Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Lenovo Trying Face Recognition For Logins On New Laptops

Soulskill posted more than 4 years ago | from the careful-about-shaving-that-beard dept.

Security 164

judgecorp writes "Lenovo's new IdeaPads will be using face recognition as a way to replace passwords for users logging onto the laptops. 'Lenovo's VeriFace combines the Windows login and file encryption to password-protect individual files. It identifies users by matching unique features of their faces to photographs taken by the 1.3-megapixel webcam built into the laptop. When Windows users start up their PCs, a camera window pops up in the login frame. The user then just has to adjust their position so their face appears in the window, and VeriFace logs them in automatically.' That could be good, but is the technology really ready for mass market devices? HP ran into trouble when its face recognition software had trouble recognizing people with darker skin."

Sorry! There are no comments related to the filter you selected.

Who the hell would trust this? (1, Flamebait)

maudface (1313935) | more than 4 years ago | (#32557124)

I'm sticking to a reasonably secure password. Anyone who trusts their security with this is only doing it for the sake of feeling futuristic, it's a dumb idea, nevermind the prospect of showing the thing a picture or video.

Re:Who the hell would trust this? (0)

Anonymous Coward | more than 4 years ago | (#32557190)

Why not? We live in a world where nobody has any privacy. Whats wrong with keeping your 'face' password on a small obscure site like facebook?
Video though.. I wonder if the Ipad will have an app for that. The ultimate password cracking tool, an Ipad with identikit software.

Re:Who the hell would trust this? (1)

maudface (1313935) | more than 4 years ago | (#32557204)

Hahahahaha, There's a lot wrong with that, and I say this as someone who's had a stalker break into their facebook/gmail accounts. If we're to move to this "cloud computing" paradigm we're going to have to take the security considerations extremely seriously.

Re:Who the hell would trust this? (1)

icebraining (1313345) | more than 4 years ago | (#32557326)

Whoooooosh!

One would think it was rather obvious when he called Facebook a "small and obscure site"...

Re:Who the hell would trust this? (0)

Anonymous Coward | more than 4 years ago | (#32557220)

I'm sticking to a reasonably secure face. Anyone who trusts their security with passwords that you type that can be guessed is only doing it for the sake of feeling traditional, it's a dumb idea, nevermind the prospect of programming a thing to guess passwords faster than a person can type.

Re:Who the hell would trust this? (5, Informative)

Venik (915777) | more than 4 years ago | (#32557286)

Lenovo is not breaking any new ground here. My 1.5-year-old Toshiba Qosmio can with face-recognition software. The software works equally well with my face or a 1:1 photo of my face - either color or b/w. I think I will stick with passwords for now.

Re:Who the hell would trust this? (1)

IrquiM (471313) | more than 4 years ago | (#32557590)

It's not like this is new for Lenovo either. They've had it for a long time. And no - I haven't managed to fool it with a photo of myself yet.

Re:Who the hell would trust this? (2, Interesting)

Khyber (864651) | more than 4 years ago | (#32557688)

Dude, this technology is FAR OLDER THAN YOU THINK.

I ran it on an overclocked 180MHz Compaq back in the mid-90s. It did EXACTLY THIS - Face-recognition as a password.

Re:Who the hell would trust this? (2, Insightful)

vertinox (846076) | more than 4 years ago | (#32557854)

You would need either two or 3 cams to pass the 3d test.

Actually that would get past the photo issue, but you'd need to put the cameras on other end of the laptop corners.

Re:Who the hell would trust this? (0)

Anonymous Coward | more than 4 years ago | (#32557950)

My Lenovo y510 I bought a year and a half ago came with VERIFACE.

I removed it because it made it hard to login as anyone but myself (I use a non-admin user day to day)
some installed require one login as administrator because they do not attempt to elevate access.

Re:Who the hell would trust this? (3, Interesting)

El Lobo (994537) | more than 4 years ago | (#32557256)

I have one of the new IdealPads with face recognition. The computers are gorgeous and face recognition works well. The first thing I tried was to print a photography of mine with good quality on a 4 arc of paper to see if i could fool the program to think that it was the real me. It didn't work, so I think it's ***reasonably*** secure.

Re:Who the hell would trust this? (1)

Anonymous Coward | more than 4 years ago | (#32557334)

The first thing I tried was to print a photography of mine with good quality on a 4 arc of paper to see if i could fool the program to think that it was the real me. It didn't work, so I think it's ***reasonably*** secure.

