Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
What Kind of shit hardware is this ?
Who in the right mind, would use something as error-prone as fingerprint-scanners and then give you only one chance to get it right?! -
A lock that can be reseted without a 2nd level of security is a shit lock. You can't exactly loose your thumb the same way you can forget a password.
-
Well it's a lock, not a user application. In the intended usage scenario, the lock is meant to fend off hacking attacks and to protect from theft.
If the physical key alone were enough, that would reduce the lock security to the level of the physical component, which you can bet isn't first class. Lock picking would be the consequence. -
This shit is too easy to break it. Don't even need IT for it.
Don't try it again, it will disappoint you. -
Condor324966yIt'd be terrible security-wise if anything other than the fingerprint can unlock it. It's actually why I dislike having to put a PIN code on Android that you can use instead of the fingerprint scanner, and have to use on boot. I'm not gonna lie, my PIN code is a lot weaker than my fingerprint. But sure a hacker is going to be so nice to use my fingerprint instead of my PIN code π
Same thing with that key lock actually. If it's possible to reset the fingerprint with just a key, then what's the point of it anyway? Say that a lock picker comes along and the lock can be reset with just a key, do you think that they'll ever bother with the fingerprint sensor, other than resetting it to just import *something* of their own and use that? -
jeeper59666y@ThermalCube yea but this level of lock is so easy to get through by 100 other means. These locks are for keeping honest people honest as they say. Having an internal reset button with a security screw would be fine at this level.
-
Well it's a lock. If theres a rookie thieve in your home you better expect that it can not be resetted, otherwise he will google the model and click the reset button.
-
Owner: Fingerprints + key... All good π€
Thief: Which hammer should I try first? π¨π€ π¨ -
Condor324966y@plttn which is exactly my point. The point is that unlocking the device can be done with PIN, and so can adding new fingerprints. It is not something that I deem secure compared to my fingerprint. And I can't insert random gibberish into it either, because every few days, and on every reboot it requires that PIN code again. I find fingerprint scanners nowadays sufficiently reliable to rely on them exclusively.
Essentially, fingerprint is secure but PIN code isn't. Having both available increases the attack surface, conventional locking methods such as pattern and PIN lock being quite a large one. From a security perspective, I don't like this. -
Condor324966y@plttn here's a rant of mine that puts pattern lock security into a nice perspective btw: https://devrant.com/rants/1581491
-
plttn1596y@Condor Considering iPhone acts the same way I think you're a little off base. The purpose of the fingerprint sensor isn't to be the super secure authentication, it's to make using a very secure pattern or PIN less of a PITA. I think I have to enter my PIN on my Pixel 3 once every few days when I wanted to use Pixel Imprint due to security. Throw in the legalities of compelling fingerprints vs PIN, no fallback if biometric system fails, and I'd run far away from a ROM that would just let me set a fingerprint and call it a day.
-
Condor324966y@plttn well the thing is, on my Nexus 6P I've never had any unlock fails and even on my current OnePlus 6T with on-screen fingerprint sensor (which is still very beta right now) the failed unlocks are very minimal. Given 5 unlock attempts currently before PIN becomes required, I feel like that could become the primary authentication method, perhaps with a 5 minute timeout for security purposes and for the operator to go wash their hands (on the OP6T I've found greasy hands from a night's sleep to be the most common cause of authentication failures).
I honestly don't see any reason to keep on using PIN codes anymore. Sure it's easier to swap out than a finger, but it's also much easier to duplicate. A 4 character PIN code (which pretty much everyone uses) is 10k combinations. Sounds like much, but not for a computer. Now compare that to the 7 billion fingerprints currently out there, which are nonetheless all unique. I think that's pretty impressive. And especially capacitive fingerprint authentication is hard to fool, even when you have a copy of the owner's fingerprint from something they touched. -
plttn1596yBut more to the point, if you've only got fingerprint, if I'm police or fed, I just say "unlock your phone with your fingerprint". If you have a pin or you secured your phone by turning off fingerprint temporarily, there's no way for them to get in.
-
Condor324966y@plttn I can refuse to police officers regardless, and they can compel me in various ways to unlock it for them as well. That doesn't change with the unlocking method. The only way in which I would be able to trick police officers is if I were to have e.g. a LUKS encrypted hard drive that has a key in it for self-destruction. But that'd play against me in a very significant way legally. It's safe to assume that if they have legal grounds to access my data, they'll get in with my (not so voluntary) help. But again, that has nothing to do with security.
Security has to do with a crook getting a hold of my phone and choosing the easiest way in without any legal warrants to do so (edit: and without me giving them access by putting my finger on it or giving them my PIN, assume that the crook stole my phone and wants to unlock it by themselves, and don't know how to flash a new ROM). What do you think they'll choose, fingerprint or PIN?
As for the OnePlus 6T's validity as a trustzone security method, that's not related but I do think that optical fingerprint authentication is inferior to capacitive. However, it's the only way to embed it under a screen. So given the bezelless direction in which the industry is heading, I'm afraid that it's here to stay. -
Condor324966y@plttn who knows, right ¯\_(γ)_/¯ but again, regardless of the method used, I feel like fingerprints (the artwork on your finger, not so much the method used to detect it) is an excellent way of authentication. Other than the fact that you've only got 10 of them (so they'll better not be leaked), it's a pretty darn good authentication method. It's fast, easy, and secure. What else do you need? And there's a bazillion ones of them so good luck bruteforcing it.
