It downplayed the security weaknesses highlighted by ElcomSoft, arguing that (in practice) they would only be exploitable if a targeted laptop was contaminated with something akin to key-logger software, in which case hackers would already have complete control of a compromised machine anyway. You'd need a key-logging exploit, in which case you're screwed anywayĪuthenTec said on Friday that such measures were unnecessary. The Russian firm is advising users of UPEK Protector Suite to disable the Windows logon feature. But it says the "security weaknesses" supposedly added by the fingerprint reader software would mean hackers would also be able to read EFS-encrypted files, which are secured with a Windows account password. "UPEK Protector Suite simply stores the original password to Windows account, making it possible for an intruder to obtain one," ElcomSoft warns, describing the approach as akin "introducing a paper link to a stainless steel chain".ĮlcomSoft notes that hackers with physical access to a laptop would probably be able to get at files and folders anyway. However the alleged security shortcomings of UPEK Protector Suite have cast doubt over the general assumption that biometrics security is better then password security. By contrast, fingerprint logon is rarely, if ever, barred.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |