Hackers got past Windows Hello by tricking a webcam | Ars Technical

cool-microsoft1-640x320 Hackers got past Windows Hello by tricking a webcam | Ars Technical

Clearly the quickest way to bypass Microsoft facial recognition, no?

Biometric authentication is a key piece of the tech industry’s plans to make the world password-less. But a new method for duping Microsoft’s Windows Hello facial-recognition system shows that a little hardware fiddling can trick the system into unlocking when it shouldn’t.

Services like Apple’s FaceID have made facial-recognition authentication more commonplace in recent years, with Windows Hello driving adoption even farther. Apple only lets you use FaceID with the cameras embedded in recent iPhones and iPads, and it’s still not supported on Macs at all. But because Windows hardware is so diverse, Hello facial recognition works with an array of third-party webcams. Where some might see ease of adoption, though, researchers from the security firm CyberArk saw potential vulnerability.

wired-logo Hackers got past Windows Hello by tricking a webcam | Ars Technical

That’s because you can’t trust any old webcam to offer robust protections in how it collects and transmits data. Windows Hello facial recognition works only with webcams that have an infrared sensor in addition to the regular RGB sensor. But the system, it turns out, doesn’t even look at RGB data. Which means that with one straight-on infrared image of a target’s face and one black frame, the researchers found that they could unlock the victim’s Windows Hello–protected device.

Read 11 remaining paragraphs | Comments

index?i=sOkZpmzuRzY:haxRE8IR8Qg:V_sGLiPBpWU Hackers got past Windows Hello by tricking a webcam | Ars Technical index?i=sOkZpmzuRzY:haxRE8IR8Qg:F7zBnMyn0Lo Hackers got past Windows Hello by tricking a webcam | Ars Technical index?d=qj6IDK7rITs Hackers got past Windows Hello by tricking a webcam | Ars Technical index?d=yIl2AUoC8zA Hackers got past Windows Hello by tricking a webcam | Ars Technical

Read More

Leave a Reply