Kprawn
Legendary
 Offline
Activity: 1904
Merit: 1073
|
 |
August 14, 2016, 06:43:07 PM |
|
Not a good idea.... We had a biometric scanner system linked to our payroll system... you clock in and out with a finger print scanner.. but some of the guys { those who did handyman jobs and work with their hands a lot } had problems with the system not recognizing their fingerprints. The other problem --> People will know that your finger print is the way to access your money and they would simply force you, with violence to give up your money.. A password memorized and written down as a backup in a safe place, will never be trumped by Biometrics.  |
|
|
|
|
|
|
|
|
|
|
|
|
Make sure you back up your wallet regularly! Unlike a bank account, nobody can help you if you lose access to your BTC.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
NorrisK
Legendary
Offline
Activity: 1946
Merit: 1007
|
|
August 14, 2016, 06:45:01 PM |
|
I would never use some biometric data to generate my private keys ever.. It is just too simple to reproduce.
Fingerprints: Lift them from your door handle or coffe cup or even your keyboard at work.
Retina scan: One good high resolution photo of your face and you can reproduce it.
DNA: One hair or some skin is enough to gather all you need.
It is one thing to unlock your wallet with biometric data as a second or thrid factor authentication, but generating your private key from this means you can bypass any wallet password or 2fa by just gathering your biometric data.
It could be used as a salt behind your private key though.
|
|
|
|
|
Hazir
Legendary
Offline
Activity: 1596
Merit: 1005
★Nitrogensports.eu★
|
|
August 14, 2016, 07:13:25 PM |
|
Apart from discussing whether this idea is feasible or not. Fingerprint recognition technology is simply not good in my opinion.
First, I am not a fan of my fingerprints data stored anywhere; secondly I don't think current fingerprints tech is good enough to recognize real fingerprints from fake ones.
And believe me, we don't want to go into Bio metric way of identity confirmation, soon we could be tagged exactly in a way cattle is.
|
|
|
|
|
Bitware
|
|
August 14, 2016, 07:36:16 PM |
|
You leave your fingerprints everywhere... EVERYWHERE. On everything you have ever touched and will ever touch, and they are easy to grab and replicate.
Rethink this idiocy at once!
|
|
|
|
|
n691309
Legendary
Offline
Activity: 1526
Merit: 1001
|
|
August 14, 2016, 07:43:47 PM |
|
I just had an idea. What if there is a tool which algorithms create a brain wallet password from the fingerprint (or from multiple fingerprints of the hand)? Every fingerprint is unique. Therefore every password created by the algos will be unique, too.
Thus, one would never run into the risk of losing his or her password anymore. Perhaps there is something already. However, I do not know it.
First of all the idea is good but there are some other better biometric security way like Iris scanner that recently is introduced on the Samsung Note 7. I don't know if you know but the fingerprint can easily be hacked by some kids toys that use in kindergarten for more check this video how can an iPhone touchID can be hacked/tricked: http://www.dailymail.co.uk/sciencetech/article-3471718/Can-iPhone-s-fingerprint-sensor-hacked-using-PLAY-DOH-Researchers-claim-toy-bypass-Apple-s-security.html#v-5041464962111065112 |
|
|
|
|
gentlemand
Legendary
Offline
Activity: 2590
Merit: 3013
Welt Am Draht
|
|
August 14, 2016, 08:04:57 PM |
|
Golly, you people are so much more security savvy than I am. I'd be dead impressed with myself if I was using fingerprints for stuff. I suppose fingers can be cut off and retinas gouged out. I'll be waiting for a scanner that reads my eternal soul. Until then passwords do the job.
|
|
|
|
|
unamis76
Legendary
Offline
Activity: 1512
Merit: 1009
|
|
August 14, 2016, 09:40:15 PM |
|
If bitcoin will use fingerprints password they need to have a very very good system for this type of password. Millions of prople are using bitcoin , so there will be millions of fingerprints, there will be lot of errors in log in. Maybe you want to login trough fingerprints but your phone is a bad model and it's scress doesnt reconize you fingerprints.
There is no "log in" in Bitcoin. You use your client as usual and you recover your keys via fingerprint/retina scan. AFAIK only Samsung used a fingerprint scanner on screen and they've already ditched that... But yeah, I kind of get your point  But yes, I agree 100% on retina scanning, as I've also suggested in my post. That would be the future. I'm curious as to what kind of randomness can we "extract" from an iris, as stated in my first post.
I'm pretty sure that people around here don't know that there's a difference between retina and iris scans. Retina scanning should provide better security but it does come with higher equipment costs. That would have to be weighed in regarding data randomness obtained in both methods and if the security given by one method tops over the cost saving the other method offers. But building further on the fingerprint idea: you can further enhance the security of something protected by fingerprinting using one's lips. So 10 fingerprints + lips print would be way much more harder to obtain and it wouldn't make the process of recovering a wallet a bigger burden.
