Well, that is not creepy at all. Though, I am really not surprised. There are all kinds of interesting ways to get information that you think you should not be able to. Many many years ago when USB was "new-ish" there was research done that showed that if you tapped the power (ground) to a house with a older PC with a USB keybaord you could (in some cases) actually read the keys typed on the keyboard of the computer over the power line because of how the USB bus was wired and the lack of filtering on the line. Crazy stuff but.. yeah.
Archive: https://archive.today/IXgPz
From the post:
"An interesting new attack on biometric security has been outlined by a group of researchers from China and the US. PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound [PDF] proposes a side-channel attack on the sophisticated Automatic Fingerprint Identification System (AFIS). The attack leverages the sound characteristics of a user’s finger swiping on a touchscreen to extract fingerprint pattern features. Following tests, the researchers assert that they can successfully attack “up to 27.9% of partial fingerprints and 9.3% of complete fingerprints within five attempts at the highest security FAR [False Acceptance Rate] setting of 0.01%.” This is claimed to be the first work that leverages swiping sounds to infer fingerprint information."
Well, that is not creepy at all. Though, I am really not surprised. There are all kinds of interesting ways to get information that you think you should not be able to. Many many years ago when USB was "new-ish" there was research done that showed that if you tapped the power (ground) to a house with a older PC with a USB keybaord you could (in some cases) actually read the keys typed on the keyboard of the computer over the power line because of how the USB bus was wired and the lack of filtering on the line. Crazy stuff but.. yeah.
Archive: https://archive.today/IXgPz
From the post:
"An interesting new attack on biometric security has been outlined by a group of researchers from China and the US. PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound [PDF] proposes a side-channel attack on the sophisticated Automatic Fingerprint Identification System (AFIS). The attack leverages the sound characteristics of a user’s finger swiping on a touchscreen to extract fingerprint pattern features. Following tests, the researchers assert that they can successfully attack “up to 27.9% of partial fingerprints and 9.3% of complete fingerprints within five attempts at the highest security FAR [False Acceptance Rate] setting of 0.01%.” This is claimed to be the first work that leverages swiping sounds to infer fingerprint information."
(post is archived)