We’ve got two hacks in one from [Serge Rabyking] on fingerprint scanning. Just before leaving on a trip he bought a laptop on the cheap. He didn’t pay much attention to the features and was disappointed it didn’t have a fingerprint scanner. Working in Linux he uses sudo a lot and typing the password is a hassle. Previously he just swiped his finger on the scanner and execution continued.
He found a cheap replacement fingerprint scanner on hacker’s heaven, also known as eBay. It had four wires attached to a 16 pin connector. Investigation on the scanner end showed the outer pair were power and ground which made [Serge] suspect it was a USB device. Wiring up a USB connector and trying it the device was recognized but with a lot of errors. He swapped the signal lines and everything was perfect. He had sudo at his finger tip.
Next he wonder if it would work with a Raspberry Pi. He installed the necessary fingerprint scanning software, ran the enrollment for a finger, and it, not terribly surprisingly, worked.
On Linux the command fprintd-enroll reads and stores the fingerprint information. By default it scans and saves the right index finger but all ten fingers can be scanned and stored. Use libpam-fprintd to enable account login using a finger. Anyone know how you can trigger other events using a different finger? A quick search didn’t turn up any results.
In true hacker style, [Serge] created his own fingerprint reader from a replacement part. But you can jump start your finger usage by purchasing one of many inexpensive available readers.
Not to self: wear gloves at all times so no one can steal fingerprints. Oops. Too late….
Yeaaaaah. I DO seem to recall HaD did an article recently on exactly WHY fingerprints make TERRIBLE PASSWORDS. (quick recap: Lack of hashability, Frequent spread, Inability to be revoked)
I am really sorry…
I love Hack A Day… Ive never complained before… but this is not an article.
Man buys USB fingerprint scanner, and attaches is to USB port. and it works.
Thats it… no hacking, no modding, nothing…. Just a dude plugging in a USB device…
Calum has a point…
my feeling is this “article” fills the function to make us associate ebay with “hacker’s heaven”.
i mean come on all china stuff sold on ebay is dropshipped from alibaba and the likes. just skip the middleman, skip ebay.
Often ebay is cheaper option for small items, so no. Also point of article is not as primitive – dude checked his notebook, make an educated guess about possibility of reusing parts and confirmed. This article was pretty useful to me, since I wondered about such option, but never actually checked and now I know for sure that it’s possible. So far it seems to be cheapest option to add fingerprint scaner to PC.
Your probably right but we see these all the time. Hey, he DID have to figure out the pinout.
Guy buys fingerprint scanner replacement part. It’s not listed as USB anywhere! It’s notable enough that these things are USB in the end and can be hacked to work, but it’s by no means obvious.
Your post is more useless than this article.
If you read his article, He purchased the device, knowing it was a USB device.
“I looked at my old Lenovo X200 laptop and typed lsusb and found that fingerprint scanner is actually on USB bus. Aha, this is USB device”
You still haven’t justified your crappy comment, though. At least there’s some useful information in the article. But every whiny shit who goes “ugh this isn’t a hack” or “ugh why did they use an arduino” or “ugh hackaday used to be better” are the ones dragging HAD down, not the staff. Why not just leave *without* leaving a giant dump on the doorstep as you go?
The editors say time and time again that the site should provide one hack per day, so other posts can be fillers.
Even if there’s absolutely no hack on this article, I liked it. It gave me ideas. I was thinking about securing my car using the bluetooth from my phone, but now I am planing to use a fingerprint reader.
No hack, sure, but is something to think about AND create something.
The hack is what you do when you want the guy’s security credentials for yourself… A small hatchet or some stout pruning shears will work.
Seriously. Who decided fingerprint security is a good idea?
I have no idea about these cheap modules, but good ones discriminate between live and dead finger, ie chopping the finger won’t work.
It’s also unnecessary. If you’ve got physical access to a laptop to let you scan a dismembered finger you could pull the drive and read off the contents that way. Hell, if you’re going to cut someone’s finger off, you’re probably able to scare the guy into willingly unlocking the thing for you.
Locks don’t have to be impenetrable to be useful.
He didn’t buy a “USB device”. He bought what appears to be a built-in fingerprint scanner from a broken laptop (or a replacement for such) with a 4-wire lead. It turned out to be USB-compatible, making it simpler to connect as he didn’t have to spin his own board to interface with the computer. Kudos to [Serge]- now I wonder if the one out of my dead Thinkpad would work this way (or maybe across gpio).