It's secure because you tried an obvious approach on 5 minutes of your owm time? Holy shit, you're dumb as a brick.

Re:Who the hell would trust this? (3, Informative)

hey! (33014) | more than 4 years ago | (#32557882)

I didn't even try that, although its an obvious test.

Lenovo's face recognition failed for me because it slows down the login process. Even where it worked right off the bat (which it didn't always) it has to load the software, take the picture, scan it, then analyze it. If your face isn't optimally positioned, you have to stop what you're doing and orient yourself correctly to give the software a chance.

The result was far *slower* than typing a password in, so what was the point? If it were as instantaneous, flexible and reliable as human face recognition, that would be a different matter.

Re:Who the hell would trust this? (2, Informative)

thebasicsteve (1672196) | more than 4 years ago | (#32557500)

This "feature" came installed on my Toshiba Satellite from a year ago. It pretty well sucks, requiring you to have enough light, align your face properly, and turn your head left and right. Takes about 1-2 minutes. Takes me maybe 1-2 seconds to type my random 8 char password...

Re:Who the hell would trust this? (2, Interesting)

0100010001010011 (652467) | more than 4 years ago | (#32557570)

Why not both? Haven't slashdotters always said the best security is both something you know (your password) and something you "have" (your face).

Someone gets your password, but doesn't look like you: No entry.

As far as 'holding up a picture" you'd think that with 3D becoming the new fad and tiny cameras being cheap. They'd put 2.
MacBook Pro 2014 1 camera in each corner and the glasses-less 3D technology.

OOo imagine the porn.

Re:Who the hell would trust this? (1)

StuartHankins (1020819) | more than 4 years ago | (#32557840)

And the day you have an accident that disfigures you -- or even a bad sunburn -- what then?

Re:Who the hell would trust this? (2, Insightful)

DamienRBlack (1165691) | more than 4 years ago | (#32557922)

I think instead of going to a 3D camera, why not just take a video of them turning their face. Or if your worried about someone putting a prerecorded video in front of the camera, maybe you could have the software ask you to say something, then you get both voice recognition and video recognition that can't simply be prerecorded. Seems like the way to go to me.

Re:Who the hell would trust this? (1)

Asic Eng (193332) | more than 4 years ago | (#32557828)

Well, as always when it comes to security: whether the method is suitable depends on the attack scenario you want to protect yourself against. Neither a password nor face recognition provides significant protection against someone with a screw driver who manages to get physical access to the machine. If you want to protect the data on the disk, you need to encrypt the data and use a strong password. If you want to protect against someone making off with the laptop you need a physical lock, so you can attach the device to something hard to move when you can't keep a close watch on it.

If you use the machines in a company setting and you want to retain your company's ability to sue if someone copies data off the laptop while the employee is out at lunch - then this face recognition mechanism is probably enough to show you've made a "reasonable effort" to protect your data. (You can actually lose your right to sue if you can't show that.) As a benefit you would still avoid having to reset the password once a week for the more distracted of your users.

Easy to defeat (3, Informative)

Kazymyr (190114) | more than 4 years ago | (#32557126)

Was there any breakthrough in face recognition recently? It was easy to defeat as of last year.

http://www.internetnews.com/security/article.php/3804906/Facial-Recognition-Gets-a-Black-Eye-at-Black-Hat.htm [internetnews.com]

Re:Easy to defeat (5, Insightful)

houstonbofh (602064) | more than 4 years ago | (#32557218)

It doesn't need to be good, it just has to look good. It's all security theater and marketing.

Re:Easy to defeat (2, Funny)

garcia (6573) | more than 4 years ago | (#32557242)

Oh, here I thought I just had to fire up http://thehun.com/ [thehun.com] and show them one of those facials. Thanks for setting me straight!

My xenophobic rant (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#32557366)

I'm sorry but why is it that everytime I come in contact with someone of eastern European descent, they are invariably complete idiots? I'm in Pittsburgh today at the gas station (the Sunoco on William Penn Highway in Churchill) and a small late model suv pulls up to the pump behind me. The driver, a young woman, jumps out leaving the engine running and the passengers, 3 guys, remain inside all sprawled out over the seats. So, she leaves the engine running while she's pumping her gas and then when she's done, of course, she makes sure to top it off completely, totally oblivious of the wasted money as that additional fuel evaporates into the air and also apparently ignorant of the fact that the canister that collects the overspill will get gummed up over time requiring a very costly replacement. Of course, she is blithely unaware of any of this and just starts yelling out some gibberish and jumps in to speed away.

