×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Toshiba Puts Fingerprint Readers on Cell Phones

samzenpus posted more than 7 years ago | from the touch-it dept.

Communications 163

An anonymous reader writes "As if it wasn't enough to have fingerprint scanners on laptops, Toshiba has put them on two of its latest smart phones. The Toshiba G500 and G900 feature fingerprint scanners on the back of the handsets, allowing users to access their phone by simply sliding their finger over the scanner. This is supposed to provide a better level of security than using a code of some sort. Of course it also means that someone is more likely to chop your hand off if they desperately want your data."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

163 comments

I'd slide it a finger allright... (3, Funny)

Zapotek (1032314) | more than 7 years ago | (#18021152)

The Toshiba G500 and G900 feature fingerprint scanners on the back of the handsets, allowing users to access their phone by simply sliding their finger over the scanner.
...and that would be the middle one.

IMHO it's far more complex than necessary, more cool features == more things waiting to fail.

Re:I'd slide it a finger allright... (1)

The Clockwork Troll (655321) | more than 7 years ago | (#18021292)

Not to mention that this kind of auth is at best inconvenient (at worst, dangerous) in a hands-free situation such as driving.

Re:I'd slide it a finger allright... (1)

sonicleads (729997) | more than 7 years ago | (#18022026)

How is it any worse than entering a PIN? You'd just authenticate before you started driving. The only (realistic) way I can think of authenticating hands-free while driving would be voice, and I don't think it's quite there yet. I can't see some businessman doing 95 while screaming "Unlock!" at his phone repeatedly being much safer.

Re:I'd slide it a finger allright... (3, Informative)

SimonInOz (579741) | more than 7 years ago | (#18022064)

I have one of these Toshibas. The fingerprint scan works mostly - but it doesn't work very well if you are cold (maybe it thinks you are dead ... how would Spike [a vampire - info for those foolish few who don't follow Buffy] operate one of these?)
Also the software for handling the login process is pretty sucky - it's hard to handle the mail server which tends to come up with different names, etc etc. I eventually disabled it for all except the main login, which works well enough to cope with. I have done better than most - who have given in.

On a phone, it could be a pain - but at least it has to do only one thing. Entering a six digit password (as I must on my corporate Blackberry) is *very* painful, though, and a fingerprint scan would defintely be better than that.

Re:I'd slide it a finger allright... (1)

ronanbear (924575) | more than 7 years ago | (#18022116)

Right, so if I were to become an undead vampire I wouldn't be able to access my contacts list on the phone anymore? Bummer (not so much for them, though).

What about flesh eating zombies?

Re:I'd slide it a finger allright... (1)

Heian-794 (834234) | more than 7 years ago | (#18022250)

The fingerprint scan works mostly - but it doesn't work very well if you are cold

Another problem just occurred to me: in winter, people will have to take their gloves off just to make phone calls outdoors!

I realize that people in the US spend a lot of time driving, but people also make a lot of calls when outdoors waiting for people to meet them, etc.

Or will global warming soon become so intense that we won't have to worry about outdoor gloves anymore? ^_^;

Windows Mobile? LOL (-1, Troll)

Anonymous Coward | more than 7 years ago | (#18021154)

There's no way I'm buying a phone with an operating system that crashes 10 times a day and needs 900-1200 times more CPU and RAM than Symbian.

Slashdot Fool? LOL (0)

Anonymous Coward | more than 7 years ago | (#18021626)

>>There's no way I'm buying a phone with an operating system that crashes 10 times a day and needs 900-1200 times more CPU and RAM than Symbian.

So you should be fine with this phone then, because the above is 100% weapons grade bullshit.

So why isn't this phone using Symbian if it's so f'in wonderful? Oh yeah, it's not up to the job and horribly underfeatured. lol

If it wasn't ... (1)

FIT_Entry1 (468985) | more than 7 years ago | (#18021170)

Of course it also means that someone is more likely to chop your hand off if they desperately want your data
... for the fact that I was reading this on /. I would just assume you were joking.

another feature to be crippled (0)

Anonymous Coward | more than 7 years ago | (#18021176)

Those of us who live in northamerica probably won't get this feature, since our domestic carriers have a penchant for disabling features on "their" phones. Nokia E62 all over again...

This would be the LAST feature they would cripple (1)

gd23ka (324741) | more than 7 years ago | (#18021590)

You should know by now they only cripple useful features people want.
They could put biometrics on phones and then use that to connect the
phone even tighter to you, the actual person. With biometrics on board
the defense you loaned the phone to a third party is gone.

Also you could be called by some agency and ordered to present your
fingerprint at random intervals maybe as part of some probation
monitoring scheme.

Re:This would be the LAST feature they would cripp (1)

Rakishi (759894) | more than 7 years ago | (#18022276)

Yeah and they'd argue that it is impossible for someone to have used your phone, despite it being quite possible to copy a fingerprint. I believe insurance companies did that regarding some "unbreakable" security systems/locks in cars (ie: we're not paying because despite you claiming your car was stolen we claim such an act is impossible so go stfu).

