Set as Homepage - Add to Favorites

【Laruan】

Source:Creation Information Network Editor:Games Time:2025-06-27 09:03:59

Researchers at the German IT Security company SySS GmbH successfully fooled the Windows 10 facial recognition system by using a printed photo of the user's face.

Their spoofing efforts were published on Laruanthe cybersecurity site Seclists on Dec. 18. The cybersecurity experts bypassed Windows Hello -- which is Microsoft's password-free security software -- on both a Dell and Microsoft laptop running different versions of Windows 10, which is cause for concern for anyone using this feature to log into their account.

SEE ALSO: This nasty Android malware caused a phone to overload and bulge

Deceiving Windows 10 didn't take too much effort. It just required "having access to a suitable photo of an authorized person" to "easily" bypass the system, wrote the experts. The photo required is the full image of someone's face -- so if someone really wants to attempt to deceive the facial recognition system, the barriers aren't too great.

Similar to Apple's Face ID, it might be wise to view Windows Hello as a convenience feature, not a security feature.

Similar to the iPhone X's Face ID camera, Hello Windows uses an infrared camera (either built-in the or added separately) to recognize the unique shape and contours of a face before granting or denying access to a Windows account. But a flaw was found, specifically "an insecure implementation of the biometric face recognition in some Windows 10 versions."

They show their work below:

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

Many -- but not all -- Windows versions are vulnerable. In 2016, Microsoft included a new feature called Enhanced Anti-Spoofing to limit this sort of picture trickery. But even if this feature is enabled in your Windows settings, the researchers found a way to bypass the facial recognition system that ran older Windows versions, such as a Microsoft Surface Pro 4 device running 2016's Windows 10 Anniversary update, for instance.

However, the SySS researchers found that two new Windows versions, 1703 and 1709, are not vulnerable to their most simple spoofing attacks (using a printed photograph) if Enhanced Anti-Spoofing is enabled.

Their ultimate recommendation: Updating to Windows 10 version 1709, enabling anti-spoofing, and then having Windows Hello reanalyze your face.

If this sounds unappealing or risky, you can always go back to using a (not dumb) password. Infrared facial recognition in consumer applications is still relatively new, so flaws should be expected.

Similar to Apple's Face ID, it might help to view Windows Hello as a convenience feature, not a security feature.

Mashable has contacted Microsoft for comment and will update this story upon hearing back.

Featured Video For You
Here's how someone can track your location for $1,000

Topics Cybersecurity Windows

Previous:Watch Chappell Roan's Grammy acceptance speech demanding healthcare for artists

Next:Best fitness deal: The Merach R50 rowing machine is 35% off at Amazon

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

This adorable Google Doodle is an ode to kimchiTwo Pikachus have a delightful conversation thanks to smart home speakersAuthorities obtain warrant for Texas church shooter's iPhoneDon't believe that 'Aretha Franklin is dead' tweetFacebook Messenger will now let you share 4K photosResearchers show that water didn't carve these dark flows on MarsDon't believe that 'Aretha Franklin is dead' tweetWhen net neutrality is in peril, this old chart swoops inElon Musk suggests the new Roadster could have flight capabilitiesTrump's recent tweet could be his most unpresidential yetAdorable Tesla phone charger is perfect for your deskFacebook Messenger will now let you share 4K photosUber now lets you request rides for friends and familyKeystone Pipeline approval proves that pipeline safety is for the weakKFC designs a $10,000 tent for people want to hide from the internetTwo Pikachus have a delightful conversation thanks to smart home speakers'The Last Jedi' is a timely look at how women leaders are mistrustedFacebook Messenger will now let you share 4K photosCBS fires Charlie Rose following sexual misconduct allegationsResearchers show that water didn't carve these dark flows on Mars Reddit flooded the homepage with net neutrality news on Tuesday 'Coco' movie review: A much I'm the CEO of Duolingo and push notifications are my favorite thing 'Thelma' is a coming You can still buy the SNES Classic if you missed Black Friday Rashida Jones denies leaving 'Toy Story 4' over unwanted advance from John Lasseter Samsung allegedly plans to unveil new Galaxy S smartphones at CES Why I distrust music streaming and stay addicted to my MP3 player OnePlus 5T software update will hopefully improve photo quality Imgur was hacked in a 2014 data breach Bali volcano erupts for first time since fatal eruption in 1963 Tesla releases Tesla Semi truck pricing details The hottest retailtainment party of the year is at, um, Walmart Emoji Reaction Project transforms your Facebook emoji into activism 8 Thanksgiving comedy episodes you need to rewatch this holiday How to unearth all your old unread emails in Gmail's Priority Inbox 12 hidden tricks to help you master your iPhone X Snow fans will love this new U.S. winter outlook Lotteria's pizza People were hoping Amazon's Australian store would open today, but it kinda didn't

0.6844s , 10138.9375 kb

Copyright © 2025 Powered by 【Laruan】,Creation Information Network  

Sitemap

Top

Quick Links