You can take the risk with the old thinkpad. All fingerprint readers I have ever seen work over USB.
From the linked blog article:
“I looked at my old Lenovo X200 laptop and typed lsusb and found that fingerprint scanner is actually on USB bus. Aha, this is USB device.
I bought spare 42W7764 fingerprint scanner taken from Lenovo laptop. It cost me around £3 from e-bay. It came with interesting flat cable and strange connector. That connector has 16 pins but flat cable has only four tracks. I just guessed that these four tracks basically USB bus. Close look at PCB confirmed that two offside pins are ground and power and two in the middle likely some differential signal.
I cut flat cable in half and soldered USB cable. First I soldered GND(black) and +5V(red) and then soldered green and white in the standard order as in USB connector. After connecting, Ubuntu said that USB device appeared but with a lot of bus errors. I swapped green and white and finally got next system logs:
usb 1-4.3: new full-speed USB device number 8 using xhci_hcdusb 1-4.3: New USB device found, idVendor=0483, idProduct=2016
usb 1-4.3: New USB device strings: Mfr=1, Product=2, SerialNumber=0
usb 1-4.3: Product: Biometric Coprocessor
usb 1-4.3: Manufacturer: STMicroelectronics
usb 1-4.3: ep 0x83 – rounding interval to 128 microframes, ep desc says 160 microframes”
Seems pretty hacky & pretty cool to me. Digging out my old, busted Thinkpad now to try for myself. peace
Let me start by saying I am not attacking anyone in this response. If my words at all come across harsh I don’t mean it that way.
I’ve been messing with stuff for decades. If I run across an item like this that explains something I didn’t know I figure there are other people, hackers, who don’t know it either. Next, did something happen besides just plugging something in? In this case it was minimal but the pinout did need to be deciphered. Then software needed to be installed. I didn’t know what software would be needed so found that interesting. At that point there were 2 things I learned and one minimal physical hack.
Plus it made me think about what else might be done with a fingerprint reader. Anyone know how you can cause other commands to be executed? How can I start up the web browser by scanning my right pinky?
Guys, we all know stuff that others don’t. The idea, for me, is to find some of those things on the web and write about them. I also find nice descriptions of what I do know and share those because I know someone out there were go, “Wow! You can do that.”
Have a good day.
I thought it is interesting. Having done a million hacks before, it’s refreshing to see someone just try something with existing parts and combining them using Linux. Kind of a hack. Thanks Hackaday for not limiting the articles to just simple hacks, and teaching us technogeeks something new.
Yup or you could just buy from E-Bay FingerPrint Scanner with nice little box and USB cable for 10usd…
Or you could just spend $3 like this guy did.
^^sorry, £3 (GBP), so under $5 (US).
Or you could spend $0 and enable this in your /etc/sudoers file, since it’s effectively the same thing:
# Uncomment to allow members of group sudo to not need a password
# %sudo ALL=NOPASSWD: ALL
Granted, someone else could *gasp* issue sudo commands on his laptop given physical or ssh access, but if they already have physical or ssh access they already “own” the system. All sudo is meant to do is stop the user from working in the root account, it’s not any kind of security against third parties. Using a fingerprint reader is just a neat trick, not a hack nor a security feature.
If you do this, you might as well just login as root, as it bypasses all the security features that running as a non-privileged user with sudo implements. That is to say that a malicious program can gain elevated privileges without you knowing it.
That was my point: “…it’s not any kind of security against third parties.”
i was hoping to glean some insight on how to scan and match fingerprint with a camera/paper scanner.
i know its quite a difficult process, more robust and more convoluted than simple pattern recognition.
i was disappointed.
To me the flaw of fingerprint scanners and the like is that you can’t give ‘a key’ to someone to whatever you locked with it, you’d have to get the person to come round and have him volunteer to be scanned and then add him to the db, and that’s all assuming you have admin access to the scanner in question.
Although as with phones and such you can always also have a traditional access as backup of course.
I only opened the comments to see some jokes. I thought the invitation in the post was pretty clear. “Anyone know how you can trigger other events using a different finger?”
Try holding up the middle one in traffic.
Anyways. Security is relative to application. No need to argue about methods. But the convenience! The last laptop i owned could load a website and log on to it with the swipe of a finger. It’s like having a single button that is customizable for each finger.
Fingerprints as biometric security would probably be better if it required a “passcode” style of input. Pinky-pinky-thumb-index-middle.