The next time someone suggests you replace your password with biometric access, you can point them in this direction:

The only real reason to use biometrics is to prevent over the shoulder attacks, so you can keep your data private from people you know. But if you think that's gonna protect you from hackers, you're wrong.

Best thing would be to use both biometrics and a password combined, but its not convenient.

@simon I would suggest you read both articles and draw your own conclusions based on the facts. No need to trust the opinions of anyone else.

@simon My personal conclusions: don’t put anything that matters, like your PGP key or your password manager, under biometric access. But it is fine to use it for things that don’t matter. For example, I use a fingerprint lock on my phone to prevent it from making accidental phone calls in my pocket.

@simon The bigger problem with biometrics is something that isn’t addressed by either article, which is that the biometric data itself isn’t what is being used to actually encrypt data. Rather, the encryption keys are stored in a “secure” environment (TPM, Secure Enclave, PSP, ME, TrustZone, etc). These “secure” environments run an entire OS, typically on closed and undocumented hardware, and are riddled with security flaws.

@simon So, the right exploit comes along and extracts all your keys from the “secure” environment without needing your biometric data at all. That is a fundamental design problem, and one that isn’t possible to address until all the software (and firmware) involved is open-source, and is running on top of open-source hardware. Even then, it will take a lot of work to bring it up to a reasonable security status.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.