The funny part is that they also managed to gather the fingerprint of then German Home Secretary Wolfgang Schäuble (an outspoken proponent of biometric authentication technology) and published it in the club magazine "Datenschleuder". On clear tape, ready to stick it on your own fingertip...
My brother (not a twin, physically very different from me) once came with an HP laptop with fingertip unlock, and my finger unlocks it ~ 50% of time.
I suspect those system to be set with an extremely high level of tolerance; if they aren't, they probably often fail to recognize legitimate fingerprints and people revert to the old, not-hardware-vending passwords.
It'd be interesting to benchmark this trick against commercial grade systems.
The hardest part of finger print analysis is not the matching but figuring out if the finger is still attached to the body that it originally came with, and then if the print is still attached to the original finger.
I'm sure they are; most of the time they're not guarding national security, but a few soccer moms and football fans complaining they can't get into their laptop because their fingers still have Cheetos on them could be a PR problem.
Fingerprint sensors, even the extremely-high-end, are rather laughably easy to fool. Never rely on them for identification. Period.
For instance, if you've got one that also measures GSR to generate the image, you just make the end-product out of ballistics gel that has the same conductivity. No really, it's been done, and it works rather flawlessly.
Alternatives that show more promise are iris scanning, retina scanning, and whatever that back-of-hand blood vessel scanning is that I saw a while ago (infra red, if I remember right).
I wonder how long does it take Youtube to remove the video. I really expect it to happen (in the name of taking down harmful instructions for terrorists, etc.)... Otherwise - most of the things that come from CCC are good learning materials.
That's 23k visits over 4 years - it's barely a blip on their radar. Let's see what happens after half of HN visits the link and someone blogs about it. (I may be wrong of course, but there were some cases of "dangerous" material being removed before afair)
i doubt they're going to take it down. a different version of this was aired in german television one or two years ago.
one show even picked it uped and worked with the ccc to show that selve-servicing sales stations that one of the largest supermarketchains (EDEKA) was introducing, who had fingerprint auth, were not safe.
It seems to me like Iris recognition is much more reliable, although I don't know how easy it is to fool the system. John Daugman's web page contains lots of _really_ interesting material: http://www.cl.cam.ac.uk/~jgd1000/
the problem here is just that iris recognition is not yet a mass market product. fingerprint readers are built into laptops etc and you can buy a usb fingerprint reader for very little money.
Its all about the quality of reader. Not all are alike.
This spoof is likely against a silicon reader. Most silicon readers can be spoofed with molded fingerprints and gummy bears. Optical scanners can be spoofed with black and white printouts. Neither are very usable.
There was a bit in the news a few months back that a woman from mainland China used surgically alterated fingerprints to gain entry into Japan (after multiple deportations). Notably she was not caught because of the fakes, but simply after they arrested her later for other reasons. http://news.bbc.co.uk/2/hi/8400222.stm
A definite possibility, though the other is that superglue reacts with plastics, sometimes quite destructively. Fumes alone can eat up plastic films, for instance. It's quite possible the fumes simply screwed up the surface of the plastic enough to look white.
http://www.h-online.com/newsticker/news/item/CCC-publishes-f...
http://www.edri.org/edrigram/number6.7/fingerprint-schauble