Page 1 of 2 12 LastLast
Results 1 to 16 of 20

Thread: Windows Hello can't be fooled by your identical twin

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,073 times in 719 posts

    Windows Hello can't be fooled by your identical twin

    In testing by a newspaper there was "no case of it wrongly granting access".
    Read more.

  2. #2
    Senior Member
    Join Date
    Jun 2013
    Location
    ATLANTIS
    Posts
    1,207
    Thanks
    1
    Thanked
    28 times in 26 posts

    Re: Windows Hello can't be fooled by your identical twin

    Microsoft can never be smarter than upcoming hackers, I personally can access any windows version if I have forgotten passwords etc, you simply log into youtube and follow the steps........easy like that!!

  3. #3
    Seething Cauldron of Hatred TheAnimus's Avatar
    Join Date
    Aug 2005
    Posts
    17,167
    Thanks
    803
    Thanked
    2,152 times in 1,408 posts

    Re: Windows Hello can't be fooled by your identical twin

    Lumireleon, it depends if the device is fully encrypted from a TPM onwards.

    If that's the case, then no, you can not access the windows version at all, assuming there are no exploits for bitlocker or the TPM keystore.

    MS have been making some strides in encouraging consumer devices, such as the Surface line to be enabled by default.
    throw new ArgumentException (String, String, Exception)

  4. #4
    Senior Member
    Join Date
    Dec 2013
    Posts
    3,526
    Thanks
    504
    Thanked
    468 times in 326 posts

    Re: Windows Hello can't be fooled by your identical twin

    Now all we need are similar security safe guards for when data comes in and leaves our devices.

  5. #5
    Admin (Ret'd)
    Join Date
    Jul 2003
    Posts
    18,481
    Thanks
    1,016
    Thanked
    3,208 times in 2,281 posts

    Re: Windows Hello can't be fooled by your identical twin

    Quote Originally Posted by TheAnimus View Post
    ....

    MS have been making some strides in encouraging consumer devices, such as the Surface line to be enabled by default.
    Great. MS helps protect us from others. Now, we just need someone to protect us from MS.

  6. #6
    Senior Member
    Join Date
    Sep 2012
    Posts
    268
    Thanks
    1
    Thanked
    14 times in 12 posts

    Re: Windows Hello can't be fooled by your identical twin

    What about if you have an "Evil Twin"

  7. #7
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Gateshead
    Posts
    15,196
    Thanks
    1,231
    Thanked
    2,291 times in 1,874 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 2x 4GB DDR4 2666
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: Windows Hello can't be fooled by your identical twin

    Quote Originally Posted by Plasmastorm View Post
    What about if you have an "Evil Twin"
    The Obligatory Goatee would prevent them using your face recognition, surely?

  8. #8
    MCRN Tachi Ttaskmaster's Avatar
    Join Date
    Nov 2013
    Location
    Reading, UK
    Posts
    6,844
    Thanks
    570
    Thanked
    781 times in 654 posts
    • Ttaskmaster's system
      • Motherboard:
      • Asus X99-PRO USB 3.1
      • CPU:
      • i7 5960X o/c to 4.6GHz
      • Memory:
      • 32GB 3200MHz Crucial Ballistix Tactical Tracer RGB DDR4
      • Storage:
      • Samsung Evo 120GB and Seagate Baracuda 2TB
      • Graphics card(s):
      • Gigabyte G1 GTX980Ti
      • PSU:
      • EVGA Supernova G2 1000W
      • Case:
      • Phanteks Enthoo Luxe wiv perspex window
      • Operating System:
      • Win10 64 Home
      • Monitor(s):
      • Acer Predator XB270HU 1440 IPS GSync 144Hz
      • Internet:
      • 900Mbps Gigaclear WHOOOOOOOOOOOO!!!!!!!!

    Re: Windows Hello can't be fooled by your identical twin

    Quote Originally Posted by scaryjim View Post
    The Obligatory Goatee would prevent them using your face recognition, surely?

