Session:Dr. Strangethumb or: How I Learned to Stop Worrying and Love Biometrics
Description | In this workshop, we'll discuss and learn how to use and abuse biometric authentication in our daily lives. |
---|---|
Website(s) | |
Type | Hands-On |
Kids session | No |
Keyword(s) | hardware, art, hacking, security |
Tags | biometrics, spoofing, fingerprints, vein scanners, face recognition |
Person organizing | User:Ben, User:Henryk |
Language | en - English |
Other sessions...
|
Starts at | 2015/08/15 14:30 |
---|---|
Ends at | 2015/08/15 15:30 |
Duration | 60 minutes |
Location | Village:Hardware Hacking Area |
[PLEASE CHECK BACK FOR TIMES AND LOCATIONS. CURRENT SCHEDULE TENTATIVE.]
Workshop objective: Empower attendees to make an informed decision about whether or how to use and abuse biometric authentication in their daily lives, by
- giving them some hands-on experience using spoofs to achieve reliable false positives
- investigating the privacy- and security benefits and drawbacks of biometric authentication over or in combination with other authentication methods
- discussing ways in which users can protect their privacy and device security without writing biometrics off as a total threat
What we'll do:
- Scan or photograph latent fingerprints and pre-process them to use as spoof-templates
- Mould wood glue fingerprints and tweak them for better success
- Bypass human face authentication with 'liveness check'
- First-steps work in progress: palm-vein spoofing, and overcoming 3D facial recognition with arts-and-crafts supplies
What we'll talk about:
- Where can we really draw the line between the three authentication factors (Something we KNOW, Something we ARE, What we HAVE)?
- In terms of privacy, security, usability, and even 'power', what do we lose or gain by using different biometrics to authenticate to our devices?
- What are best-practices for both users and non-users of biometric authentication?
- Should or can the spread of biometric authentication and identification be stopped?