this post was submitted on 05 May 2024
461 points (96.8% liked)

linuxmemes

21273 readers
1433 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  • Β 

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS
     

    Why the oems resist giving proper drivers for fingerprint😑 https://lemy.lol/post/24413858

    all 50 comments
    sorted by: hot top controversial new old
    [–] cygnus@lemmy.ca 84 points 6 months ago (3 children)

    The one on my ThinkPad started working when I upgraded to KDE 6 / Wayland. I was pretty happy about that.

    [–] null@slrpnk.net 18 points 6 months ago

    Oooh I gotta try that

    [–] archer@lemmy.ml 9 points 6 months ago (1 children)

    For me it only works for signing in after sleep, but not for anything else (T490). Does your Thinkpad work better/in more ways?

    [–] cygnus@lemmy.ca 1 points 6 months ago

    Same, I can't use it in the terminal or anything like that, but it didn't work at all before.

    [–] pete_the_cat@lemmy.world 4 points 6 months ago (1 children)

    Oh nice, I have a Carbon X1. I knew that fprintd has worked for a while, and has allowed me to enroll fingerprints, but has never successfully worked for authentication.

    [–] cygnus@lemmy.ca 2 points 6 months ago

    That was my issue too, also on an X1C (gen 9)

    [–] bjoern_tantau@swg-empire.de 73 points 6 months ago

    Linux is just more secure and keeps you from doing a stupid mistake.

    [–] acockworkorange@mander.xyz 53 points 6 months ago

    If they did that we’d discover a minix system sending your fingerprints to CIA. and we can’t have that now, can we?

    [–] merthyr1831@lemmy.world 52 points 6 months ago (1 children)

    im sure there isnt a malicious reason why many fingerprint reader drivers are proprietary

    [–] Andromxda@lemmy.dbzer0.com 3 points 6 months ago

    And I'm sure that there's a completely closed, separated and proprietary subsystem in your CPU that has access to everything happening on your computer. Literally everything, all input and output, everything the CPU is doing, just everything. Look up Intel ME or AMD PSP

    [–] Twitches@lemm.ee 29 points 6 months ago (2 children)

    I understand wanting to use this, but, fingerprint reader is so I secure I usually avoid it.

    [–] thanks_shakey_snake@lemmy.ca 17 points 6 months ago (4 children)

    Is it really less secure than a password? How so?

    [–] Gormadt@lemmy.blahaj.zone 45 points 6 months ago (1 children)

    If it's compromised you can't change it for one

    Also you can't be legally forced without a warrant to give a password but biometric data you can be legally forced without a warrant to give up

    [–] foggy@lemmy.world 35 points 6 months ago (1 children)

    Lol let's take the kid gloves off, shall we?

    Fingerprints, as a means of authentication, is just straight up not secure.

    [–] Bassman1805@lemmy.world 14 points 6 months ago (1 children)

    Man, I knew fingerprint encryption was bad but that is nuts.

    [–] PumpkinEscobar@lemmy.world 23 points 6 months ago (3 children)

    Fwiw they’re able to do the same thing by the sound of someone typing a password across the room. Not advocating for fingerprints or anything, just these exotic hacks are everywhere

    [–] marcos@lemmy.world 7 points 6 months ago

    The thing is, one of those attacks requires you to type your password. The other requires you to touch something.

    ...my memory was that this only worked after the routine had been trained on your typing idiosyncrasies

    [–] foggy@lemmy.world 5 points 6 months ago

    This one's my fav

    [–] bjoern_tantau@swg-empire.de 16 points 6 months ago (1 children)

    With a password you can have an exact binary comparison. Either you supplied the correct password or you didn't.

    But with biometrics you just have an approximation because your fingerprints change slightly due to the position in which you hold them, your health, humidity, pressure and probably other stuff I'm not thinking of. So the sensor can only say that it's like 95 % or whatever sure that it got the correct fingerprint. And this uncertainty makes it much easier to exploit.

    And your fingerprint is not secret. You leave it all over the place. Especially on devices you use every day. And your fingerprint can (and will) be taken without your consent. And you cannot change your fingerprint if it gets compromised.

    All those spy movies showing how trivial it is to circumvent biometric security have in common that whatever method they used was realistic.

    [–] Twitches@lemm.ee 4 points 6 months ago

    Lol my hands are jacked from physical labor and health, scars on my fingers, dry skin, my thumb print only works only 50% of the time anyhow.

    A fingerprint is a password you leave a copy of on everything you touch.

    [–] MonkderDritte@feddit.de 6 points 6 months ago

    Biometric data can be used as login but is unsuitable as password, since it can't be changed once compromised.

    [–] henfredemars@infosec.pub 5 points 6 months ago (1 children)

    I use it if only because my wife won't use passwords on her devices. We aren't even at step one for device security. I'll take what I can get, or what she's willing to work with.

    [–] acockworkorange@mander.xyz 1 points 6 months ago

    Can you get to 2FA with a 4 digit PIN, at least?

    [–] baseless_discourse@mander.xyz 29 points 6 months ago (1 children)

    This is why you buy laptop from companies that officially support linux.

    [–] thevoidzero@lemmy.world 6 points 6 months ago

    System 76 laptop has fingerprint sensor. They don't say it has one cuz it's not supported.

    And since it's designed to be used as a tap/scan, and power button only on hard restart/shutdown it's hard to press to stop it being pressed on fingerprint scan, the hardware not being supported means you have to press the power button a lot instead of fingerprint.

