HOWTO Beat Fingerprint Scanners: With Play-Doh

Reader Comments (rss)

(Flattened / Threaded)

1. wouldn't the fingerprint be backwards?

   by heather - Dec 12th, 2005 @ 11:48am

   hello? why would they accept a backward print?

   (reply to this comment) (link to this comment)

2. Re: wouldn't the fingerprint be backwards?

   by bucket - Dec 12th, 2005 @ 11:51am

   "...by taking a mold of the mark’s finger, filling the mold with Play-Doh, and using the fake digit to gain access."

   (reply to this comment) (link to this comment)

3. No Subject Given

   by Stephen Tillman - Dec 12th, 2005 @ 12:01pm

   Silly putty would actually not work. The silicone-base of the silly putty is to "fluid". It would lose the shape of the print long before it was used.
   
   But, the question remains now... if I had a picture of your fingerprint (probably in newsprint), would I be able to use the "comic copy" effect to dupe your print? And what about if I stretch it out? would it work then?
   
   Ok... now I'm just being silly.

   (reply to this comment) (link to this comment)

4. That is why

   by Wireless Guy - Dec 12th, 2005 @ 12:07pm

   The military never has accepted any fingerprint system without some other version of biometrics around that technology. Simply putting in a system that would look for heartbeat associated with the print at the same time would increase security 20 times over. If the military doesn't allow it, why should you? I mean you can send Secret material in postal mail.

   (reply to this comment) (link to this comment)

5. Re: That is why

   by PJ - Dec 12th, 2005 @ 12:39pm

   That's heartening to know.

   (reply to this comment) (link to this comment)

6. Gummi Bears work too according to Crypto-Gram

   by Brad Tarver - Dec 12th, 2005 @ 12:53pm

   http://www.schneier.com/crypto-gram-0205.html#5

   (reply to this comment) (link to this comment)

7. I've also heard

   by Scotticus - Dec 12th, 2005 @ 1:52pm

   Gummi bears can make nice fingerprint molds, as well. For an extra bonus, you can eat the "evidence" once you're done using it!
   NOTE: Before when your fingerprint scanner is sticky!

   (reply to this comment) (link to this comment)

8. law enforcement

   by Stephen Pray - Dec 12th, 2005 @ 2:11pm

   Ok, cool. so you think i might fool the highway patrol or the dmv and get a fake id? all i have to do is make the fake digit (umm whos could i use? could i make my own little loops and arches?) and then convince the DPS that rubber finger is really mine.. but i am in texas.. might work...

   (reply to this comment) (link to this comment)

9. No Subject Given

   by Jeremy - Dec 12th, 2005 @ 2:12pm

   Anybody watch the Bourne Supremecy movie. Remember how the dude lifted a finger print with tape and transplanted it somewhere else. Try it it works.

   (reply to this comment) (link to this comment)

10. Re: No Subject Given

    by Rikko - Dec 12th, 2005 @ 2:32pm

    But, the question remains now... if I had a picture of your fingerprint (probably in newsprint), would I be able to use the "comic copy" effect to dupe your print? And what about if I stretch it out? would it work then?
    
    As long as you don't put the silly putty on printed material or that'll be a DMCA violation and they'll try you as a witch.

    (reply to this comment) (link to this comment)

11. Can't rotate the password...

    by Chris Maresca - Dec 12th, 2005 @ 2:59pm

    The problem with ALL biometric technology is that once they are hacked (and the fingerprint thing is not new), you can't rotate the password or reissue the token.

    Eventually, all of the authentication technologies based on physical attributes will be useless as they will be in some way compromised. A better solution would be two-factor authentication with something you have (eg. a piece of hardware) being the second factor, not your physical characteristics...

    Chris.

    (reply to this comment) (link to this comment)

12. Re: Can't rotate the password...

    by Anonymous Coward - Dec 12th, 2005 @ 3:12pm

    It is true that any biometric form of authentication can be compromised. I truly think biometrics is a great idea, however. Lets say you were at the ATM, why can't we use biometric fingerprint scanners to pull up your accounts, and then combine that with a pin number. This eliminates an ATM card, and to be honest, if someone knows your PIN, it's a lot easier to steal an ATM card than it is to steal your fingerprint.