Re:another feature to be crippled (1)

nkv (604544) | more than 7 years ago | (#18021750)

What does "their" mean in this context? Where I am, we first get a connection and a SIM from a provider then go to a showroom and buy a phone from there (Nokia, Motorola whatever). Insert the SIM into the phone and start using it. The carrier and the handset are provided by different people. Isn't it the same way there in the US?

Re:another feature to be crippled (1)

jonwil (467024) | more than 7 years ago | (#18021872)

You can either choose to buy a SIM and then a phone separately or you can go for a contract and get a phone that is cheaper than you would normally pay. However, the downside to the lock-in is that you may have features disabled (of course if you own a Motorola, you can use FLEX editing to enable the features again :)

Re:another feature to be crippled (1)

AnalogFile (772030) | more than 7 years ago | (#18022012)

Where I live we also get the SIM from the carrier and the phone from the shops. Plus most carriers also sell you the phone, if you want to buy it from them (the phone comes conveniently set up to use with that specific carrier).

But I understand that most cell phones in the USA are locked to the carrier. The user does not own them. They rent it from the carrier as part of the contract. And they are locked into that carrier (that is they only work with that specific SIM).

This is counter intuitive, given that the USA have all the hipe in freedom, competition and anti trust. Fact is that for the cell phone market they are among the less liberal countries. Not only the phone handset market is mostly tied to the phone carrier market instead of being totally separated as it is in all europe and in most other countries, but even the contracts they commonly have use strongly anti competitive lock-in practices. Like binding you for a preset contract duration. This is explained with "setup costs". But fact is that those costs are actually minimal for the carrier (the handset, is the real cost).

Here I own my phone (or phones). And can mix and match SIM cards and handsets. It is actually pretty common when one is out of battery to just pull the SIM out of the phone and borrow a handset from a friend for just a single call (as long as she removes her SIM and I place mine in her phone, the cost of the call is mine and I'm only "consuming" her battery).

Also I can get a new phone number and SIM for as low as a dozen euros (one euro is just a bit more than a dollar), and it includes anywere between 70% and 100% of the price in prepaid traffic (depends on the current promotions). There's no tie-in: i can give up the number any time.

Traffic is actually pre-paid. So the only tie-in is the amount of pre-paid traffic I put in the SIM at any given time. I personally tend to pre-pay in 50 euros chunks. But I know people that only reload 8 or 10 euros at a time. A couple of years ago I was abroad for 3 weeks and I knew I was going to place and receive several calls to/from within that country. I figured that it yould be stupid to pay full international roaming fees. So I just purchased a SIM card for 8 euros and then reloaded it once with 10 extra euros or traffic. I spent 18 euros total and placed more than 15 euros worth of traffic. If I did that much traffic with international roaming fees it would have costed me trice or more.

Back on topic, here when the phone get stolen there's no problem with the traffic itself. I can lock-out the SIM in no time (just call the company, tell them your SIM was stolen with your phone and they'd disable the SIM in no time. Later, if you decide to stay with the same company you can have a replacement SIM for a small fee. It'll have the same number and also the remaining pre-paid credit. So what you actually do loose is the phone itself.

Would the fingerprinting be usefull? I'm not sure. There surely is some way to "reset" the phone. And the players in the stolen phone market will know how to do it even before the phones actually hits the shops. Therefore I'm not sure how much it'll protect you. It may be usefull if you want to "keep secrets" form friends/partners/coworkers. You could safely go to the bathroom and leave the phone on the table without them seeing your call history, your SMSs and stuff. But that's just as far as it can probably go.

Speaking of fingerprints (0, Offtopic)

rogtioko (1024857) | more than 7 years ago | (#18021204)

In memory of the USS Maine.

Re:Speaking of fingerprints (1)

kfg (145172) | more than 7 years ago | (#18021984)

In memory of the USS Maine.

Andorra must finally pay! America needs to show that it can still kick European butt for home security and morale. Break the Axis of the Completely Helpless!

But, ummmmmmmmm, be sure to disable the Q-Bomb first this time.

KFG

Better security? (5, Insightful)

Niten (201835) | more than 7 years ago | (#18021220)

Of course it also means that someone is more likely to chop your hand off if they desperately want your data.

More realistically, you'd also have to worry about somebody lifting your fingerprint from, say, the phone itself, then using that to log in. The MythBusters did a segment [youtube.com] showing how easy it is to lift somebody's fingerprint, then use that print to defeat a scanner.

This thing isn't going to increase security, it's only going to increase convenience.

Re:Better security? (4, Insightful)

sporkme (983186) | more than 7 years ago | (#18021306)

You're absolutely right, but I would argue that it does not really even increase convenience. The last thing I need when my phone is ringing in a meeting, while driving, or at the dinner table is the horrific realization that I have forgotten to unlock the phone, and thus I must now meticulously subject myself to a fingerprint scan. Furthermore, many of us are negligent with proper care and handling of our cellphones. Until now that might result in a cracked outer screen or intermittently functioning button, but never in a total lock-out of an otherwise functional phone. So what happens when the reader is damaged? A hefty repair bill is what, and up to a month without that uber-vital super-secret data that just had to be protected with biometrics.