  9. #9
    Seething Cauldron of Hatred TheAnimus's Avatar
    Join Date
    Aug 2005
    Posts
    17,167
    Thanks
    803
    Thanked
    2,152 times in 1,408 posts

    Re: Windows Hello can't be fooled by your identical twin

    Quote Originally Posted by Saracen View Post
    Great. MS helps protect us from others. Now, we just need someone to protect us from MS.
    As I was just once again asked by one of neighbours to recover work from a laptop which hadn't been backed up, I think that cloud by default is better user experience.

    We really need governments to regulate the principles that this data can be used for.
    throw new ArgumentException (String, String, Exception)

  10. #10
    Seething Cauldron of Hatred TheAnimus's Avatar
    Join Date
    Aug 2005
    Posts
    17,167
    Thanks
    803
    Thanked
    2,152 times in 1,408 posts

    Re: Windows Hello can't be fooled by your identical twin

    Quote Originally Posted by Plasmastorm View Post
    What about if you have an "Evil Twin"


    I'd be willing to try and find out if one is more evil....
    throw new ArgumentException (String, String, Exception)

  11. #11
    Senior Member
    Join Date
    Dec 2013
    Posts
    3,526
    Thanks
    504
    Thanked
    468 times in 326 posts

    Re: Windows Hello can't be fooled by your identical twin

    The one on the right? The bad Guys/Girls always wear black.

  12. #12
    Admin (Ret'd)
    Join Date
    Jul 2003
    Posts
    18,481
    Thanks
    1,016
    Thanked
    3,208 times in 2,281 posts

    Re: Windows Hello can't be fooled by your identical twin

    Quote Originally Posted by TheAnimus View Post
    As I was just once again asked by one of neighbours to recover work from a laptop which hadn't been backed up, I think that cloud by default is better user experience.

    We really need governments to regulate the principles that this data can be used for.
    I'm more of a Darwinist on backup, I'm afraid.

    My experience is that you can tell people until you're hoarse, and it appears to go in one ear and out the other without even having a quantum effect in-between, but ONE experience of the consequences of non-backup is usually enough to ensure all but the determinedly stupid 'evolve' into backup-aware computer users. It's of a positive benefit to modern man.

    More seriously, I take your point, but I seriously think it needs to be a conscious user choice, because cloud companies are not unbiased, neutral third parties on this. I'd have no problem with a mandatory, opt-in/opt-out dialog box being forced on users, clearly explaining cloud versus DIY, provided opting out means you really do not have ANY of your data clouded unless you explicitly choose to.

    Granted, I'm not your typical home user, not least because not many users have hardware-based RAID 5 servers carrying their data, with optical (not dye-based optical, either) storage backups. But I do. Also, some of the work I've done over the years means I've had some VERY sensitive client documents here, including board minutes and bid proposals. For me, it is fundamental that absolutely no possibility of such files getting clouded from my systems exists, so I want no chance of anything getting clouded unless I explicitly want it, which I don't, and won't.

    I don't see any chance I will ever want my data stored in the cloud, or any circumstances that might change that. YMMV.

  13. #13
    Super Nerd
    Join Date
    Jul 2008
    Location
    Cambridge
    Posts
    1,785
    Thanks
    22
    Thanked
    105 times in 72 posts

    Re: Windows Hello can't be fooled by your identical twin

    Quote Originally Posted by Saracen View Post
    Granted, I'm not your typical home user, not least because not many users have hardware-based RAID 5 servers carrying their data, with optical (not dye-based optical, either) storage backups. But I do. Also, some of the work I've done over the years means I've had some VERY sensitive client documents here, including board minutes and bid proposals. For me, it is fundamental that absolutely no possibility of such files getting clouded from my systems exists, so I want no chance of anything getting clouded unless I explicitly want it, which I don't, and won't.
    And I assume those H/W RAID5s and their backups are encrypted (strongly) and the decryption keys separately stored since the risk of physical theft is just as bad as digital if data secrecy is an issue. Unfortunately though the the fact is that many people just don't understand doing all of that and the on-balance best option for them is to be forced into it via a default-on comprehensive cloud backup (most people don't have anything especially secret on their machines anyway). People can lose a lot of stuff in your suggested first "learning loss", it's not a good user experience to let them fail - this isn't kids learning to kick a ball and toppling over, people could lose genuinely irreplaceable stuff.

    I'm all for default encryption on devices as well, it really should be factory setup on all new machines by now.

