Set as Homepage - Add to Favorites

【1080p Archives】

Source:Pursuit Information Network Editor:Entertainment Time:2025-06-26 08:11:01

Researchers at the German IT Security company SySS GmbH successfully fooled the Windows 10 facial recognition system by using a printed photo of the user's face.

Their spoofing efforts were published080p Archivesthe cybersecurity site Seclists on Dec. 18. The cybersecurity experts bypassed Windows Hello -- which is Microsoft's password-free security software -- on both a Dell and Microsoft laptop running different versions of Windows 10, which is cause for concern for anyone using this feature to log into their account.

SEE ALSO: This nasty Android malware caused a phone to overload and bulge

Deceiving Windows 10 didn't take too much effort. It just required "having access to a suitable photo of an authorized person" to "easily" bypass the system, wrote the experts. The photo required is the full image of someone's face -- so if someone really wants to attempt to deceive the facial recognition system, the barriers aren't too great.

Similar to Apple's Face ID, it might be wise to view Windows Hello as a convenience feature, not a security feature.

Similar to the iPhone X's Face ID camera, Hello Windows uses an infrared camera (either built-in the or added separately) to recognize the unique shape and contours of a face before granting or denying access to a Windows account. But a flaw was found, specifically "an insecure implementation of the biometric face recognition in some Windows 10 versions."

They show their work below:

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

Many -- but not all -- Windows versions are vulnerable. In 2016, Microsoft included a new feature called Enhanced Anti-Spoofing to limit this sort of picture trickery. But even if this feature is enabled in your Windows settings, the researchers found a way to bypass the facial recognition system that ran older Windows versions, such as a Microsoft Surface Pro 4 device running 2016's Windows 10 Anniversary update, for instance.

However, the SySS researchers found that two new Windows versions, 1703 and 1709, are not vulnerable to their most simple spoofing attacks (using a printed photograph) if Enhanced Anti-Spoofing is enabled.

Their ultimate recommendation: Updating to Windows 10 version 1709, enabling anti-spoofing, and then having Windows Hello reanalyze your face.

If this sounds unappealing or risky, you can always go back to using a (not dumb) password. Infrared facial recognition in consumer applications is still relatively new, so flaws should be expected.

Similar to Apple's Face ID, it might help to view Windows Hello as a convenience feature, not a security feature.

Mashable has contacted Microsoft for comment and will update this story upon hearing back.

Featured Video For You
Here's how someone can track your location for $1,000

Topics Cybersecurity Windows

Previous:Watch how an old Venus spacecraft tumbled before crashing to Earth

Next:Every MCU movie villain ranked, from "Iron Man" to "Thunderbolts*"

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

What the new Snapchat update gets right about social mediaFeds want to take Martin Shkreli's $2 million WuInstagram might be testing new features for 'close friends'Feds want to take Martin Shkreli's $2 million WuAmazon is bringing Alexa to the workplaceBeyoncé and Ed Sheeran's first duet is delightful and cheesyA new Pokémon Cafe is opening up in TokyoDisney will remove the 20Mom and son's 'History of Dance' routine will get you movingGoogle is being sued for allegedly planting secret cookies on 5.4 million iPhone users2018 will be the year cinema starts responding to the Trump electionPopular theory: 'Super Mario Odyssey' is noir as hellAlyssa Milano vs. Ajit Pai is the net neutrality fight we need right nowAmazon's Alexa will now help you out in 'Destiny 2'Harry Potter new editions contain errors thanks to fake J.K. Rowling tweetsGoogle is being sued for allegedly planting secret cookies on 5.4 million iPhone usersHere's your exclusive look at the 2018 gay agendaAmazing new photo of Jupiter makes the planet look like a paintingJimmy Kimmel comes for Roy Moore and his 'Christian values' with one perfect tweetApple will go red for World AIDS Day Nintendo confirms unauthorized access of 160,000 accounts New Harry Potter LEGO sets rep 'Phoenix' and 'Half Hubble Telescope's 30 Jinx, buy me a Coke: Unpacking one of Jim and Pam's greatest 'Office' episodes Stressed? Train your body and mind to have multiple orgasms Trail cam catches a young deer playing like a little kid Gymder is a weird app that'll help you find a 'workout buddy' 'Gears Tactics' is good, but now is not the time: Review Twitter comedian Mike Huckabee burns CNN with 100% flawless joke Twitter quietly deletes millions of accounts from the old text message days Zoom has more than 300 million users now, with just 10 million at 2019's end Trump bars U.S. media from White House meeting, but lets in Russian photographers Privacy experts reviewed popular video It's time to watch all the TV shows you've been putting off forever Zoom hackers are spoofing HR meeting invites to steal user login info Apple to reopen many of its stores in May, report says Netflix's 'Never Have I Ever' is irresistible, important, and funny as hell: Review James Comey found out about his firing just like you did 5 strange truths revealed by NYC's new dog name database LG's stylish Velvet smartphone is arriving in early May

2.1697s , 10131.5 kb

Copyright © 2025 Powered by 【1080p Archives】,Pursuit Information Network  

Sitemap

Top

Quick Links