Seriously, why do you people come here?

Re:My xenophobic rant (1)

clang_jangle (975789) | more than 4 years ago | (#32557416)

Oh, that was me. What I said was, "stop staring at me, you creepy little thing!"

Re:My xenophobic rant (0)

Anonymous Coward | more than 4 years ago | (#32557476)

Well, you were hot. Dumb. But hot.

Fool it with a picture? (2, Insightful)

hawguy (1600213) | more than 4 years ago | (#32557130)

What's to keep me from holding up a picture of my coworker in front of the camera when I want to log in to her computer?

This sounds easier to fool than the fingerprint sensors that can be spoofed with silly putty.

Re:Fool it with a picture? (1)

hughperkins (705005) | more than 4 years ago | (#32557174)

Well, if someone has your photo, then they can get in; but generally I feel the most common scenarios are:
- someone breaks into your house
- you leave the device on the train

In the first, arguably the attacker could steal a photo or two just in case.

In the second, chances are that the attacker knows nothing about your or your photo, so the data should be pretty secure.

Re:Fool it with a picture? (2, Insightful)

biryokumaru (822262) | more than 4 years ago | (#32557206)

If I'm stealing a total stranger's laptop, I honestly don't give a crap about the data. I'll sell it to someone else who'll reformat it and sell it as "refurbished" on amazon.

The only people who would ever care about your data are the people who know you, and they would have the capability and foresight to bring a picture. This system is almost as idiotic as security through voice recognition.

Re:Fool it with a picture? (2, Insightful)

hughperkins (705005) | more than 4 years ago | (#32557266)

Well, the technology may not be there yet, but conceptually, the strongest authentication available is some combination of voice and face recognition, as done by a human.

eg, if you want a new passport, in England, you have to take a picture, and get someone you know to certify it's a true likeness of you. How does that person know it is you? Well, by seeing how you look like, and listening to your voice. I guess?

So, from a theoretical point of view, this system is I feel sound. Just, maybe the technology is not quite there yet ;-)

Re:Fool it with a picture? (2, Insightful)

gregorio (520049) | more than 4 years ago | (#32557428)

Well, the technology may not be there yet, but conceptually, the strongest authentication available is some combination of voice and face recognition, as done by a human.

If you consider just a camera (with no additional sensors spread over a large area), it is a crappy concept. Its the kind of concept that stops being viable once it starts being possible.

Only an awesome 3D camera with an extremely wide angle would not fall into the "just use a printed piece of paper" method. And that non-existent awesome camera would still fall for several other methods, such as well-built models of your face. Even if you're using awesome stereo vision from 2010, the same printed piece of paper in front of any cheap model of a human head will do.

And the kind of AI needed for a computer to detect a person using only image and sound is HARD. So hard that when we actually have this kind of AI, the cheap tech needed to fool it (the hell, to fool real people) will already be available.

eg, if you want a new passport, in England, you have to take a picture, and get someone you know to certify it's a true likeness of you. How does that person know it is you? Well, by seeing how you look like, and listening to your voice. I guess?

The picture allows humans to recognise you. It is meant for humans and humans only.

So, from a theoretical point of view, this system is I feel sound. Just, maybe the technology is not quite there yet ;-)

It depends. If you can afford distributing sensors all over the place, it is POSSIBLE to avoid cheating. You can add cameras and distance sensors over a large area and youll stop most forms of cheating. High-tech cheaters can get away by standing in front of the system and using a special set-up to project a different image inside the camera.

If all you want is a small sensor embedded on a laptop computer, its a stupid concept.

Re:Fool it with a picture? (0)

Anonymous Coward | more than 4 years ago | (#32557278)

My voice is my password, you insensitive clod!!

Re:Fool it with a picture? (0)

Anonymous Coward | more than 4 years ago | (#32557252)

The picture will not work. The software is a bit more sophisticated than that. It maps 3D facial features, etc.

Re:Fool it with a picture? (2, Funny)

witherstaff (713820) | more than 4 years ago | (#32557436)

Anyone else getting flashbacks from the Space Quest games? I remember you had to photocopy a painting to get past a facial recognition scanner...

Pics and it will happen (0)

Anonymous Coward | more than 4 years ago | (#32557132)

No, really, give it a photo and you're in!