I have always felt that fingerprint scanning was ridiculous and cumbersome sci-fi, but real tests against this kind of security have shown that it is a waste of time and money. There is no replacement for properly managed and complicated password systems coupled with strong encryption. I regularly show friends and family how to create passwords that can be remembered but not guessed, and how to manage passwords that are outdated.

This reminds me of two prior /. stories. Bank employees merrily collected USB flashdrives that were scattered outside and proceeded to plug them [slashdot.org] into their terminals. Old cellphones purchased on eBay reveal secret data. [slashdot.org]

Re:Better security? (4, Insightful)

jrumney (197329) | more than 7 years ago | (#18021594)

The last thing I need when my phone is ringing in a meeting, while driving, or at the dinner table is the horrific realization that I have forgotten to unlock the phone

On every phone I have seen, you can answer incoming calls when the phone is locked. What you can't do is make outgoing calls, or browse through the phonebook, calendar and other personal information on the phone. I don't see any reason why this would change just because the authentication technology changed from a PIN to a fingerprint.

Re:Better security? (0)

Anonymous Coward | more than 7 years ago | (#18021934)

So what happens when the reader is damaged?

The same thing that happens when you assign a password to the phone and one of the buttons you need to enter the password stops working. You're screwed, but the designers try to make the sensor hard-wearing.

There is no replacement for properly managed and complicated password systems coupled with strong encryption.

Here's a scenario for you: Assume that you need to lock your phone. You then get a call and need to unlock your phone promptly in order to answer it. I propose that touching a fingerprint reader (requiring one press of your finger) would be quicker than entering any password longer than one character (requiring more than one press of your finger).

In other words, a 'complicated password system' would reduce usability, as well as being 'yet another password to remember'. Furthermore, GSM phones let you set a password but few people do; this may be because of this poor usability. If a more usable security system increases adoption, it increases security.

Why would one want to lock one's phone in the first place? Reasons include theft deterrence (no point stealing phones if all phones are locked), protection of personal data (previous calls list, text messages, photos, phone book), and to stop people making or receiving calls intended for you.

Re:Better security? (1, Offtopic)

Alioth (221270) | more than 7 years ago | (#18022114)

Please turn your phone off in meetings or while at dinner - and especially while driving! The former are merely being polite, the latter is not killing a motorcyclist because you were distracted by your phone. Incidentally, the latter - using a handheld phone wile driving, carries a £1000 fine here.

Re:Better security? (1)

gavink42 (1000674) | more than 7 years ago | (#18022278)

It might not be an increase in convenience. It probably isn't an increase in security. It's really an increase in consumer choice... and that's a good thing. Personally, I prefer entering a PIN to unlock my phone.

Depending on where the reader is, will determine how likely it is to be damaged. If it's inside of a flip phone, then it's probably safe. But because of the space required, it's more likely that it will be on the outside confronting keys and change in someone's pocket or purse. Hopefully, a phone with a fingerprint reader will *also* accept a PIN from the owner as a backup!

Re:Better security? (1)

wkk2 (808881) | more than 7 years ago | (#18022302)

If the fingerprint reader is damaged, just ask the cell phone provider to unlock or download the data. They probably wouldn't sell the phone without a back door (pin, puk, puk2, ...) :-(

On a related issue, does anyone make a mini-sd memory chip that can store pki certificates? I would really like to store my private key where it couldn't be extracted from my Nokia E61. This would reduce risks to only monitoring a "compromised" phone and maybe using it as a proxy. Bad guys could at least be kicked off if the phone is off line.

Re:Better security? (3, Insightful)

MobileTatsu-NJG (946591) | more than 7 years ago | (#18021458)

"This thing isn't going to increase security, it's only going to increase convenience."

Easy to defeat != no effect on security. Otherwise nobody'd lock their car doors. Afterall, it only takes a hammer to get in.

Re:Better security? (1)

Niten (201835) | more than 7 years ago | (#18021562)

You're correct in that even this is better than no security at all. However, what I (and the summary) meant by "increase security" was security with respect to the traditional method of locking one's phone, which is with a PIN or a password of some kind. In that sense, this system will not increase security, as fingerprint authentication systems are demonstrably less secure than a well-chosen password.

Re:Better security? (1)

sporkme (983186) | more than 7 years ago | (#18021586)

Doors locked < The Club < in the garage < leave some shotgun shells on the dash.
Fingerprint scanner < lock phone with PIN < lock phone with password < don't put secret data in an easily compromised system.

When it comes to security, this idea is both neat and worthless. And yes, when I go backpacking I leave some shotgun shells on the dash of my truck. All other things being equal, thieves will take the Prius.

Re:Better security? (1)

thelamecamel (561865) | more than 7 years ago | (#18021490)

A while back I was speaking to someone who was developing this sort of technology, who told me that his company (and presumably many others) don't look at the actual fingerprint visually, but probe slightly further into the finger. So fingerprint reproduction won't work on that technology, and he claimed that it could even tell whether the finger was connected to a body or not.