-
plttn1596yEveryone who has ever been in OPM's database can strike the security of fingerprints as being a little worse :v
-
Condor324966y@plttn I highly recommend you read further into Google's fingerprint authentication process. It's comparable in a sense to TPM modules in that the processing of the fingerprint is done on a dedicated processor, inaccessible to the system, i.e. it probably won't be able to leave it. It's been one of my main concerns on fingerprint authentication as well, but after some research on my end has been negated.
-
Condor324966y@plttn let's put it in a different perspective if you're willing to. Let a friend of yours change all the authentication parts of your phone (fingerprint, and whatever you've chosen as its fallback), then try to regain access to your phone. However, you're not allowed to reflash it or factory reset it. You want your (or in a hacker's mind) the victim's data back. Now attempt to crack your now unknown authentication codes, and assess what are your attack vectors.
This will make you think as a hacker and train you on an asset you own (thus completely legal). It's a very important skill to have, so be sure to give it a shot. -
Condor324966y@plttn it's not just the classical PIN code interface that can be used (and fun fact - is never used for cracking). There's files for cracking that can be retrieved, similar to how database cracking works. You get the file, don't need whatever source you got it from anymore afterwards, and start cracking from the comfort of a well-specced cracking machine.
For more info on password cracking, check out https://youtu.be/7U-RbOKanYs. It provides good insight into why I don't think that 10k attempts is in any way sufficient.
(Edit: or 1M attempts in your case, given brute force which also is a last resort.. the speed in which cracking occurs is pretty hard to grasp, but the status quo is real.) -
Condor324966y@plttn essentially, think of this PIN code as any old password, but with a number limitation on it (i.e. 10^6 in your case). That's a crackable number, if a malicious hacker can get a hold of the file that's storing the hash that's backing it. Even in passwords with a 36+^6 alphanumeric character set, it's too easy. PIN codes just like keys keep out the honest people, but not crooks.
Currently the acceptable password complexity is in about 10 pseudorandom characters, while I'd recommend at least 16 to stand a few years of possible abuse. PIN codes are definitely not among those. In banks they've mitigated it by allowing only 3 PIN attempts and then swallowing your card, which is good. But that method doesn't stand up very well on the internet, especially in cases where someone can get the hash file and can get cracking on their own machine, without any internet connection being needed. Hence why PIN auth is a bit of a problem. It was useful back in the days predating biometric authentication, but nowadays I think it's been succeeded by fingerprint authentication. -
plttn1596yUntil I unlock my phone by entering credentials, you cannot access any decrypted files on said device. You can't exfiltrate the file to crack because until Android trusts the device you're targeting, nothing will be exposed over MTP.
-
Condor324966yI do however think that asymmetric key files are the most secure authentication method (especially in conjunction with biometric) because a key can be so easily swapped out, and it's something you have rather than something you are as is the case with biometric. And the mind is fallible so it's far more robust than something you know. Hence why I prefer keys anywhere I can make them.. although on smartphones that might be a bit unwieldy.
-
plttn1596yThe TEE makes an offline attack like the one you mention impossible on Android and iOS. Only an online attack is possible on recent versions of both major mobile OS, and then you get hit with the rate limiting on the online mode (wait 30 seconds on Android, or wait a very very long time on iOS).
-
Condor324966y@plttn that's the encryption backing it and doesn't have much to do with the authentication mechanisms. But say that I can't access any file on your device and I'm willing to wait 55 hours to get your PIN code in the very much last-resort method of actually going through the regular authentication scheme. Would I (as a hacker) pick the fingerprint or the PIN code?
Keep in mind that this is not much an argument of whether this or that is secure, but more so one of which one would be more secure against attackers, and initially came out of whether having both PIN and fingerprint authentication available to an attacker in an OR manner is a good idea. -
Condor324966y@plttn as for the TEE, it's a great thing to have. Limited access to higher trust ring resources has proven itself very effective in the Linux kernel and sysfs for example. However, PIN codes are backed by files, especially so on devices without biometric hardware onboard.
Related Rants
So I Bought this bio metric pad lock for my daughter. She excitedly tried to set it up without following the directions( they actually have good directions on line) first thing you do is set the "master print" she buggered that up setting her print. So when I got home I was thinking, no problem I'll just do a reset and then we cant start again.
NOPE !!! you only have one chance to set the master print! after that if you want to reset the thing you need to use the master print along with a physical key that comes with it.
What sort if Moron designs hardware / software that is unable to be reset. Imagine how much fun it would be if once you set your router admin password it was permanent unless you can long back in to change it. Yea nobody has ever forgotten a password.
Well they are about to learn a valuable financial lesson about how user friendly design will influence your bottom line. people (me) will just return the lock to the store where they bought it, and it will have to be shipped back to the factory and will be very expensive for them paying for all of the shipping to and from and resetting and repackaging of the locks and finally shipping again to another store. Meanwhile I'll keep getting new locks until at no cost until she gets it right.
poor design
rant
bad for business
poor design
benjilock