The premier sensors enabling Windows Hello fingerprint authentication are not as secure as manufacturers had hoped. Researchers have discovered security flaws in a number of fingerprint sensors used in several laptops that work with the Windows Hello authentication feature.
Saved you a click.
If a malicious actor has physical access to your machine, you have already lost. Been that way since the dawn of computing. Full-disk encryption can potentially protect your data from unauthorized access, but it can’t really stop a thief from wiping the laptop and making it their own. And if you get it back you probably want to wipe it anyway.
Also can’t stop someone from cloning the disk and waiting until quantum computing is cheap enough to crack it.
Quantum computing can potentially break the public-key encryption used for transmitting messages across the Internet, but the symmetric-key encryption used for storing data on disk is an entirely different thing.
If I vaguely remember, symmetric encryption is more or less halved by quantom computers using the current encryption breaking methods right? That and just the growing computer power IF they continue to grow at a similar rate. 32 bit encryption used to be the military standard, now it’s a joke that a kid’s laptop could break.
Makes it potentially vulnerable to governments who are dedicated, but as long as the common laptop theif doesn’t have a quantum computer or a generic technical literacy and years to wait and we’re not making enemies with governments we’re all fine regardless.
Yes, with a quantum computer you could hypothetically halve the effectiveness of AES (so AES-256 would be roughly equivalent to AES-128). This would make a 128-bit key fairly weak (and AES-128 is fairly common still)… a 64-bit space can be brute forced on regular computers in a reasonable amount of time. This doesn’t mean it will be cheap or feasible to break 128-bit AES on quantum computers, though. Maybe it can do it in roughly 2^64 computations, but if each operation is slow it still might not be feasible. At least initially it would probably be expensive to crack so hopefully they’d only bother for really targeted stuff.
So it’s not Windows, it’s hardware.
This is such a non story. It requires physical access to unattended devices and a sophisticated attack.
Me seeing headline: uh oh
Me seeing the first sentence of article: oh, nevermind, turns out I don’t actually care.
Only 1 ? Are you kidding ??
Also “may”.
Like I’ve been workin with Windows since v1.x ( when it was really an overglorified file manager on DOS) and we’ve been complaining about it’s security issues since then.
NT at least brought some security with actual user logins and NTFS (thanks to DEC, which created the OS that NT came from), but even then, the code running in ring 0…oh boy.
Windows is a security problem.
Yeah, it’s the entire thing /s
Do you have a few minutes to talk about our Lord and Saviour, Linus Torvalds?
Solving security issues with the fingerprint scanner by not supporting it in the first place?
Title creator forgot to add “again, and again, and again”.
Oh, the holy trinity of security problems and getting hacked: Windows, Exchange, Active Directory. How would hackers cope without them?
Windows has a security problem. Wow im so suprised
Lol and how many users actually have encrypted data on win 11?
Nearly every enterprise machine is encrypted with bitlocker
you don’t say!
Windows is the actual security problem there…
Meanwhile in Linux:
boots to emergency root shell from the grub menu
Problem, linux?
Full disk encryption.
A sure sign you won’t find anything interesting on that machine 😹
You can configure Linux such that that isn’t possible.
Laughs in systemd
This blew my little cousin’s mind when I showed him this trick, and he realized the implications. Fun times
Ha.