    [–] pineapplelover@lemm.ee 27 points 6 months ago (2 children)

    Fprint works amazingly well on my thinkpad. Worked fine for me on KDE Plasma 5 and also works on Plasma 6 for me too.

    [–] MazonnaCara89@lemmy.ml 11 points 6 months ago* (last edited 6 months ago) (1 children)

    And that's because your laptop is a thinkpad, indeed I got my fingerprint reader working on my ideapad because it has the same fingerprint reader of a thinkpad, but to get it working I needed to install the driver myself

    [–] pineapplelover@lemm.ee 7 points 6 months ago

    I guess that's why everybody buys ThinkPads if they wanna use Linux hee hee

    [–] LordPassionFruit@lemm.ee 2 points 6 months ago (1 children)

    Weirdly enough, I've never got fprint working on my thinkpad (albeit I've only attempted twice).

    Both times, it works fine whenever I only set up my index finger. Adding my thumb (or any other finger) then prevents either from working, removing either finger removes both, and then prevents me from adding it back.

    I have no idea why I'm having this issue, but I'm assuming I'm just missing something.

    [–] pineapplelover@lemm.ee 0 points 6 months ago

    Just use one finger only then

    [–] hperrin@lemmy.world 8 points 6 months ago

    I’m really happy that my new Framework laptop’s fingerprint reader worked perfectly out of the box.

    [–] april@lemmy.world 8 points 6 months ago

    It depends if you're lucky with the exact model of sensor you have

    [–] OR3X@lemm.ee 7 points 6 months ago

    I've had good luck with the fingerprint scanners in various HP business laptops and fprint. The one on my old Dell laptop was straight-up unsupported though.

    [–] BoneALisa@lemm.ee 7 points 6 months ago

    Ive had this problem extensively, but my new Dell XPS' works out of the box!

    [–] onlinepersona@programming.dev 6 points 6 months ago (1 children)

    Never got the appeal even when I was on windows long long ago. It's not secure.

    Anti Commercial-AI license

    [–] vox@sopuli.xyz 6 points 6 months ago* (last edited 6 months ago)

    passkeys?
    no need to use the 4 digit pin every single time.

    [–] sickday@kbin.social 5 points 6 months ago

    I stopped using them altogether when my job provisioned a YubiKey. Got one for personal usage and it's pretty solid for just about everything I'd have used a fingerprint sensor for.

    [–] Ironfacebuster@lemmy.world 5 points 6 months ago

    I have a windows laptop with a fingerprint sensor that worked exactly like this lol

    I'd reinstall the driver, it would work for a day, then stop working. One day I updated the laptop to Windows 11 and I think it fixed it, but is it worth the ads coming soon? I will see.

    [–] JoMiran@lemmy.ml 4 points 6 months ago

    Works on my Thinkpad.

    [–] OpenStars@discuss.online 3 points 6 months ago

    Mine works just fine... on my Mac OSX:-).

    If anyone is worrying about security, don't use it for that, or at all if you don't want, but it sure is nice to have that option if/when I want.

    Seriously, I have multiple layers of security - extremely long & complex & unique passwords plus 2FA for banking, another (different) password and a PIV for work, etc. - and I really enjoy being able to get back into my desktop at a moment's notice after grabbing a coffee. It even enhances security in several ways: e.g. by facilitating using a shorter time-out until the system asks for authentication, plus allows you to use a more complex password for your account, knowing that you won't have to type the whole damn thing in 50 times a day. Also, even if someone had a literal camera over your shoulder watching you type your password (work? public space like library?), they would not get your fingerprint that particular way. Or if you really want to get paranoid (I don't think Mac will let you do this by default without additional software though), you could require both password + fingerprint?

    It is also worth noting that the issues for desktops are not identical to those of mobile devices: someone would have to gain physical access to my machine in the first place (afaik? now I wonder about that though... are the security credentials stored in a less secure manner that a remote intrusion could spoof more readily?), which is far less common than a mobile device that you take with you and is also smaller so more easily stolen.

    Protect the stuff you value the most, but for the common stuff it is nice to have a quicker method of access. Like everything else, this is merely one tool in your toolbox that you can decide how & when to use appropriately.

    [–] r0bi@infosec.pub 3 points 6 months ago (1 children)
    [–] Pantherina@feddit.de 1 points 6 months ago

    Same on Thinkpad T495

    [–] mvirts@lemmy.world 3 points 6 months ago

    My old t22 had one that worked perfectly, rip.

    [–] recarsion@discuss.tchncs.de 3 points 6 months ago (2 children)

    Am I the only one who's fine with typing a password?

    [–] Aganim@lemmy.world 2 points 6 months ago

    Nah, I'm also fine with it. Fingerprint sensors hate me anyway, on every phone I owned I needed to rescan my prints every few weeks or so because they just won't recognise me after a while. These days I just use passwords and pin codes.

    [–] ArcaneSlime@lemmy.dbzer0.com 2 points 6 months ago

    Nah, the police in my country can compel use of biometrics but not password/key. I refuse to set them up at all.

    Outside that even, on like a phone, what if I'm sleeping and a GF uses my finger without consent? It's a security hole imo.

    [–] Shareni@programming.dev 2 points 6 months ago

    Got it working on my ThinkPad t480 - realised I can only maybe sometimes log into the user account. Can't replace sudo, gpg, or any other type of password, and if I remember correctly it couldn't even unlock the screen. Gave up on that idea completely.

    Funnily enough, the actual fingerprint recognition was more often successful on Linux than on windows.