Lip print? That would be very impractical if you ask me, but an interesting suggestion nonetheless. Since it would only be to recover a passphrase, I'm not sure if it would be all that impractical (you would only use it once in a while). We would probably have to build hardware for that tho... Lips are very distinct, and they're also used for investigation in forensics, hence my idea  Not a good idea.... We had a biometric scanner system linked to our payroll system... you clock in and out with a finger print scanner.. but some of the guys { those who did handyman jobs and work
with their hands a lot } had problems with the system not recognizing their fingerprints.
Yes, this is a valid issue to which I have no suggestions  The other problem --> People will know that your finger print is the way to access your money and they would simply force you, with violence to give up your money.. A password memorized and written down as a backup in a safe place, will never be trumped by Biometrics. People could also force you to reveal your backup location... It could be used as a salt behind your private key though.
Great idea too And believe me, we don't want to go into Bio metric way of identity confirmation, soon we could be tagged exactly in a way cattle is.
Software attempting to communicate with a server somewhere, storing our biometric data would probably be detected by someone auditing the code. This was what I was referring to back in the 1st page... To be able to replicate a fingerprint this way, you have to have it very beautifully "printed" on a surface, and that doesn't happen frequently in real life Golly, you people are so much more security savvy than I am. I'd be dead impressed with myself if I was using fingerprints for stuff. I suppose fingers can be cut off and retinas gouged out. I'll be waiting for a scanner that reads my eternal soul. Until then passwords do the job.
To further enhance the fingerprint idea, one could create its passphrase using a specific sequence of fingers... I'd still love to see this happen, fingerprint or retina scan or both. |
|
|
|
|
n691309
Legendary
Offline
Activity: 1526
Merit: 1001
|
|
August 14, 2016, 10:07:44 PM |
|
This was what I was referring to back in the 1st page... To be able to replicate a fingerprint this way, you have to have it very beautifully "printed" on a surface, and that doesn't happen frequently in real life At least we can count that this method does it job and fingerprint is not secure at all, it is needed online one time and all bitcoins can be lost, I haven't made a deep research but I believe that there are more ways to hack the fingerprint but maybe an Iris scanner and a password or/and a 2FA would be enough. |
|
|
|
|
Decoded
Legendary
Offline
Activity: 1232
Merit: 1030
give me your cryptos
|
|
August 14, 2016, 10:16:49 PM |
|
This was what I was referring to back in the 1st page... To be able to replicate a fingerprint this way, you have to have it very beautifully "printed" on a surface, and that doesn't happen frequently in real life At least we can count that this method does it job and fingerprint is not secure at all, it is needed online one time and all bitcoins can be lost, I haven't made a deep research but I believe that there are more ways to hack the fingerprint but maybe an Iris scanner and a password or/and a 2FA would be enough. It doesn't have to be beautifully printed, as Luda previously said. It would take some trial and error, but a fingerprint sensor isn't foolproof. A Fingerprint or Iris scan as a 2FA is a good idea though. |
looking for a signature campaign, dm me for that
|
|
|
Zadicar
Legendary
Offline
Activity: 1330
Merit: 1020
Seabet.io | Crypto-Casino
|
|
August 15, 2016, 12:55:30 AM |
|
Not a good idea.... We had a biometric scanner system linked to our payroll system... you clock in and out with a finger print scanner.. but some of the guys { those who did handyman jobs and work with their hands a lot } had problems with the system not recognizing their fingerprints. The other problem --> People will know that your finger print is the way to access your money and they would simply force you, with violence to give up your money.. A password memorized and written down as a backup in a safe place, will never be trumped by Biometrics. there are circumstances that would affect your fingerprint even though its unique but there are factors would definitely change that as you said especially to those handyman jobs. I do experience that situation where biometrics have that problem on have a hard time on recognizing those fingerprints and some have already registered already. |
|
|
|
franky1
Legendary
Offline
Activity: 4214
Merit: 4485
|
|
August 15, 2016, 01:49:51 AM
Last edit: August 15, 2016, 02:23:25 AM by franky1 |
|
firstly
smart phones get handled.
so if you steal a smart phone then with a bit of dustpowder and some tape you can literally get the fingerprint from the screen of the same device you want to raid.
secondly
finger prints are not exact.
there are hundreds of 'indicators' on a finger, but get a papercut a few of them change/disapear, get old or fat and it changes. get calluses from hard labour work, a few of them change/disapear. use chemicals as a janitor on your hands in an accident, a few of them change/disapear
this is why the threshold for 'comparison' in criminal evidence is so low at a 6-12 indicator points because getting ALL indicators will never be possible.
