Hello recognized the device as a USB camera, and it was successfully unlocked with just the IR photos of the user. To verify their finding, the researchers created a custom USB device, which they loaded with infrared photos of the user and RGB images of Spongebob. Windows Hello requires the use of cameras with both RGB and infrared sensors, but upon investigating the authentication system, the researchers found that it only processes infrared frames. As reported by Wired, researchers from the security firm CyberArk managed to fool the Hello facial recognition system using images of the computer owner's face.
Microsoft designed Windows Hello to be compatible with webcams across multiple brands, but that feature designed for ease of adoption could also make the technology vulnerable to bad actors.
0 kommentar(er)