Old, old news (4, Insightful)

toppavak (943659) | more than 4 years ago | (#32557142)

This has been available on Lenovo IdeaPad laptops since they first launched maybe 2 years ago. [gizmodo.com]

Re:Old, old news (3, Informative)

toppavak (943659) | more than 4 years ago | (#32557180)

Cnet even ran a piece over a year ago [cnet.com] talking about Lenovo's response to subversion of the facial recognition system at a hacker conference. The general gist of the response was basically "we only use it on consumer grade laptops" and "we're constantly working to improve it".

Re:Old, old news (2, Informative)

Alrescha (50745) | more than 4 years ago | (#32557392)

Facial recognition software came with the Ultraport camera for Thinkpads back in 2000 which would (fairly reliably) unlock your screensaver when you sat down in front of the machine. You could even require that you had to smile to prove you weren't a picture.

A.

Ehmmm... Photo? (5, Funny)

Ecuador (740021) | more than 4 years ago | (#32557144)

So I can just grab a photo of the user whose PC I want to log onto and show it to the cam?
Much easier to crack than that darn retinal scan that requires me to get the eyeballs of my victim...

Re:Ehmmm... Photo? (4, Funny)

$RANDOMLUSER (804576) | more than 4 years ago | (#32557244)

Yeah. What a PITA. Now you have to take their whole head.

Re:Ehmmm... Photo? (1)

Marc_Hawke (130338) | more than 4 years ago | (#32557314)

On my IdeaPad, the facial recognition would track the eyes of a photograph, but not actually log you in. That was with a tiny drivers license photo. I'm not sure what a higher quality photo would have done.

Re:Ehmmm... Photo? (4, Insightful)

Bigjeff5 (1143585) | more than 4 years ago | (#32557468)

The facial recognition has been circumvented on these with a photo of moderate quality. Since the camera doing the recognition is a 1.3mp camera, the absolute most you'll need to beat it is a 2mp photo, and likely a lot less than that will work. A new/clean driver's license photos might work, but a worn one probably wouldn't.

The only way I see them preventing a simple photograph from circumventing this is using two cameras, scanning at different angles, and making sure the two images are slightly different but still match. In that case you would need a fairly complicated rig to get the cameras to look at two photos at once in order to fool them. Much better, but not exactly secure.

As it is now, these are even less secure than fingerprint readers, which can be beaten with a lifted fingerprint (laptop readers require a transparency, but doors can be done with black dust and tape).

The reality is biometrics never work like the movies. An image of your face can be recorded in high enough quality to fool a scanner, your voice can be recorded in high enough quality to fool a scanner, a good camera (around $1k or so) can even get a high quality copy of your retina from a long enough distance that you'd never know it happened, which could then fool a scanner. Fingerprints have always been a joke to bypass. In many cases you can lift the necessary print right off the scanner - you might as well have a sticky note on the screen with your password on it.

All of them are easier to bypass than a simple non-dictionary password. A pass-phrase is several orders of magnitude more secure than the lot, and the easiest to remember. It's only when you want to make passwords super secure that people start writing them on stickies and slapping them on their monitors (note that I have actually experienced this in secure government facilities - it's extremely common when very complex passwords are required). You might as well just use biometrics then, for all the good it is doing you.

Re:Ehmmm... Photo? (1)

kanweg (771128) | more than 4 years ago | (#32557782)

"The only way I see them preventing a simple photograph from circumventing this is using two cameras, scanning at different angles, and making sure the two images are slightly different but still match. In that case you would need a fairly complicated rig to get the cameras to look at two photos at once in order to fool them. Much better, but not exactly secure."

One camera could suffice if you're required to turn your head (like shaking no and/or nodding).

Bert

Re:Ehmmm... Photo? (1)

3c5x9cfg (41606) | more than 4 years ago | (#32557508)

On my wife's IdeaPad I can log in by holding up my macbook in front of it with iPhoto showing a picture of my wife's face in full screen mode. I tried a few photos and the one that worked was taken face-to-face, in the same way that the inbuilt webcam would take it.
I found that I need to tilt the macbook screen slightly so the LCD viewing angle achieved the right level of contrast for the camera in the IdeaPad.

I could just use the password to log in, but that would be boring.

This would be good for my work Blackberry (3, Interesting)

hughperkins (705005) | more than 4 years ago | (#32557148)

Im tired of unlocking my work blackberry with its tiny keyboard every time I want to check the latest email. Security policy mandates we use a long complicated password, which is a total pain to type every time you want to browse the web, or check the map, or whatever.

Re:This would be good for my work Blackberry (1, Offtopic)

houstonbofh (602064) | more than 4 years ago | (#32557246)

An analogy I often use is; "A good way to secure a car is to remove the wheels and put it up on blocks. It just doesn't make a very good car..."