meaning you cannot rely on hand picking just 6-12 indicators last year, hoping they will still be there in a few years. criminal finger print comparison looks at MANY indicators (above threshold) from an old sample and hope to find just 6-12 indicators on a newer sample
thirdly
retina scans are not perfect either.. diabetes, catacts, blindness, and other conditions can 'blur' the image obtained from a retina scan..
fourthly
identifyers in your head (password) is much safer than identifyers on your finger. imagine it this way. having fingerprint ID is like shouting out your email password every time you touch a light switch, cutlery, a bottle, even the tv remote.
in short trying to solve a security issue by making is stupidly easy for others to get hold of with some tools, or worse case eventually lose you access to due to nature purely based on laziness of someone clicking a few buttons and thinking about safe storage(using their brain).. is ultimately not a solution to security
it made the title laughable.. brain wallet without the brain....
you may like my next pun..
ill give this idea my middle finger
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
|
raphma
|
|
August 15, 2016, 02:13:20 AM |
|
trust me these things go down very quick.
maybe a coworker or a friend will overhear a conversation or you are bragging about bitcoin and once he knows where to look it is not that hard anymore. you would be surprised how fast a friendship can end over money.
i also do not like the argument, that we can just use it for small sums. what happens is that it works for small sums and we get used to it so we start using it for big ones too.
You may be right if we are talking about trivial amounts that almost nobody would want to steal anyways. Otherwise you're naive and wrong. People are willing to do all kinds of 'bad' things for money.
all i'm saying is: it's a good way to generate passwords, not the best way of course but still good. So, for small amounts would be okay(a.k.a acceptable but not recommendable). most users dont even care to have a offline wallet. |
|
|
|
|
Kakmakr
Legendary
Offline
Activity: 3444
Merit: 1957
Leading Crypto Sports Betting & Casino Platform
|
|
August 15, 2016, 06:34:55 AM |
|
Golly, you people are so much more security savvy than I am. I'd be dead impressed with myself if I was using fingerprints for stuff. I suppose fingers can be cut off and retinas gouged out. I'll be waiting for a scanner that reads my eternal soul. Until then passwords do the job.
We had a company doing a demo with one of the scanners and they have done independent test with fingers from dead people and it did not work. It has something to do with the electric current or energy that are within a living finger. He says not all devices have this feature, but their technology did. So your cheaper brand scanners might be fooled by a finger being cut off or a eye being gouged out. ^grrrrr^ |
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
beerlover
Legendary
Offline
Activity: 2870
Merit: 1160
|
|
August 15, 2016, 07:27:08 AM |
|
Fingerprints aren't safe wallets since they are basically really easy to replicate even with simple household items.
If you're a marvel fan, you might have already seen what Scott Lang (Ant-Man) did to get Dr Pym's fingerprint.
Of course, they didn't actually show what the items and the complete steps were but if you were to google what he did, it's actually pretty simple.
|
| | .
.Duelbits│SPORTS. | | | ▄▄▄███████▄▄▄
▄▄█████████████████▄▄
▄███████████████████████▄
███████████████████████████
█████████████████████████████
███████████████████████████████
███████████████████████████████
███████████████████████████████
█████████████████████████████
███████████████████████████
▀████████████████████████
▀▀███████████████████
██████████████████████████████ | | | | ██
██
██
██
██
██
██
██
██
██
██ | | | | ███▄██▄███▄█▄▄▄▄██▄▄▄██
███▄██▀▄█▄▀███▄██████▄█
█▀███▀██▀████▀████▀▀▀██
██▀ ▀██████████████████
███▄███████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
▀█████████████████████▀
▀▀███████████████▀▀
▀▀▀▀█▀▀▀▀ | | OFFICIAL EUROPEAN
BETTING PARTNER OF
ASTON VILLA FC | | | | ██
██
██
██
██
██
██
██
██
██
██ | | | | 10% CASHBACK
100% MULTICHARGER | │ | | │ |
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
August 15, 2016, 11:19:47 AM |
|
AFAIK only Samsung used a fingerprint scanner on screen and they've already ditched that... But yeah, I kind of get your point You mean on the Galaxy S5? That would have to be weighed in regarding data randomness obtained in both methods and if the security given by one method tops over the cost saving the other method offers.
I'd say generally, that the retina scan should provide better security however there are obviously important factors that play a role in this. I wonder how secure the iris scanner in the latest Galaxy Note is. Since it would only be to recover a passphrase, I'm not sure if it would be all that impractical (you would only use it once in a while). We would probably have to build hardware for that tho... Lips are very distinct, and they're also used for investigation in forensics, hence my idea Indeed. It is less impractical if rarely used, although I do wonder the implications of this. From what I've gathered, there's only some research in this area. Fingerprints aren't safe wallets since they are basically really easy to replicate even with simple household items.
