Near-infrared image trickery can allow an attacker to bypass Window 10 Hello face authentication.
Security researchers are urging Windows 10 users to update their systems to prevent attackers from using a printed headshot to bypass Windows Hello facial authentication.
Researchers from German pen-testing firm SYSS reported that Windows 10 systems that have not yet received the recent Fall Creators Update are vulnerable to a "simple spoofing attack using a modified printed photo of an authorized person". The attack works against multiple versions of Windows 10 and different hardware.The researchers tested the spoofing attack against a Dell Latitude with a LilBit USB camera and against a Surface Pro 4 running various versions of Windows 10, going back to the one of the first releases, version 1511.
SYSS claims the spoofing attack was successful on a Surface Pro 4 running version 1607 of Windows 10, the Anniversary Update rolled out in summer 2016, even with Microsoft's enhanced anti-spoofing enabled. However, the attack was only successful on version 1703, the Creators Update rolled out in Spring 2017, and 1709, the Fall Creators Update currently being rolled out, when anti-spoofing was disabled.
However, just applying the Fall Creators Update is not enough to block the spoofing attack, according to SYSS. To prevent a successful attack, users need to also setup Windows Hello face authentication from scratch after the update, as well as enabling anti-spoofing.
SYSS provided twovideos demonstrating its proof of concept attacks. A third video shows the attack on a Surface Pro that was updated to version 1709 without reconfiguring Hello face authentication.
A key element of the attack appears to be taking a headshot of the authenticated user with the near-infrared (IR) camera. Windows Hello uses near-IR imaging to unlock Windows devices. Microsoft chose near-IR imaging for authentication because it worked in poor lighting and offered some protection against spoofing attacks, since IR images aren't typically displayed in photos or on a screen.
SYSS printed out a modified version of the near-IR captured headshot in various resolutions and colors. Holding the printout up to a locked device's camera successfully unlocked it. Another method involved placing opaque sticky tape over the RGB camera lens and then holding the same printout up.
As far as the fix goes, SYSS notes that in its test only the Surface Pro 4 supported enhanced anti-spoofing while the LilBit USB IR camera did not.
The company plans to reveal further variations of its attack in spring 2018.
"According to our test results, the newer Windows 10 branches 1703 and 1709 are not vulnerable to the described spoofing attack by using a paper printout if the "enhanced anti-spoofing" feature is used with respective compatible hardware," SYSS wrote.
"Thus, concerning the use of Windows Hello face authentication, SYSS recommend updating the Windows 10 operating system to the latest revision of branch 1709, enabling the "enhanced anti-spoofing" feature, and reconfiguring Windows Hello face authentication afterwards."
Microsoft had not responded to a request for comment at the time of publication.
Simple spoofing attack works against multiple versions of Windows 10.Image: SYSS
Source of the data breach appears to be the country's National Revenue Agency A mysterious hacker has stolen the personal details of millions of Bulgarians and has emailed download links to the stolen data to local news publications. The data's origin is believed to be the country's National Revenue Agency (NRA), a department of the Bulgarian Ministry of Finance. In a message posted on its website on Monday, the NRA said it was working with the Ministry of the Interior and the State Agency for National Security (SANS) to investigate the hack. "We are currently verifying whether the data is real," said the NRA. Hours after this article's publication, the Bulgarian Ministry of the Interior confirmed the hack . HACKER STOLE 110 DATABASES, LEAKED 57 According to reports from local media [ 1 , 2 , 3 , 4 , 5 ], who received part of the data, the hacker said they stole the personal details of over five million Bulgarians, of the country's total ...
It finally happened. Today, all 500 of the world's top 500 supercomputers are running Linux. Linux rules supercomputing. This day has been coming since 1998, when Linux first appeared on the TOP500 Supercomputer list . Today it finally happened: All 500 of the world's fastest supercomputers are running Linux . The last two non-Linux systems, a pair of Chinese IBM POWER computers running AIX, dropped off the November 2017 TOP500 Supercomputer list . Overall, China now leads the supercomputing race with 202 computers to the US' 144. China also leads the US in aggregate performance. China's supercomputers represent 35.4 percent of the Top500's flops, while the US trails with 29.6 percent. With an anti-science regime in charge of the government, America will only continue to see its technological lead decline. When the first Top500 supercomputer list was compiled in June 1993 , Linux was barely more than a toy. It hadn't even adopted Tux as its masc...
Microsoft is using this week's Ignite conference to try to help clarify its collaboration-tool strategy. Here's how SharePoint, Teams and Yammer figure in the mix. Choice is good. But too much choice, especially when it comes to collaboration tools, has been a problem for Microsoft. This isn't news to customers, partners or Microsoft execs themselves. But at the company's Ignite IT Pro conference in Orlando this week, Microsoft execs took a step to try to clarify the company's strategy and messaging in this area. Microsoft Office 365 Marketing chief Ron Markezich kicked off the conference this week with a slide entitled "Microsoft 365 Teamwork: Where to Start a Conversation." That slide attempts to do what Microsoft initially attempted with a 60-plus-page whitepaper : Clarify which collaboration tools customers should use when. The slide, which features SharePoint -- and its files, sites and content storage at the center -- is broken down into t...
Comments
Post a Comment