Re:Better security? (2, Interesting)

jrumney (197329) | more than 7 years ago | (#18021642)

When biometric technology was new, it was expensive, and the only customers were military and other high security installations who are always looking for ways to increase the perception of security, if not the actual security. So technology to measure pulse, body temperature etc was built into the scanners from an early stage, to counter the sci-fi movie ideas of cutting off fingers, ripping out eyeballs etc to get around the biometric security.

More recently though, there has been a drive to cut costs and minaturize the scanners so they can be included in laptops and phones. I wouldn't be surprised if these scanners were susceptible to some of these basic attacks, perhaps even allowing access to 2D reproductions of a fingerprint, which is the most likely exploit to be tried.

Nice way to get everyone's finger print on record (3, Insightful)

Pizaz (594643) | more than 7 years ago | (#18021240)

I mean really, what's the guarantee that your fingerprint data wont be uploaded through the network and stored in a big database somewhere?

Re:Nice way to get everyone's finger print on reco (1)

Sinryc (834433) | more than 7 years ago | (#18021322)

Time to put on the tinfoil hats! No, its the fact that in order to do something like your thinking, you need all the proper permission... unless you already think that "The Man" will do what it wants, no matter what.

Re:Nice way to get everyone's finger print on reco (1)

Niten (201835) | more than 7 years ago | (#18021462)

Frighteningly, I don't think there's that great a difference, in terms of technical feasibility, cost of implementation, or legal dubiousness, between the NSA clandestinely spying on the private conversations of U.S. citizens by the aid of AT&T and others; and that same agency, hypothetically, collecting fingerprint data from consumers by the aid of whichever cellular carriers will offer this phone.

It may seem improbable, but we've already seen equally grievous government intrusions into personal privacy. Such a scenario would honestly just be more of the same at this point.

The Man (2, Insightful)

Dystopian Rebel (714995) | more than 7 years ago | (#18021782)

unless you already think that "The Man" will do what it wants, no matter what


Fortunately for democracy in the USA, The Man is strictly limited in what He can do by the Patriot Act.

If it works as badly as Lenovo's... (1)

istartedi (132515) | more than 7 years ago | (#18021272)

If it works as badly as Lenovo's scanner, fuggedaboutit. I didn't really ask for one, but it came with my Lenovo and I thought it would be interesting to try. Sure enough I could not log in without a successful scan, but it usually took 5 or 6 tries. I disabled it after a couple days.

As for losing your hand, well, I would think that most criminals would not risk the much higher penalty for doing that, not to mention the much tougher fight most people would put up. I've also heard scanners have an even harder time working with a dead finger, although I have no idea how they tested that. Anyway, score one for techno-luddites like myself--my cell phone is just a phone. They would get my contact list and a few hours of service until I have the account canceled. Big deal.

Re:If it works as badly as Lenovo's... (1)

zuiraM (1027890) | more than 7 years ago | (#18021456)

If someone's actually willing to chop of your finger or hand, are you really going to give them a hassle about it?

I mean, come on, what do you think your subjective evaluation of their willingness to go further would be in that situation?

Especially given how they're not likely to be stupid enough to try something like that without a weapon to threaten you with, or multiple assailants at the same time. Just consider the fact that they're going to have to bring something to actually get it off with. At the very least a knife or a pair of pliers. The former will cut or stab, the latter will stab or bludgeon. And at this point, they thus have a weapon out either way, and you don't: otherwise, they wouldn't be discussing the amputation, now, would they?

Re:If it works as badly as Lenovo's... (3, Insightful)

Dunbal (464142) | more than 7 years ago | (#18021600)

If someone's actually willing to chop of your finger or hand, are you really going to give them a hassle about it?

      You bet.

      What, are you just going to "do what the gun says"? Your best chance is to try to get away. Who says they're not going to kill you, if they're willing to cut your finger off. Why leave a witness alive?

Re:If it works as badly as Lenovo's... (1)

maxume (22995) | more than 7 years ago | (#18022044)

Who says they are going to ask? I figure someone willing to cut off you finger is quite willing to kill you first, without bothering to ask how you feel about it.

Somewhat relatedly... (1)

KKlaus (1012919) | more than 7 years ago | (#18022158)

Interestingly enough, in nearly all states the penalties for kidnapping equal or exceed the penalties for murder (particularly if it's not first degree). So the same goes for if someone is trying to kidnap you... there's no compelling for them to leave you alive, and in fact there are a lot of compelling reasons for them not to, so you should do your best to escape. Not that that will probably ever be useful information for any of us, but it is somewhat interesting (at least imo).

Cheers.