This statement is incorrect. You may be able to pull decent fingerprints, but that is inadequate for one to bypass fingerprint security easily. Thanks for sharing the post. The author makes a very good point by stating that compromised fingerprints can not be changed (which is the exact opposite of passwords). |
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
Jeremycoin
Legendary
Offline
Activity: 1022
Merit: 1003
𝓗𝓞𝓓𝓛
|
|
August 15, 2016, 11:38:48 AM |
|
That's an amazing idea, it's the next gen of security system. I believe that's pretty safe because you have to be you to unlock the wallet, except if someone cut off your finger and use it to unlock the wallet.  But It's actually still hackable, because someone can just find your fingerprint on your belongings and use it to unlock the wallet. |
faucet used to be profitable |
|
|
unamis76
Legendary
Offline
Activity: 1512
Merit: 1009
|
|
August 15, 2016, 10:10:56 PM |
|
AFAIK only Samsung used a fingerprint scanner on screen and they've already ditched that... But yeah, I kind of get your point You mean on the Galaxy S5? That would have to be weighed in regarding data randomness obtained in both methods and if the security given by one method tops over the cost saving the other method offers.
I'd say generally, that the retina scan should provide better security however there are obviously important factors that play a role in this. I wonder how secure the iris scanner in the latest Galaxy Note is. Since it would only be to recover a passphrase, I'm not sure if it would be all that impractical (you would only use it once in a while). We would probably have to build hardware for that tho... Lips are very distinct, and they're also used for investigation in forensics, hence my idea Indeed. It is less impractical if rarely used, although I do wonder the implications of this. From what I've gathered, there's only some research in this area. Correct, it's the S5 that still had in on screen. I assume the Galaxy Note uses a Secure Enclave-like system and encrypts keys on a separate chip Furthermore, there are 2^160 bitcoin addresses, 2^63 grains of sand on all the beaches on the Earth, and only 2^33 people on this planet. Using a fingerprint, just like using a brainwallet, significantly reduces the set of possible keys and therefore decreases security. Given that vanitygen on a GTX970 can do 40Mkeys/sec, it would take just over 3 minutes to calculate 8 billion keys; this means your fingerprint based brainwallet will probably be cracked pretty damn fast.
This is something I'm really curious about... What about retina/iris, would it increase the set of possible keys? |
|
|
|
|
tyz (OP)
Legendary
Offline
Activity: 3360
Merit: 1531
|
|
August 19, 2016, 07:00:57 PM |
|
Generally, I think a iris scanner would be a better option.
I am not really sure if an iris scanner is more secure than creating a passphrase out of several fingerprints. If smart glasses like Google glass will be mainstream in some years, everyone will be able to easily get an iris scan. However a scan of three or more fingers of yours is rather impossible. Just my opinion. |
|
|
|
|
franky1
Legendary
Offline
Activity: 4214
Merit: 4485
|
|
August 19, 2016, 09:34:04 PM
Last edit: August 19, 2016, 09:46:27 PM by franky1 |
|
if people are adament they want fingerprint technology to be used, atleast make it workable
afterall, people have 10 fingers
i would suggest a method that has 10 keys(one per finger). but only needs lets say 3 keys to move funds.(3 of 10 multisig)
that way any of your 3 fingers would be accepted.
but just a 1 finger one key is not a good way to secure funds especially due to chemical burns, papercuts, age and other things that can affect a fingerprint
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
August 20, 2016, 01:08:16 PM |
|
Correct, it's the S5 that still had in on screen.
They did change that, however I don't find fingerprint safe especially not singular ones. Maybe if there was a specific combination of fingerprints used, it could result in a decent password (e.g. a specific order of several fingers only works). This is something I'm really curious about... What about retina/iris, would it increase the set of possible keys?
It would likely not do that. The security of bitcoin comes from its enormous address space, when you reduce this space you reduce the security. This is why human generated brainwallets are stupid and are often sweeped in seconds.
One could argue that this isn't the only factor that gives it security. You're forgetting proof-of-work, While not on-topic, your statement does seem a bit incorrect to me. I do agree with your statement regarding the brainwallet. I really don't see the need for someone to use one, especially not one based on fingerprints/IRIS. An offline wallet with encryption is always the better alternative. How hard could it be to memorize a semi-complex string of ~20 characters? If smart glasses like Google glass will be mainstream in some years, everyone will be able to easily get an iris scan. However a scan of three or more fingers of yours is rather impossible. Just my opinion.
All of your fingerprints are pretty much everywhere, especially in the place where you live. That's not a good argument. |
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
|