Sometimes the people get it...

Re:This would be good for my work Blackberry (3, Interesting)

hughperkins (705005) | more than 4 years ago | (#32557288)

> An analogy I often use is; "A good way to secure a car is to remove the wheels and put it up on blocks. It just doesn't make a very good car..."

I bought the cheapest bicycle I could in China, 20 dollars, and it got stolen.

So I bought the cheapest one again, and hit it with a brick for 10 minutes, until the paint is all scratched up, and the mudguards are dented.

Hasnt been stolen yet :-D

Face recognition using just a webcam? (3, Interesting)

JaredOfEuropa (526365) | more than 4 years ago | (#32557162)

How easy is it to fool this thing? For instance, will holding a picture of the laptop's owner in front of the camera unlock the machine?

To make face recognition more secure, perhaps they should use two camera's and get a 3d scan of the face (can be fooled as well but less easy), or require that the face is moving. Perhaps even ask the user to read a randomly chosen word and lip-read the response.

Re:Face recognition using just a webcam? (2, Funny)

wtmoose (639328) | more than 4 years ago | (#32557384)

How about requiring the user to depress a preselected sequence of keys with their nose?

Re:Face recognition using just a webcam? (1)

Khashishi (775369) | more than 4 years ago | (#32557422)

Guess what? Not everyone is very concerned about security of their login. Sometimes convenience is more important. Supposing Lenovo can get their software to work quickly and with low error, it could be beneficial to people who don't want to bother with entering a password.

Re:Face recognition using just a webcam? (1)

Bigjeff5 (1143585) | more than 4 years ago | (#32557484)

...will holding a picture of the laptop's owner in front of the camera unlock the machine?

Yes.

They can barely handle people with dark, especially black, skin. They cannot tell the difference between a photo and a live image.

The two-camera idea would be my suggestion, which would make it harder but not impossible.

In any case, it's more finicky and less secure than a passphrase, so why not use a passphrase?

Re:Face recognition using just a webcam? (1)

3c5x9cfg (41606) | more than 4 years ago | (#32557534)

The 3d technique would be an attempt at actual security, the Lenovo technique is described in the IdeaPad manual as a convenience feature.

I don't foresee any major problems with Lenovo shipping this software on all their machines, though it would be nice if they made it crash less frequently and educated the user about the risks of using it.

People have locked things up with simple, easily copied metal shapes for a few thousand years, believing that this was security.

But will it recognize your expression and auto- (2, Funny)

cavehobbit (652751) | more than 4 years ago | (#32557164)

-complete to teenSchoolgirlsInIceCream.fap?

Re:But will it recognize your expression and auto- (0)

Anonymous Coward | more than 4 years ago | (#32557232)

Wish I had mod points.

Twins? (1, Insightful)

Anonymous Coward | more than 4 years ago | (#32557168)

So apparently they forgot that there's such a thing as identical twins...

Also, what happens if you change your hair or makeup or something else? Suddenly you might not be able to get into your computer

!news (1)

Donniedarkness (895066) | more than 4 years ago | (#32557170)

Toshiba's Qosmio line has done this for quite a while....

Re:!news (0, Redundant)

Khyber (864651) | more than 4 years ago | (#32557694)

My mid-90s 180MHz Compaq desktop did this before all of them.

facebook (2, Insightful)

Sporkinum (655143) | more than 4 years ago | (#32557176)

I have been using it for the past couple of months on my netbook. It does a pretty good job as long as you aren't wearing glasses, and you are well lit. Most of the time, the lighting is not good enough, and I would need to remove my glasses. It seems to do well enough discriminating between other people though. I tried it with several different family members and co workers, and it never allowed them. It will log bad attempts, and save pictures of the attempted logins. It also has a mode to detect if a photo is being used to log in. That seemed to work blocking photos as well. I never tried the encryption mode, but since it is Lenovo, I'd bet it has a back door for the Chinese government.

Unless they get it to work in low light though, it's not ready for prime-time.