Re:If it works as badly as Lenovo's... (1)

sporkme (983186) | more than 7 years ago | (#18021638)

I would just put said finger in the jamb of a door and kick it shut. Just saying. I mean, the data are so valuable that they went to the expense of biometrics! zomg

Re:If it works as badly as Lenovo's... (1)

AMindLost (967567) | more than 7 years ago | (#18021498)

I've got one of the Lenovo laptops with the fingerprint scanner as well. There does seem to be a knack to it, although I can now always log in with the first or second attempt, usually the first. The knack seems to be to be a quite slow and smooth slide across the scanner. I'm pretty sure Lenovo only put it on their notebooks so that people can gasp at our "secret agent" laptop:)

Re:If it works as badly as Lenovo's... (1)

butlerdi (705651) | more than 7 years ago | (#18021932)

Much easier on a laptop. We beta tested handhelds with fingerprint scanners and it is really difficult to get a good read while trying to position the device and finger properly. Also when phone is ringing you are generally trying to access the call as quickly as possible. Even the Compaq PDA's were a pain, on smaller devices this is just frustrating..

gummy bears (3, Informative)

MillionthMonkey (240664) | more than 7 years ago | (#18021284)

That stuff they make gummy bears out of is great for making fake fingerprints [theregister.co.uk] using someone's latent print, some crazy glue, a digital camera, Photoshop, a transparency sheet, a photo-sensitive PCB, and gummy bear gelatin. You can destroy everything but the gelatin, break into a facility that uses a fingerprint reader for security, and then eat the last bit of evidence.

Already Existing Technology? (2, Informative)

Poptarts (586182) | more than 7 years ago | (#18021290)

If I'm not mistaken, this technology has already been implemented in some Japanese phones. I recall seeing it advertised on the http://www.nttdocomo.com/ [nttdocomo.com] website more than a year ago. Other features at the time included what equates to our PayPass, except that it was inside your cell phone. Another more widely used feature was the barcode scanners that would allow you to take a picture with your phone's camera of a square-shaped barcode that could be found on many advertisements and products and then find more information using the phone's web browser. Perhaps I misread the website a long time ago, but I'm pretty sure some other phone has already been released with that capability.

But I Have (0)

phalse phace (454635) | more than 7 years ago | (#18021310)

No fingers, you insensitive clod!

Re:But I Have (0)

Anonymous Coward | more than 7 years ago | (#18021380)

If you have no digits, what use do you have for a phone?

Re:But I Have (0)

Anonymous Coward | more than 7 years ago | (#18021820)

How did you write that, then?

Backdoor? (4, Insightful)

VincenzoRomano (881055) | more than 7 years ago | (#18021320)

Almost all phones have backdoors that can be used easily without opening the phone itself.
All of them can be "cracked" by opening the case.
Both are available for repair centers (and hackers as well).
So if someone really needs your data, he will get them, with or without your chopped finger!

Re:Backdoor? (1)

jrumney (197329) | more than 7 years ago | (#18021688)

Some phones are starting to encrypt their storage, so breaking into them through the servicing routes is not going to get you much information. Windows Mobile 6 will encrypt any external storage card [zdnet.com] if configured to, for example.

Re:Backdoor? (1)

VincenzoRomano (881055) | more than 7 years ago | (#18021810)

Data encryption on a cellphone cannot be too powerful as the computing resources are quite scarce while access speed is important.
Moreover some algorythms [slashdot.org] have been proven to be breakable.
I still think finger prints on cell phones is just marketing buzz.

I'll buy one (1)

stupendou (466135) | more than 7 years ago | (#18021336)

I think Toshiba is breaking new ground with this phone and its release is likely to start a trend. The need for security is actually higher for a mobile handset than for a laptop, as they get lost far more often.

And despite the various comments about cutting off fingers and lifting fingerprints, have we seen much of that in the laptop world? No. Will it happen one day? Maybe.

I've seen this phone at 3GSM, and the other point that is missing is that the fingerprint reader can also be used as a navigation device, both for menus on the phone itself as well as for a PC in close proximity. At 3GSM they are showing the phone controlling a powerpoint presentation on a laptop.

Very cool!

Re:I'll buy one (2, Insightful)

DrSkwid (118965) | more than 7 years ago | (#18021362)

> The need for security is actually higher for a mobile handset than for a laptop, as they get lost far more often.

So why carry unencrypted sensitive data on them ?

Re:I'll buy one (1)

stupendou (466135) | more than 7 years ago | (#18021384)


Why indeed? Encrypt it if you're worried, or for most people, just let the fingerprint unlock the phone so even unencrypted data is somewhat protected.

It's not a Lawgiver! (1)

DrSkwid (118965) | more than 7 years ago | (#18021936)

I still don't understand why you think my phone needs more security than my laptop per se. If I think I'm going to lose something often then I should assume I am going to lose it at any moment ergo I should make sure it's notionally disposable. Even my ancient Pentium III T23 laptop would cost me more to replace than my brand new Nokia so why does it need a biometric. It's not a Lawgiver!

Re: It's not a Lawgiver! (1)

stupendou (466135) | more than 7 years ago | (#18022230)

I was speaking in generalities, not your specific case. Obviously, the need for security is related to the pain in losing the device, and I agree that pain has to do with the sensitivity of the data you choose to store on it.

Given that both these models are business phones, users are likely to have sensitive emails and passwords stored on them. If you assume those passwords allow access to corporate databases and other secrets, one can make an argument for these devices containing information that is as valuable as that stored on a laptop.

