Facial Recognition Gets a Black Eye at Black Hat - Page 2

Nguyen also said during his talk that he found that the Lenovo notebook accepted grayscale images while the Asus and Toshiba did not.

"Toshiba is more secure than Lenovo or Asus, but ... we can still break into the system," Nguyen said.

Who's at fault here?

Nguyen claimed that the manufacturers are aware the problems with face recognition technologies. InternetNews.com was unable to independently verify Nguyen's claim about all three vendors' knowledge of the issue. Spokespeople from Asus and Toshiba did not return requests for comment by press time.

But a Lenovo spokesperson said the facial-recognition features found on its IdeaPad laptops and netbooks are meant to make login easier -- not for the utmost in security.

"Facial recognition has been designed to offer users accurate login," Fair said. "There are trade-offs between security and convenience, and users should balance the need for convenient, quick access through facial login with the higher levels of security that are associated with using complex and lengthy password or fingerprint readers."

"VeriFace, which is only used in our consumer range of laptops, continues to be upgraded," she added.

As to what the vendors should do to fix the problem, Nguyen offered little beyond criticism.

"We assert that there is no way to fix this," he said. "This feature is not secure enough to serve as a security feature as advertised by the manufacturers."