Re:facebook (1)

Lehk228 (705449) | more than 4 years ago | (#32557202)

low light should be easy, wire up a lensed white LED pair with one light on each side of the camera, it could even run the lights in sequence to help identify photos or other fake faces

Re:facebook (1)

jitendraharlalka (1702444) | more than 4 years ago | (#32557798)

low light should be easy, wire up a lensed white LED pair with one light on each side of the camera, it could even run the lights in sequence to help identify photos or other fake faces

Definitely, there are a lot of things that one can try to overcome poor lighting to make things work. But, that is not the point. The point here is that a manufacturer is not providing you a ready-made solution that one expects. I have got a DELL laptop that has face recognition feature but I hardly use it. Yep, you guessed it right, because of poor lighting (I come from a nation badly struggling with power shortage). I often use it at night (and hence in dark) and have to rely on manual password entry. For me, there is nothing new in the news (and I seriously think the appearance of this story on Slashdot look like a joke). If Lenovo, for example, could solve the problems like one mentioned above or could differentiate between real human and his photograph, then it would have made sense.

Re:facebook (1)

Khyber (864651) | more than 4 years ago | (#32557712)

"It does a pretty good job as long as you aren't wearing glasses, and you are well lit."

Well, I'm always well-lit, but the computer just can't detect me through the haze of smoke, maaaaaaaaaaan.

Re:facebook (0)

Anonymous Coward | more than 4 years ago | (#32558072)

and you are well lit

This should work fine for me, but what if the user isn't a drinker?

Lenovos already use finger print (2, Insightful)

kaptink (699820) | more than 4 years ago | (#32557178)

Whats wrong with finger print readers? I have a Lenovo laptop with a finger print reader and I couldnt be happier with it. This article is not entirely correct in saying face recognition to replace passwords since passwords are only used as backup authentication with most existing Lenovos. It sounds interesting but I dont really see the point. Unless of course you dont have fingers but then using a keyboard would be a bit hard to start with. Sound more trouble than its worth tho given skin tone issues.

Re:Lenovos already use finger print (2, Interesting)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#32557346)

You only get 10 password changes.(not that face readers are any better in that regard).

More realistically, it probably has a lot to do with the fact that fingerprint readers have a per-unit hardware cost, and are typically used to identify the laptop as a "corporate" model, while facial recognition is just software on top of the webcam that virtually all consumer laptops get anyway. It didn't cost nothing to write; but each copy costs nothing to load.

Re:Lenovos already use finger print (3, Informative)

Bigjeff5 (1143585) | more than 4 years ago | (#32557520)

Finger print readers are about the easiest of the biometrics to crack. The press-and-hold type of scanners you can usually just use fingerprint dust and clear tape to fool them, and you can get a good print right off the scanner. For the slide-type readers, you have to lift the finger print then make a transparency to break in. Not exactly difficult.

Seriously, Mythbusters did an episode on it, and it was shockingly easy to break into a fingerprint locked computer or door.

Stick with a password if you care anything at all about your data. If you don't want anybody to get your data ever, encrypt and lock your machine with a passphrase. If you just want to nominally lock the machine (like setting the little chain lock on an apartment door or using WEP for your wireless router), then biometrics are fine.

Old News? (1)

CasualFriday (1804992) | more than 4 years ago | (#32557196)

I'm typing this on a Lenovo Ideapad Y550P that I bought around November of last year, and it came with veriface preloaded.

Re:Old News? (0)

Anonymous Coward | more than 4 years ago | (#32557282)

So we should assume that you are not CasualFriday.

Lenovo has already "tried" this (0)

Anonymous Coward | more than 4 years ago | (#32557198)

My Lenovo ideapad Y510, which I bought about 2 years ago, already has facial recognition login.

Re:Lenovo has already "tried" this (2, Informative)

toadlife (301863) | more than 4 years ago | (#32557552)

Yup., My Mom bought a Lenovoalso a few years back and it has this and she bought my son a Lenovo netbook which also does this.

The article is pure slashvertisement.

Aren't these the laptops that... (2, Informative)

Antony-Kyre (807195) | more than 4 years ago | (#32557212)

are full of bloatware? I thought I read somewhere that these rank number one or something.

They did this in 2001 on my Thinkpad T22 (1)

sprior (249994) | more than 4 years ago | (#32557228)

Back in 2001 for my Thinkpad T22, when you got the camera attachment for the top of the screen it came with a face recognition screensaver. It was pretty amazing how fast it recognized you and unlocked the screen.

so... (4, Interesting)

smash (1351) | more than 4 years ago | (#32557268)

.. how does it handle identical twins?

Re:so... (1)

mordejai (702496) | more than 4 years ago | (#32557362)

Badly, I guess. Considering current technology like Picasa has trouble handling my non-identical twins...

Re:so... (2, Insightful)

Bigjeff5 (1143585) | more than 4 years ago | (#32557558)

Why just dandy, it will unlock for both of them! And anybody who has a decent photo of either of them too!