Therefore, since the devices are easier to lose, the need to protect them is greater.

Re:I'll buy one (1)

ChameleonDave (1041178) | more than 7 years ago | (#18022008)

There are 11 types of people in the world, those who know binaries and those who don't.
Surely there are two (10) types of people, not three (11).

yeah (2, Informative)

DrSkwid (118965) | more than 7 years ago | (#18022082)

*surely* there's only *one* binary

congratulations, you're number 3 (0100) not 2 (0011) or 1 (0001)

to feel the need to correct me

because you can't avoid it (1)

RMH101 (636144) | more than 7 years ago | (#18022266)

...on a work mobile, the contacts in your phone book may be, and probably are, sensitive. Have a look at your own - have you got direct dial numbers, names, departments etc that could be used by a social engineer?

Oh dear, where do I begin.. (2, Interesting)

cheros (223479) | more than 7 years ago | (#18021624)

Groan. Here we go again..

I think Toshiba is breaking new ground with this phone and its release is likely to start a trend.

I most certainly hope not, for reasons stated below.

The need for security is actually higher for a mobile handset than for a laptop, as they get lost far more often.

The need for protecting an asset has little to do with the frequency or potential for loss, more with the information that would be lost or compromised (different facets with different ratings) and that is a very personal assessment. The Paris Hilton hack was very dangerous because her Sidekick contained personal numbers for people that have to fight hard as it is to have some sort of private life and security, but a Mr Average phone is not going to hold data of sufficient value to offer up irreplacable body parts for. You can replace a phone, you can replace numbers but you can't replace a cut off finger (given the likely conditions under which the amputation would occur you can give up any hope on re-attachment as well).

And despite the various comments about cutting off fingers and lifting fingerprints, have we seen much of that in the laptop world? No. Will it happen one day? Maybe.

In laptop world the fingerprint scanner is (a) a relative new device and (b) not working so well, so thankfully most people don't use it. Also, most laptops are removed without the users' knowledge because it's often important to have some time before the theft is discovered (in case of targeted theft) and (using Windows) breaking into the unencrypted device is just a matter of booting up from a CD.

Now imagine a world where biometrics are the ONLY way to gain access - at that point you will lose the option to give in under threat and provide a password - your finger WILL be used, with or without you inconveniently attached to it. It can get even worse: with passwords it requires on your collaboration so there's an interest in keeping you alive. With biometrics-only devices an assailant has the wonderful option of killing you first, then using your chopped off digit in the comfort of his own place with a nice cold beer. That's quite a handy option for them because it stops you from becoming a risk later.

So, with implementing biometrics I would ask the Clint Eastwood question: "Do you feel lucky?".

Re:by opening your mind (1)

stupendou (466135) | more than 7 years ago | (#18021718)

Millions of laptops are sold with fingerprint scanners nowadays.
How many people do you know who have had their fingers cut off to access data?
How many people have had their eyeballs popped out to fool retinal and iris scanners?

Most thieves look for convenient opportunities rather than bloody, messy, longer jail-sentence crimes.

And if you insist on fast-forwarding to a future where biometrics are the ONLY way to gain access, why do you assume no one in the future will solve the problem of cut-off fingers fooling a scanner? C'mon!

Re:by opening your mind (0)

Anonymous Coward | more than 7 years ago | (#18021968)

why do you assume no one in the future will solve the problem of cut-off fingers fooling a scanner?

Um, because it's already been solved. Fingerprint readers on computers and door locks have proven trivial -read that word again: trivial- to crack, usually with minor effort easily within the reach of the most common criminal. All it takes is access to a xerox copier or some candy. Look up the Mythbusters episode referenced in some other posts. The professionals are even better at it.

In NO shape or form should a fingerprint reader be considered an effective security tool. It's absolutely worthless, a statement I don't make lightly. The only thing worse than having NO security is having something you THINK is secure and relying upon it, when it's actually totally insecure.

Biometrics have a long way to go to fulfill the promises that have been made about them. So far, it's mostly hype and bull and huge powerpoint presentations about how it's unbreakable and will change the world. Meanwhile unskilled people on a TV show bust it wide open in under two minutes, on their first try, without any particular skill in B&E or security. With cameras rolling.

If this embarrassment by TV amateurs is annoying, imagine what the professionals crooks can do with these locks.

Go find that video. Watch it.

Sobered up yet? If you're not swallowing hard and turning several shades paler, you're in the wrong business.

The moral is simple: to get past security, you only need to attack the weakest point in the fence. Nobody can devise a system without weak points.

Give him a hand? (3, Funny)

MarkRose (820682) | more than 7 years ago | (#18021346)

If someone wants to chop my hand off to use my cell, well, I'll just give him the finger!

Nothing new! (3, Interesting)

KNicolson (147698) | more than 7 years ago | (#18021360)

My wife's phone from three years ago had one. It also incorporated a dog game/simulator, and one of the ways to make the dog happy was to get your fingerprint swiped in order to pet the dog.

Now, what is new and interesting is the 813SH for Biz [gearfuse.com] which has a remote control data destruct option, or even the slightly older P903i which comes with a wireless DES dongle [msn.com] that locks the phone once it gets out of range.

Old news (0)

Anonymous Coward | more than 7 years ago | (#18021408)

How is this new? My (Japanese) Docomo phone from 2005 has a fingerprint reader. I use it frequently.

Re:Old news (1)

stupendou (466135) | more than 7 years ago | (#18021496)

The difference is that one didn't work very well, drained battery power if used often, and probably didn't have navigation capability.

Re:Old news (0)

Anonymous Coward | more than 7 years ago | (#18022054)

thanks, that was very boollshit of you.

Re:Old news (0)

Anonymous Coward | more than 7 years ago | (#18022222)

You obviously have no idea what you're talking about.

What happens if the scanner breaks? (3, Interesting)

antifoidulus (807088) | more than 7 years ago | (#18021434)

I asked this at a research conference once(it was about mobile phone security as well) and the researcher, who had drawn out all these equations showing how wonderful the fingerprint security was couldn't answer me. For a device like a mobile phone that tends to get tossed around and abused a lot, I wouldn't imagine that the scanner breaking would be all that rare of an occurence. However, the researcher just said that if the fingerprint scanning device was broken, then you could use a password instead, of course this was after he spent the first 5 minutes of his presentation telling us how passwords were insecure. Assuming that passwords are insecure, wouldn't the first thing an attacker does when getting the phone be to smash the fingerprint scanner? Then what was the point?

Re:What happens if the scanner breaks? (1)

eddy (18759) | more than 7 years ago | (#18021520)

I'm no big fan of biometrics, but I believe the idea is that you can have a way longer password than you'd usually have, probably written down somewhere at home instead of memorized, because you'd only use it on "rare occasions" where the convinent biometrics break down.

Again, I don't buy into biometrics, especially not as a single-point of "security", but that's how I'd expect a vendor to defend himself against your argument.

Re:What happens if the scanner breaks? (1)

justinlee37 (993373) | more than 7 years ago | (#18022020)

"probably written down somewhere at home instead of memorized"

Looks like your biometrics just made your password less secure. Zounds!

Re:What happens if the scanner breaks? (1)

eddy (18759) | more than 7 years ago | (#18022128)

If the person stealing the phone is in my house and able to go through my paperwork in search of a password, I believe I have bigger problems to worry about than losing a few dollars in non-authorized phone calls.

Personally, I have almost all my passwords written down in PasswordSafe. That's the best option I've found, given that I can't memorize 200 good passwords.

What happens if you lose fingers and hands? (1)

antdude (79039) | more than 7 years ago | (#18021564)

Hey, it can happen. :)

Re:What happens if you lose fingers and hands? (1)

youthoftoday (975074) | more than 7 years ago | (#18021848)

You wouldn't be able to complain, so your view wouldn't be heard and you couldn't prove that you exist. The antecedent to this surely must be that fingerless handless people *do not exist*.

Re:What happens if you lose fingers and hands? (1)

laejoh (648921) | more than 7 years ago | (#18022232)

Without hands you wouldn't be able to hold your phone, so forget about scanning your finger, duh!

you always have your password (1)

Shivetya (243324) | more than 7 years ago | (#18021874)

I have one of these scanners on my laptop. Its great. I have a nice complex password for access that I can skip simply by scanning a finger. I like the convienence. Do I think its anymore secure? Not in the least.

Its better for me that using a usb key or such, I am not going to lose my finger

Re:you always have your password (1)

digitig (1056110) | more than 7 years ago | (#18021922)

There is one sense in which it is more secure. I don't have to worry about anybody looking over my shoulder to see my password if I'm scanning my finger.

This could be good in some situations... (1)

therufus (677843) | more than 7 years ago | (#18021466)

Like if you have kids that use your phone all the time. Or if you leave your phone in the office and don't want people using it to make calls when you're out. Or even the sheer fact that it will act as a deterrent for your average thief.

Not everyone has military grade secrets on their phone, but a vast majority of people who will steal mobile phones won't be interested in the numbers/sms/etc on the phone anyway.

Granted, if people want your info, they will get it.

Re:This could be good in some situations... (1)

Tanuki64 (989726) | more than 7 years ago | (#18021566)

Or if you leave your phone in the office and don't want people using it to make calls when you're out.
People like that deserve whatever is done with their phone. Preferably long and very expensive phone calls. Constantly ringing cell phones are always an annoyance, but leaving it lying around in an office without being able to take calls as fast as possible, so that colleagues are bothered by the ringing, should be considered harassment at work.

