USB sticks and cards with fingerprint readers: another Sad XOR story

Heise-online.co.uk is reporting another sad-sad-sad XOR Story. It seems that some usb biometric pendrives are relying on the pc’software to unlock the safe partition, instead of bothering inside the chip itself.

“…the controller on the stick does not decide whether to provide access to the partition; the software running on Windows does. “

It seems that a simple open source utility, PLscsi, will unlock the safe partition, without superglue and latex biometric hacks.

“…You do not need to use superglue and latex to forge fingerprints if you want to access the data “protected” on these sticks from **** and ****

and finally:

“Conclusion: The fingerprint sensors in the products mentioned above apparently only serve one purpose: they mislead interested buyers. “

I don’t understand the point of these Snakeoils sellers. Nowadays, these tricks don’t stay covered for a long time. Sometime someone will find out and verbose it. And personally, I would never buy again from a company that resorts to these ugly commercial tricks, so it’s all-loss, on my opinion.
See my other post here and here, and thanks Heise-online.co.uk to uncovering this out.

[Source: ./ ]

Advertisements