Seriously, the current state of biometrics are laughably insecure. A simple non-dictionary password, even a 6-8 digit PIN, beats a biometric lock any day of the week.

Basically, when you see a machine or door with a biometric lock, it's like securing your wireless network with WEP. All you are doing is saying "Please don't break in - thanks!" You aren't actually protecting anything.

Until they can reliably tell the difference between a photo and a live image (they can barely recognize dark faces, let alone discriminate against a photo) this is less than worthless. The same is true for all biometrics - fingerprint scanners can often be beaten with dust and tape, and if not a transparency of the print works as well as the original.

Been done (1)

Satis (769614) | more than 4 years ago | (#32557276)

My Dell laptop I bought a year and a half ago shipped with software to do exactly the same thing. I ended up disabling it because it took so much longer for the webcam to fire up and the software to do its thing than for me to just type in a password. This is with a Dell Studio XPS 13, though I wouldn't be surprised if this software shipped on other lappies as well.

Re:Been done (1)

Bigjeff5 (1143585) | more than 4 years ago | (#32557572)

Not to mention the fact that it is orders of magnitude less secure than a simple password (it can be beaten with a photo).

It's cool and all, but completely worthless until the technology makes some serious leaps and bounds.

So when I want to log in... (0)

Anonymous Coward | more than 4 years ago | (#32557320)

I have to wear a Guy Fawkes mask now?

Beards (2, Insightful)

aliddell (1716018) | more than 4 years ago | (#32557354)

For someone who grows beards and then shaves them off again as regularly as me, this might be a problem. Good thing I don't buy Lenovo computers.

It doesn't work. (0)

Anonymous Coward | more than 4 years ago | (#32557398)

I have a lenovo laptop with the new veriface software.

It doesn't work.

Sometimes it won't let me in even though is my exact same face (maybe different way of combing it). Sometimes it will let a stranger access my computer, and even certain background patters will et confused as an "aproved face". (Once I was in the park, left my computer to start until the logon screen came on, while I went away for a brief moment and prepare some other stuff... as I walked back, the computer was already in the desktop... never knew what activated it).

Te technology might be there, but Lenovo isn't.

-Arc

Re:It doesn't work. (2, Insightful)

Khyber (864651) | more than 4 years ago | (#32557724)

"Sometimes it won't let me in even though is my exact same face (maybe different way of combing it)"

You comb your face? Just get a razor, man!

Denial of Service (5, Insightful)

Rockoon (1252108) | more than 4 years ago | (#32557408)

Now we get to see articles about a new wave of Denial Of Service exploits:

Method #1 - The Lens Scratch - No need for a special Key! You can use your own!
Method #2 - The Face Punch - Requires shockingly little computational resources!

Just make sure... (0)

Anonymous Coward | more than 4 years ago | (#32557414)

Just make sure to back up your files on another drive before you go for that plastic surgery...

This isn't new (1)

clone73 (1832616) | more than 4 years ago | (#32557426)

My two year old Lenovo IdeaPad has this feature. Did the press release come out 3 years late?

Re:This isn't new (1)

GizmoToy (450886) | more than 4 years ago | (#32557454)

That's what I was thinking. I bought a old refurbished S10 netbook awhile back that had it. It's probably 1-2 years old now.

Re:This isn't new (1)

raving griff (1157645) | more than 4 years ago | (#32557504)

And Lenovo's not the only brand that's doing it--the Toshiba Satellite I ordered several months ago has this feature as well.

Re:This isn't new (1)

maxwell demon (590494) | more than 4 years ago | (#32557588)

And Lenovo's not the only brand that's doing it--the Toshiba Satellite I ordered several months ago has this feature as well.

Do you have to go to orbit for it, or does the camera have enough resolution to recognize you when looking towards the satellite from ground? :-)

Terrible Idea (0)

Anonymous Coward | more than 4 years ago | (#32557486)

This is an absolutely terrible idea. I'm a student and bought a Lenovo netbook this January. I thought hey "that's a cool feature". I then immediately took steps to breaking it. I took a picture of myself with my digital camera and held the LCD screen of the camera with the picture I just took in front of the netbook's webcam. Instant access. It actually took less time to recognize the picture of myself than when I was sitting in front of the thing as the picture sat perfectly still.

Re:Terrible Idea (2, Insightful)

maxwell demon (590494) | more than 4 years ago | (#32557540)

What about combining this with a normal password? Then an attacker would need both your picture and your password.