Re:This could be good in some situations... (1)

therufus (677843) | more than 7 years ago | (#18021670)

Maybe where you work. Where I work we all put our personal phones on silent when we're at work. So an annoyance they are not. Fingerprint ID would be handy though.

fingerprint recognition (2, Informative)

Elusive_Cure (645428) | more than 7 years ago | (#18021482)

as i have previously mentioned in an older post, i used to participate in a reasearch at my uni for a major mobile phone company (sony ericsson) for the implementation of fingerprint recognition on cell phones and other mobile devices (PDAs,notebooks,etc). Personally i preffer the fingerprint sollution rather than the RFID one because the phone's security is up to you and not as "hollow" as RFID can be by the use of reverse engineering. It's simple, if your phone is stolen the perp needs to have your thumb or else the phone is just another piece of garbage. You cannot reverse engineer a fingerprint simply because you cannot have a clue on how the actual fingerpint is shaped, while the scanning software is something very ubiquitous and tough to be "hacked" by someone who hasn't got a clue of the scanning algorithms.

Re:fingerprint recognition (1)

strider44 (650833) | more than 7 years ago | (#18022040)

Not sure about that. It's been repeatedly shown that fingerprint readers aren't secure and can be broken trivially. Not only this but they are unreliable with plenty of false-negatives. The biggest practical problem though is that you're moving the danger from something mostly harmless to lose (your phone) to something stupidly horrific to lose (your finger or even your hand). You need to think of what you're protecting here - I'd rather have the phone in danger than a finger.

Biometrics have never been really that practical.

Re:fingerprint recognition (1)

RMH101 (636144) | more than 7 years ago | (#18022286)

"You cannot reverse engineer a fingerprint simply because you cannot have a clue on how the actual fingerpint is shaped" - unless of course you have a handy source of copies of the owner's fingerprints ALL OVER THE PHONE CASING ALREADY!

Severed digits (1)

jimbob666 (1050308) | more than 7 years ago | (#18021554)

Of course it also means that someone is more likely to chop your hand off if they desperately want your data.

Only if the scanner can read cold severed digits! :)

Re:Severed digits (1)

Tony Hoyle (11698) | more than 7 years ago | (#18021938)

Warm the finger up by, say, holding it in your hand for a while.

I very much doubt a scanner can tell the difference between a warmed up finger and a living one.

Heck, they can't tell the difference between a finger and a gummy bear at the moment...

Re:Severed digits (1, Insightful)

Anonymous Coward | more than 7 years ago | (#18022028)

Of course it also means that someone is more likely to chop your hand off if they desperately want your data.

Only if the scanner can read cold severed digits! :)


And when the guy with the big knife finds out that it can't, do you think he is going to give you back your hand?

It's all about choice (1)

squoozer (730327) | more than 7 years ago | (#18021630)

May I be about the only person here to say that this sounds like a good idea. Fair enough it's not secure enough to protect your uber secret data but realistically how many of use are carrying information that is that vital in our mobile phone? What most of use want the password for is to make our phone virtually worthless if stolen. If you are carrying around data that is very important then I would suggest so other form of encryption.

It's also a scroll bar (1)

giafly (926567) | more than 7 years ago | (#18021774)

... the fingerprint scanner also doubles up as a touch-sensitive scroll interface that lets you scroll down emails, menus or Web sites simply by sliding your finger over it. While it may seem strange to have the scanner on the back, it's actually quite well placed because your fingers are on the back of the phone when you're holding it.
This sounds a more sensible use and kudos if they didn't patent [slashdot.org] it.

Tiny flaw (1)

kahei (466208) | more than 7 years ago | (#18021788)


I don't know that people would need to chop your hand off to get your data. I mean, all they'd need would be your fingerprint. But where would they find that? Oh, wait, they already have your LOVELY SHINY PLASTIC PHONE THAT YOU TOUCH WITH YOUR FINGERS AND THAT HAS FINGERPRINTS ALL OVER IT.

So I'm a little skeptical. Another thing that makes me skeptical is that I've worked with lots of devices that require fingerprint scans, and honestly for the tiny amount of security they add the inconvenience is so huge that they're usually the first thing to go if anyone gets the chance to make changes. They can be effective for licensing (making sure the person to whom information is licensed has to actually be there when it is read) but how many other types of security issue depend on a bad guy having physical access to the machine -- yet not being able to [tamper with / fool / reboot and remove the driver for] the fingerprint scanner?

finger or pine code (1)

deadlocked (864900) | more than 7 years ago | (#18021816)

I'd rather have my finger chopped off than terrorized for my pin code!

Actually, if your phone or the content in the phone is that valuable, then you deserve your finger chopped off

mod uP (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#18022096)

else up their aases Become obsessed

Hmm (1)

Fist! Of! Death! (1038822) | more than 7 years ago | (#18022148)

If this type of technology on mobile devices becomes widespread you can bet that it will eventually be used to boost fingerprint databases for law enforcement. To be honest I cannot decide whether that is a good or a bad thing - intelligent criminals (the type who maniacally stroke fluffy white cats) would probably easily find a way to fake their record, but finding a hit on a fingerprint would at least narrow a search for the police.
CSI directors I am sure will have this in a script in the near future...

Ok what if I'm wearing gloves..... (0)

Anonymous Coward | more than 7 years ago | (#18022188)

..or worse yet my fingers are injured enough that the scanner won't recongnise
my thumbprint? Then what?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...