How secure is the fingerprint reader?

Performance, hardware, software, general buying and gaming discussion..
Post Reply
Message
Author
goka
Posts: 20
Joined: Wed Sep 08, 2004 2:43 am

How secure is the fingerprint reader?

#1 Post by goka » Thu Aug 24, 2006 3:11 am

I'm trying to understand just how secure the FPR is. In the IBM white paper they say that...
"If the integrated fingerprint reader is not available, it is necessary to use the CSS administrative tool to change the policy with regard to the fingerprint reader. Once that is done, normal use can proceed without the fingerprint reader."
So if I break the FPR, I can still access the data only if I have the password? Doesn't that mean that the FPR really is just a convenient thing to login to your computer, but that it is easy to just bypass it?

I don't know the different levels of security, but is a standard ThinkPad (w FPR) considered to be secure at "government level" or do you need complimentary security products to achieve that?
Top
DIGITALgimpus
Senior Member
Senior Member
Posts: 774
Joined: Sat Aug 20, 2005 1:01 pm

#2 Post by DIGITALgimpus » Thu Aug 24, 2006 11:06 am

The fingerprint scanner is mainly for convenience. Secure fingerprint scanners take several seconds to ID your finger. These will make an occasional error.

No security is foolproof. If you need real security, use a password at least 20 characters long, and contains at at least 2 of each: lowercase alpha, uppercase alpha, numeric, non-alphanumerical character. Also no words or abreviations.
T43 (2687-DUU) - 1.86GHz, 1.5GB RAM, 100GB 5400 (non IBM-firmware Hitachi 5k100) HD, Fingerprint Scanner, 802.11abg/Bluetooth, ATI x300
Top
goka
Posts: 20
Joined: Wed Sep 08, 2004 2:43 am

#3 Post by goka » Fri Aug 25, 2006 1:17 am

So, for instance, SafeGuard Easy, with full encrytpion on harddrive together with FPR isn't any safer than SafeGuard Easy together with a password?

The fact that you must have the correct fingerprint to access the computer is easy to go around?

If you're not using a security system that encrypts your hard drive, then the security is pretty low (non-existant), right? If your laptop got stolen, it's just a matter of botting it from an external drive I guess.
Top
adrianlondon
Posts: 10
Joined: Tue Feb 14, 2006 7:07 am
Location: London, England

#4 Post by adrianlondon » Fri Aug 25, 2006 6:33 am

The fingerprint scanner (on my X41, anyway) just seems to be a way of not having to type passwords.

When I "log in" to Windows, I scan my finger and, very briefly, the typical login box appears, with my password entered (shown by dots, but it's the correct number of dots corresponding to my password length).

So, I assume the fingerprint software just scans your finger, checks it against its database and, if its a match, then looks up your password (hopefully encoded!) in its database and sends that to the O/S as if you'd typed it yourself.

In other words, the fingerprint scanner is a convenience, not a security tool.

If you're worried about data, encrypt it. I don't bother. I do, though, have the HD password set so that if someone grabs my thinkpad they can't access any data on the HD without knowing that password. Even if they took the drive out.

However, there are companies (there must be, right?) who can hack past that.
--
THE Adrian
Top
littlesaint
Posts: 7
Joined: Thu Aug 17, 2006 9:39 am
Location: Cleveland, OH

#5 Post by littlesaint » Fri Aug 25, 2006 11:33 am

However, there are companies (there must be, right?) who can hack past that.
Anything encrypted has to be decrypted to be used. Anything that can be decrypted can be hacked...eventually.
Top
quickie
Posts: 19
Joined: Thu Dec 22, 2005 6:15 pm
Location: Ulm, Germany
Contact:
Contact quickie

#6 Post by quickie » Sun Aug 27, 2006 9:50 am

However, there are companies (there must be, right?) who can hack past that.
For data recovery companies it is very easy to get around the ATA HD password. I would not trust it for securing sensitive data.
Top
simms
Junior Member
Junior Member
Posts: 260
Joined: Mon Dec 05, 2005 6:27 pm
Location: Toronto

#7 Post by simms » Mon Aug 28, 2006 8:35 am

quickie wrote:
However, there are companies (there must be, right?) who can hack past that.
For data recovery companies it is very easy to get around the ATA HD password. I would not trust it for securing sensitive data.
It's a good thing that if my laptop ever gets stolen it's unlikely they'll be working for a data recovery company. ;)

But if the thief is actually smart, they could send it in on their own...but I don't see the thief paying $500 to recover the data that would otherwise be worthless to them...
Top
Brian Wallen
Posts: 25
Joined: Mon Aug 28, 2006 1:04 am
Location: Urbana, IL

Disabling fingerprint reader

#8 Post by Brian Wallen » Wed Sep 06, 2006 2:05 am

I have a complementary question.

I don't want any device that can potentially block my access to my Thinkpad. Can I totally disable the fingerprint reader and its role in the access path to the hardware or OS access. I keep remembering hardware passwords which, if forgotten or corrupted, require replacing the motherboard.
Top
ujav
Posts: 42
Joined: Fri Mar 17, 2006 11:37 am
Location: Kiev, Ukraine
Contact:
Contact ujav

#9 Post by ujav » Wed Sep 06, 2006 10:05 am

quickie wrote: For data recovery companies it is very easy to get around the ATA HD password. I would not trust it for securing sensitive data.
True, after power failure my hdd sets the password on himself.
I found a guy who cures that in couple of seconds - with engineer pass. He even didn't ask me for any documents.)

So the password that requres change of mainboard is good solution. Just try to remember it.)
Top
Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “Thinkpad - General HARDWARE/SOFTWARE questions”

Who is online

Users browsing this forum: No registered users and 6 guests