OTOH, you might want to keep a picture of yourself, in case you get injured at your head and the bandage makes your computer not recognize you.

great (2, Funny)

circletimessquare (444983) | more than 4 years ago | (#32557488)

now instead of scalping someone's finger to access their stuff, now i have to pull a hannibal lecter

Old News? (1)

Shaltenn (1031884) | more than 4 years ago | (#32557492)

I bought a laptop from Lenovo about a year ago (an IdeaPad Y550) and it came with VeriFace. From my experience the VeriFace software worked fairly well, if the room was well lit. In darker situations it failed miserably. I am not sure how they do the recognition, but it seems to be contrast and location of facial features.

Neat things: You can make movement a requirement for login (like you have to shift your head, open your mouth, etc) in order to bypass people using your picture to login. As for false positives, it seemingly had none. The nice bit is the system takes a picture of someone trying to use the VeriFace login system and stores it for your review at a later date. Not 100%, but surely good enough for standard consumer use.

Re:Old News? (1)

Zorque (894011) | more than 4 years ago | (#32557566)

The one my Dad got a year and a half ago had it, I remember because it was the first thing I had to disable for him.

Nifty (1)

pgn674 (995941) | more than 4 years ago | (#32557530)

The technology is pretty nifty. At work, where we bring in many customer laptops to do virus cleanings etc., one computer had a very long and annoying password. After logging in once, then needing to reboot, I went to log in again, and the login box flashed away just as I put my hands to the keyboard. I logged back out to check, and I found that it had taken a sample image of my face on my first login without my noticing (it did say it was doing it; I just wasn't paying attention), and on the second login it recognized me before I could start typing the long password. All this without me even trying or realizing it was a feature, or even noticing there was a camera (I wasn't looking for one).

The lighting conditions and my face may have been ideal for the camera and facial recognition software, but if they can get that kind of performance in the less ideal cases, I think this would be very well received by the general masses. I forget what brand the laptop was.

Oh come on (4, Insightful)

nickdwaters (1452675) | more than 4 years ago | (#32557562)

To those bellyaching about "security", It's targeted at the consumer... not the pinnacle of perfection demanding hyper geek crowd who demands absolute security. You can always disable the face recognition in favor of windoze login. If you are a cyber crook like gifted facial contortionist like Jim Carrey aimed at thieving a user's data great. You know who you are! As far as it having trouble recognizing those with darker complexion, perhaps the low resolution camera combined with poor lighting could be a factor. My laptop doesn't always recognize me in low light, and I just have a nice George Hamilton tan :)

Access to encrypted data? (0)

allo (1728082) | more than 4 years ago | (#32557576)

face recognition can only authenticate, but not decrypt, because you cannot turn a face into a password, because there is no mapping function, which gets always the same hash for the same face. so the password must be stored somewhere as plaintext to decrypt the data once the user is authenticated.

guest (0)

Anonymous Coward | more than 4 years ago | (#32557582)

I can't wait to set up a guest account ... "sure, you can use my computer, but you must wear this gorilla mask the whole time".

People still don't get it.... (2, Insightful)

Beat The Odds (1109173) | more than 4 years ago | (#32557594)

Passwords have a number of things that biological features don't have.

1) They are a secret
2) They can be changed at will
3) They don't require a physical feature (you can keep them in your mind).

Biological features are thought to be great because of their uniqueness. But the problem is that once they are compromised, it is permanent. So they are never good by themselves.

stereoscopic (1)

spleen_blender (949762) | more than 4 years ago | (#32557684)

Make it stereoscopic and the security becomes non-trivial.

Majolelo (0)

Anonymous Coward | more than 4 years ago | (#32557744)

There's a serious problem in biometric (face recognition is one of them). In 2005, in Malaysia a guy's index finger was cut off by car thieves to access his highly-secured car. Here is the link to the news: http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm Imagine if the same happened to your laptop if it contains highly sensitive data.

So, a picture of me will unlock my PC? (0, Redundant)

gmpassos (1193401) | more than 4 years ago | (#32557918)

I think that something like that was tried in the past, and a picture of the owner of the PC was a good trick to bypass the security and unlock the PC. How they will avoid this kind of trick?

Odo (1)

Anonymous Coward | more than 4 years ago | (#32557974)

The security officer of Deep Space 9 does not think this is very secure.

A little late... (1)

Godskitchen (1017786) | more than 4 years ago | (#32558094)

I bought a Lenovo laptop over a year ago and it had the Veriface software on it. Why is this just news now?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?