  14. #14
    Admin (Ret'd)
    Join Date
    Jul 2003
    Posts
    18,481
    Thanks
    1,016
    Thanked
    3,208 times in 2,281 posts

    Re: Windows Hello can't be fooled by your identical twin

    Quote Originally Posted by kingpotnoodle View Post
    And I assume those H/W RAID5s and their backups are encrypted (strongly) and the decryption keys separately stored since the risk of physical theft is just as bad as digital if data secrecy is an issue. Unfortunately though the the fact is that many people just don't understand doing all of that and the on-balance best option for them is to be forced into it via a default-on comprehensive cloud backup (most people don't have anything especially secret on their machines anyway). People can lose a lot of stuff in your suggested first "learning loss", it's not a good user experience to let them fail - this isn't kids learning to kick a ball and toppling over, people could lose genuinely irreplaceable stuff.

    I'm all for default encryption on devices as well, it really should be factory setup on all new machines by now.
    Did you miss the grin, and the "More seriously ..." that followed it.

    Yes, data is strongly encrypted, yes keys are stored separately, yes backup are in fireproof safe and duplicates off-site, etc. Oh, and yes, I have duplicate controllers (plural), drive cages, a hot-swap drive in the array, and several spare identical drives stored, too. Everything has triple-redundancy. Like I said, not the typical home user.

    If adults could lose genuinely irreplaceable stuff, then they should also take some responsibility for it, in much the same way that we don't ket kids play with fireworks. Mind you, we probably shouldn't let a lot of adults do that either.

  15. #15
    Senior Member
    Join Date
    Jun 2004
    Location
    Kingdom of Fife (Scotland)
    Posts
    4,991
    Thanks
    393
    Thanked
    220 times in 190 posts
    • crossy's system
      • Motherboard:
      • ASUS Sabertooth X99
      • CPU:
      • Intel 5830k / Noctua NH-D15
      • Memory:
      • 32GB Crucial Ballistix DDR4
      • Storage:
      • 500GB Samsung 850Pro NVMe, 1TB Samsung 850EVO SSD, 1TB Seagate SSHD, 2TB WD Green, 8TB Seagate
      • Graphics card(s):
      • Asus Strix GTX970OC
      • PSU:
      • Corsair AX750 (modular)
      • Case:
      • Coolermaster HAF932 (with wheels)
      • Operating System:
      • Windows 10 Pro 64bit, Ubuntu 16.04LTS
      • Monitor(s):
      • LG Flattron W2361V
      • Internet:
      • VirginMedia 200Mb

    Re: Windows Hello can't be fooled by your identical twin

    I'm curious - is the fancy Intel camera needed for this to work properly, or would your bog-standard lord-awful laptop video cam work? Still think that two-factor authentication for logins would be desirable...
    Quote Originally Posted by TheAnimus View Post
    As I was just once again asked by one of neighbours to recover work from a laptop which hadn't been backed up, I think that cloud by default is better user experience.
    I'll agree with that statement but with one proviso - local-by-default-but-with-a-cloud-copy is far and away the best approach. That way, if you're sans internet then at least you can still get a hold of that vital college report or household expenses Excel. So systems like Dropbox get my thumbs-up, whereas the default in OneDrive (store in cloud only) doesn't.
    Quote Originally Posted by TheAnimus View Post
    We really need governments to regulate the principles that this data can be used for.
    Good luck with that idea with this bunch of (insert expletive here) in charge - it seems like all your data is for sale as far as they're concerned. Thank god for the EU. (apologies to any UKIPpers).
    Quote Originally Posted by Saracen View Post
    My experience is that you can tell people until you're hoarse, and it appears to go in one ear and out the other without even having a quantum effect in-between, but ONE experience of the consequences of non-backup is usually enough to ensure all but the determinedly stupid 'evolve' into backup-aware computer users. It's of a positive benefit to modern man.
    Problem is that what if they then turn around and complain that they do have backups, but they're on a cheap-jack "home" (and therefore single drive) NAS that just failed. And yes, that IS the voice of bitter experience... (courtesy of one failed WD Cav Green in an MBWE NAS).
    Quote Originally Posted by Saracen View Post
    More seriously, I take your point, but I seriously think it needs to be a conscious user choice, because cloud companies are not unbiased, neutral third parties on this. I'd have no problem with a mandatory, opt-in/opt-out dialog box being forced on users, clearly explaining cloud versus DIY, provided opting out means you really do not have ANY of your data clouded unless you explicitly choose to.
    Agree totally. And that's one of the issues I have with W8 - it clouds your data by default!
    Quote Originally Posted by Saracen View Post
    For me, it is fundamental that absolutely no possibility of such files getting clouded from my systems exists, so I want no chance of anything getting clouded unless I explicitly want it, which I don't, and won't. I don't see any chance I will ever want my data stored in the cloud, or any circumstances that might change that. YMMV.
    It's maybe off topic (bear with me) but what about "enhanced security" cloud storage systems - of which SpiderOak is the most obvious? Big selling point for those is that the data is encrypted before it gets to them, so not only can't they look at it, but you also don't have the "now how can I get them to reset my password" dilemma ... because they can't. Granted the data is outside of your oversight, but at least it's an offsite copy.

