doesn't use a fingerprint as the encryption key.. but still.

  • There is a big problem with all this.

    At the moment, with current levels of security, if anyone's account/CC/whatever gets hacked, you at least have the option to change password, account UID etc. etc.

    When it all comes down to biometrics, and the hacks come out to mimic finger prints, eye scans, pubic hair et al, what we all going to do? You can't like change your fingerprints/DNS overnight???

    Doh!
  • Insecure? (Score:3, Interesting)

    by Kent Recal (714863) on Monday October 04, 2004 @03:52PM (#10433392)
    This [heise.de] article from 2002 claims that most fingerprint readers available to joe user by that time were easy to fool. Easy as in: press a plastic bag filled with warm water on it to replay the last print.
    Are we looking at a new, better generation of readers today or are they still as insecure as they used to be?
  • Sigh they are taking fingerprints of everyone entering your country.

    And face shots. Basically they are a bunch of assholes, I'll stick to passwords for the timebeing.

To avoid criticism, do nothing, say nothing, be nothing. -- Elbert Hubbard

Working...