Results 1 to 3 of 3

Thread: Acer refreshes laptops and 2-in-1s with fingerprint readers

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    25,263
    Thanks
    0
    Thanked
    1,365 times in 514 posts

    Acer refreshes laptops and 2-in-1s with fingerprint readers

    These new Windows 10 devices are priced from just $199, will be on show at Computex.
    Read more.

  2. #2
    Admin Saracen's Avatar
    Join Date
    Jul 2003
    Posts
    16,866
    Thanks
    736
    Thanked
    2,853 times in 2,016 posts

    Re: Acer refreshes laptops and 2-in-1s with fingerprint readers

    My only reservation about this (apart from, personally, refusing to use Win10) is that MS are a bit coy about exactly what data they send to themselves.

    Does any of the data Windows Hello collects ever leave my device, and if so, how is it transmitted?

    Your identification data – the representation of your face, iris or fingerprint that's created when you enrol – never leaves your device. To help us keep things working properly, to help detect and prevent fraud, and to continue to make improvements, Microsoft collects usage data such as which method you used to sign in (face, iris, fingerprint or PIN), the number of times you signed in, and whether or not each sign-in was successful. This data is stripped of any information that could be used to specifically identify you, and it's encrypted before it's transmitted to Microsoft.
    Okay, so breaking that down ....

    - actual biometric ID data, like iris scan, fingerprint or facial photos, are NEVER stored, anywhere. That's good.

    - when you enrol, a "representation" of this data is stored, on the device, encrypted.

    - the original biometric data cannot be recreated from the "representation". This is analagous to our password pricess here. Your password is not stored but a 'hash' of it is, and the password (with a very specific exception, sort-of) cannot be recreated from the hash. So, that's good too.

    - MS do transmit and store a sort-of metadata about your sign-on activity. They specify examples of that, by the use of "such as" but do not provide an exhaustive list of what they store. Hmmm, not so good. Not necessarily bad, but .... suspicious.

    - MS strip such data of anything that can be used to "specifically" identify you. Hmmm. More evasive wording. This sounds a bit like differentiating between personal information that, on it's own, identifies you and data that, when combined with other data (which, perhaps, they happen to own) can be used. That is, identifiable, rather than identifying.

    - There appears to be no way to disable the transmission of such data, should you wish to.


    That whole explanation of what data is sent seems to me to be deliberately vague to the point of being suspicious. It reminds me of what an estate agent (before laws changed) meant when he advertised a property as 'compact' (tiny beyond belief) or 'DIY opportunity' (falling down, so don't sneeze until after sale completion). It reeks of being very carefully written to convey one impression on a casual reading, while being capable of being interpreted very differently if anyone ever hauls it before a judge.

    So really, it comes down to how much you trust MS. In my case, about as much as I'd trust an unreconstructed and unrepentent serially-convicted burglar with my house keys, alarm codes and holiday dates. Actually, I take that back. Less than I trust the burglar.


    This, by the way, is a mistrust of MS, not Acer.
    Noli nothis permittere te terere.


  3. Received thanks from:

    Pleiades (27-05-2016)

  4. #3
    Senior Member
    Join Date
    Aug 2008
    Posts
    1,894
    Thanks
    92
    Thanked
    84 times in 64 posts
    • miniyazz's system
      • CPU:
      • Acer Aspire 8920G
      • Operating System:
      • Windows 7 Pro
      • Monitor(s):
      • Optoma HD700X projector @ c. 90"
      • Internet:
      • Really, really ****

    Re: Acer refreshes laptops and 2-in-1s with fingerprint readers

    Windows Hello is not that secure. Particularly the way it forces you to set up a pin before you can use biometrics to log in. Ok great, now all someone needs to do is brute force a 'password' comprised of entirely numbers..

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •