RealSense cameras have been a fascinating piece of tech from Intel — we’ve seen a number of cool applications in the hacker world, from robots to smart appliances. Unfortunately Intel did discontinue parts of the RealSense lineup at one point, specifically the LiDAR and face tracking-tailored models. Apparently, these haven’t been popular, and we haven’t seen these in hacks either. Until now, that is. [Lina] brings us a real-world application for the RealSense face tracking cameras, a FaceID application for Linux.
The project is as simple as it sounds: if the camera’s built-in face recognition module recognizes you, your lockscreen is unlocked. With the target being Linux, it has to tie into the Pluggable Authentication Modules (PAM) subsystem for authentication, and of course, there’s a PAM module for RealSense to go with it, aptly named pam_sauron. This module is written in Zig, a modern C-like language, so it’s both a good example of how to create your own PAM integrations, and a path towards doing that in a different language for once. As usual, there’s TODOs, like improving the UX and taking advantage of some security features RealSense cameras have, but it’s nevertheless a fun and self-sufficient application for one of the F4XX-series RealSense cameras in case you happen to own one.
Ever since the introduction of RealSense we’ve seen these cameras used in robotics and 3D scanning, thanks at least in part due to their ability to be used in Linux. Thankfully, Intel only discontinued the less popular RealSense cameras, which didn’t affect the main RealSense lineup, and the hacker-beloved depth cameras are still available for all of our projects. Wondering about the tech behind it? Here’s a teardown of a RealSense camera module intended for laptop use.
PAM is an archaic system that should die as soon as possible. It was made by and for mad scientists, without a single active neuron. Since its inception 40 years ago, it’s still not able to propose 2 simultaneous login method (like Face ID like Howdy and Fingerprint and/or password). It’s not able to compose login from multiple different source (like 2FA with a physical key + password). It’s not able to run an agent. It’s triggering as many processes as there are “steps” in the login procedure. It’s dependent on a filesystem (so you can’t use that to decrypt your root FS).
For something like this I don’t think it matters how terrible PAM is – the core concept of FaceID is pretty terrible in its own right, and historically at least has proven really easy to spoof. Though I haven’t seen mention of folks trying to trick it recently so maybe it is now more challenging, but as I haven’t gone looking for more current details either…
For security it may suck, but there are plenty of other uses related to the face. e.g. emotion, etc.
Came here just to express my hatred of RealSense in general. Bought a brand new sensor from them when it was released, within 12 months they stopped providing updates, couldn’t debug why it froze with their test software on my machine and concluded it was a fault in Windows 7 or my machine, recommended that I bought an entirely new system of similar spec instead purely to test if it worked. Support only provided by community forums and one apparent insider. Giant useless paperweight which, by the time windows 10 evolved, was out of date and useless for the task I’d bought for it.
lol fair, that sounds like an Intel product indeed
Not a hotdog.