    (reply to this comment) (link to this comment)

13. Re: Can't rotate the password...

    by s - Dec 12th, 2005 @ 3:16pm

    a piece of hardware? how is that more secure than using two biometric security methods? if someone can get my finger print and lets say iris pattern or dental pattern...they can probably get my piece of hardware.
    
    and the reality is that everything can be hacked w/ time and money. the key is slowing them down enough to detect the hack or complicating it enough to create more room for error.

    (reply to this comment) (link to this comment)

14. gummy bear

    by Matt - Dec 12th, 2005 @ 7:24pm

    i was in an internet security class, and we had to find things that might work to bypass a fingerprint reader. all kinds of people brought int things and the one that worked most often was a gummy bear. the clear crappy tasting ones. as long as some one has used the finger print read before, it would pickup the residual fingerprint and unlock the computer.

    (reply to this comment) (link to this comment)

15. Re: wouldn't the fingerprint be backwards?

    by flex - Dec 12th, 2005 @ 7:53pm

    finger scanners just pick up a number of main points on your finger... they must only match the same as how it was enter'd into the system. they are a simple tool to use, but we must also remember that for the majority of users, they are..excuse me but ignorant to how things really work, and won't take the time to research anything.

    (reply to this comment) (link to this comment)

16. Re: That is why

    by Saruman - Dec 13th, 2005 @ 2:14am

    I agree. Problem is, most any biometric can be faked, if it relies on only 1 or 2 factors. Lets take Gattaca (dna via blood), Alien Resurrection (breath and voice analysis), Star Trek (voice and eyeball scan), X-Men (eye scan, voice)...all of the above mentioned movies show ways on how the system can be defeated, no matter how near or far into the future you go (or mutated you are =).
    Pretty much the only way to get it right is to submit a full body into the process, and account for every aspect of a human being, including weight, age, skin color, hair, eyes, dna, brainwave patterns, foot and finger prints, breaks in bones, medical conditions.... I can go on with a mile long list. Come up with a system that can do all that, and I can guarantee that every gov't and corporate entity will want a piece of that technology. And you can kiss all your freedoms goodbye =)
    

    (reply to this comment) (link to this comment)

17. Re: No Subject Given

    by Stephen Tillman - Dec 13th, 2005 @ 10:39am

    Rikko, It would be a DMCA violation only if you are copying the finger itself. afterall, it is the Digital Millennium Copyrigth Act. Now, however, I'll probably be burned at the stake for such a horrible pun.

    (reply to this comment) (link to this comment)

18. Diabetics

    by Digitarius - Dec 13th, 2005 @ 12:44pm

    I'm a type I juvenile diabetic, and Fingerprints are something I've always wondered about. As part of my disease I test my blood sugar regularly, which involves lancing my fingertips. At a minimum of three times a day. You can tell it, too! On a particularly bad day, they can get to look like raw hamburger if one isn't careful.
    So, my question is: Do all this pricks and microscabs on there alter my fingerprints? POssibly in ways that would make a run-of-the-mill system reject my own finger?

    (reply to this comment) (link to this comment)

19. by sharah - May 10th, 2006 @ 1:42pm

    why play do

    (reply to this comment) (link to this comment)

20. Finger Print Scanner SUCKS

    by Donald Duck - Nov 25th, 2006 @ 11:56pm

    Youtube has it they did every thing yall thought up and it works. youtube com/watch?v=oXyFmieZjiE techdirt doesn't want you to post urls in here I guess.
    
    Besides mission impossible movies would have a 'fake skin' with the finger prints on it. I'm sure we have the tech to do that for real.
    
    If you was really insidious you can grow real skin in the lab on a mold of the persons finger print your trying to fake. Perhaps spray it with some sort of preservative for the time when you need to slip it on.

    (reply to this comment) (link to this comment)

21. fingerprint scanner

    by john - Aug 10th, 2007 @ 3:24pm

    I beat the print scanner at work . Make a print in silly putty, put a couple laters of liquid latex in the mold until thick enough to handle, peel the new "print" out of the mold, works like a champ.

    (reply to this comment) (link to this comment)

22. Re: fingerprint scanner

    by Chris - Jan 12th, 2008 @ 11:37am

    a can u please explain that trick to me becuase i need to beat this fingerprint scanner....

    (reply to this comment) (link to this comment)

23. by Anonymous Coward - Nov 22nd, 2008 @ 8:42pm

    Just use a latex glove and the last print that was picked up by the scanner will be read as yours

    (reply to this comment) (link to this comment)

Add Your Comment