Fingerprinting-Testseiten suggerieren oft, dass man eindeutig erkennbar ist. Das ist allerdings nicht entscheidend, sondern ob man über Surf-Sessions hinweg wiedererkennbar/verfolgbar ist. Der Tor-Browser, Mull oder auch Brave schneiden hierbei gut ab. Am Ende gilt aber auch: Lasst euch nicht verrückt machen. 😉
Wie wird der Fingerabdruck unter Android gespeichert? Ist das sicher? Kann dieser ausgelesen werden? Was ist nun besser Fingerabdruck oder PIN/Password? Dies und mehr unter 👇
If you want #fingerprint support with #LightDM you can uninstall lightdm-gtk-greeter and instead install slick-greeter which is an alternate front end to LightDM. You can get GUI settings with lightdm-settings, but the settings file is super simple to use.
As long as sudo uses your fingerprint, this will too.
#GNOME allows you to configure login via #fingerprint on supported devices instead of a password. Security issues aside, this has a bit of a "meh" experience when using the #GnomeKeyring which still requires unlocking via password.
Most OSes I know handle this differently and thus also side-stepping the problem by asking for a login password but allowing you to unlock the screen afterwards using fingerprints. Any GNOME or #PAM experts here who know how to configure something similar?
Aaaaaaaaaaaaaaaaaaaaaaah
Ist das gruselig...und wieso glaub ich das wir das in 2 Jahren auch haben? Nachdem schon einige ihre Apple/Google Wallet zum zahlen nutzen...wie viel fehlt dann noch dazu?
“Microsoft’s Offensive Research and Security Engineering (MORSE) asked us to evaluate the security of the top three #fingerprint sensors embedded in laptops and used for #Windows Hello fingerprint #authentication. Our #research revealed multiple #vulnerabilities that our team successfully exploited, allowing us to completely bypass Windows Hello authentication on all three laptops.”
Sure, the #23andMe leak was bad, but seriously, if people are afraid that something bad might happen if their #DNA got leaked, I wonder whether they really honestly believe that their DNA is a "secret"?
Just like fingerprints, you leave your DNA everywhere you go.
It has never been a problem for suitably motivated and resourced actors to get your DNA. Or #fingerprint. Unless you are extremely motivated to keep both secret, but in that case you wouldn't have used 23andMe, would you?
"'"There's a decent number of laptops with #fingerprint readers that are supported by #Linux, and #Gnome has some nice integration to make use of that for authentication purposes. But if you log in with a fingerprint, the moment you start any app that wants to access stored passwords you'll get a prompt asking you to type in your password, which feels like it somewhat defeats the point. Mac users don't have this problem […] Why the difference?"'"
Is there some project/coordination on the #Linux desktop space how to deal with #fingerprint login and biometric logins? Currently, enrolling a fingerprint e.g., in #GNOME, will enroll it for sudo, logging in (the keychain is still locked though...) and unlocking the screen.
Most devices (Android, iOS, macOS, ...) will not allow using fingerprint logins for the initial login/boot but only for unlocking the screen afterwards. A similar approach on the Linux desktop would also easily fix the "I logged in via fingerprint but still need to unlock my keychain using my password so what's the point"-issue.
With last update for Windows privacy was much enhanced. It passes now FAU's fingerprint test. The Android variant passes it already for a longer time. https://browser-fingerprint.cs.fau.de/
What we need is a stable, minimalist Debian VM with Firefox that EVERYONE uses. No protection, just reset the VM every time you close it. It's protected by virtue of being SO vanilla
Das Anti-Fingerprinting beim Surfen funktioniert in der Regel durch kleine Änderungen von Parametern (Auflösung, Sprache, Schriftart), so dass entweder viele verschiedene Fingerabdrücke für denselben Browser erzeugt werden oder derselbe Fingerabdruck für viele verschiedene Browser erzeugt wird. Brave erzeugt bspw. viele verschiedene Fingerabdrücke. Der Tor-Browser hingegen bemüht sich um Einheitlichkeit. Beide Varianten können Fingerprinting verringern/reduzieren.
Fingerprinting-Testseiten suggerieren oftmals, dass man eindeutig erkennbar ist. Das ist allerdings nicht entscheidend, sondern ob man über Surf-Sessions hinweg erkennbar/trackbar ist. Das wäre bzw. ist dann problematisch.
Samsung Unveils World’s First OLED Display With Built-In Fingerprint and Blood Pressure Sensing Anywhere Across The Screen
Samsung Display has unveiled a new generation of OLED panel that it says can recognize fingerprints anywhere on the screen and even check the user’s heart rate, blood pressure, and stress levels using multiple simultaneous finger readings.
Here’s how long it takes new #BrutePrint attack to unlock 10 different smartphones
Researchers have devised a low-cost #smartphone attack that cracks the #authentication#fingerprint used to unlock the screen and perform other sensitive actions on a range of #Android devices in as little as 45 minutes. #privacy