    By the way, if there are folks who want a good explanation of backup strategies then I'll recommend TekThing episode 13
    Last edited by crossy; 21-08-2015 at 04:21 PM.

    Career status: still enjoying my new career in DevOps, but it's keeping me busy...

  16. #16
    Admin (Ret'd)
    Join Date
    Jul 2003
    Posts
    18,481
    Thanks
    1,016
    Thanked
    3,208 times in 2,281 posts

    Re: Windows Hello can't be fooled by your identical twin

    Quote Originally Posted by crossy View Post
    ....

    Problem is that what if they then turn around and complain that they do have backups, but they're on a cheap-jack "home" (and therefore single drive) NAS that just failed. And yes, that IS the voice of bitter experience... (courtesy of one failed WD Cav Green in an MBWE NAS).

    ....
    Well, I'd have a bit of an issue with anyone that told them storing their data on a NAS, especially a single drive NAS, was "backup".

    Storing on your PC, syncing to a NAS, kinda is. Because losing data implies losing access to both. Though, it also depends on the sync settings, etc, not to mention fire risks, etc.

    Without reading that "backup strategy" link, I'd guess it'll take much the same line I would, which is that just about any strategy has weak points, and that it is ALWAYS a case of balancing cost (both of backing up and not backing up), and convenience/inconvenience, to the value of the data and the cost of losing it.

    For instance, with the client data I mentioned earlier, the consequences were minimal to zero if I lost it, in the sense of disk failure without backup, because I could just get it again. Easily.

    But if I lost it in that someone unauthorised got it, the consequences could be serious - lost bids and/or wrecked business for the client, getting sued for me.

    That, clearly, isn't a backup issue but a data/system security issue. Hence my probiem with stuff getting clouded without me explicitly deciding that.

    Quote Originally Posted by crossy View Post
    ....

    It's maybe off topic (bear with me) but what about "enhanced security" cloud storage systems - of which SpiderOak is the most obvious? Big selling point for those is that the data is encrypted before it gets to them, so not only can't they look at it, but you also don't have the "now how can I get them to reset my password" dilemma ... because they can't. Granted the data is outside of your oversight, but at least it's an offsite copy.
    And that's an example of the danger of generic broad statements ... mine, I mean.

    That's not really what I meant by my admittedly broad statement.

    Okay, I guess there's a risk, in the absence of categoric proof that they don't have a back door. But if the company is reputable, and/or software is open-source and inspectable, then that risk should be minimal. Also, the risk of en-roure interception/decryption exists, but unless the NSA are after you, again, minimal if the encryption is robust and the keys strong.

    It is, of course, not something that happens by default without the users express consent.

    I don't have any problem with anybody clouding anything, securely or not, provided I am SURE my OS manufacturer isn't doing it behind my back, without my express permission. I don't see any problem at all with services like SpiderOak, but I don't have a need for it.

    Even my system isn't perfectly secure. What is? But getting my data would require both physical access, and getting past decent encryption, some of which I haven't mentioned .... like that even getting data of those optical backups isn't simple, and if you do, it's still encrypted.

    Nor is my backup methodology either perfect, or suited to everyone (or maybe anyone) else. But it does suit my balance of risks versus costs, convenience/inconvenience, etc. And does it without cloud storage.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •