I got a new Toshiba Portege a few weeks ago, the first machine I’ve owned that came with a fingerprint sensor. At first the system seemed to have been designed in a sensible way. The fingerprint template is encrypted and stays local. It is never released or stored in a remote database. I decided to try it out - to experience what it ”felt like”.
A couple of days later, I was at a conference and on stage under pretty bright lights. Glancing down at my shiny new computer, I saw what looked unmistakably like a fingerprint on my laptop’s right mouse button. Then it occurred to me that the fingerprint sensor was only a quarter of an inch from what seemed to be a perfect image of my fingerprint. How secure is that?
Uh, oops?
