Re: Let's talk about Fedora in the '20s!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 1/14/20 10:34 AM, Benson Muite wrote:

On 1/14/20 9:00 AM, Luya Tshimbalanga wrote:

On 2020-01-13 12:56 a.m., Benson Muite wrote:

On 1/12/20 9:38 AM, Luya Tshimbalanga wrote:
The challenge about upstream is when they lack activity for years and contributions are very difficult when users lack knowledge of coding without proper guidance. For example, attempting to improve say CellWriter (sorely missing due to the lack of port to Wayland compositor) and howdy, a Windows Hello facial recognition like for convertible laptops turned out too much as a graphic designer and trying to get someone knowing to code turned out complex than anticipated.

Only options is to actively test and give input so far.

Deepin Linux seems to have a face recognition login (or at least support for this), but still searching for the implementation. The two PAM based authentications (Howdy and PAM-facial-auth):

https://github.com/devinaconley/pam-facial-auth

https://github.com/boltgolt/howdy

seem to suggest they are not intended when high security is required. Tests on manufacturer developed authentication also seem to suggest not so secure:

https://www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password-slides.pdf

However, a number of banks and KFC do use this in China, so maybe a good open source implementation is missing (something other than a trial version). Most of these rely on machine learning algorithms, maybe something machine learning SIG might be interested in.

Thank you for the PDF. However, the presentation is sightly outdated given the listed hardware dating from 2008. Some modern laptops are equipped with a IR camera Windows Hello type device which could be suitable for iris recognition similar to devices like Samsung Galaxy S9.
Thanks for feedback. Not having to remember many passwords is very useful.

Maybe am wrong about faces/fingerprints as passwords:

https://www.openwall.com/lists/oss-security/2019/05/08/5


Speaking about howdy, I packaged it on COPR for testing purpose and looking for improvement.

Great, may be of interest:

https://github.com/boltgolt/howdy/issues/233

My initial worry is more on the security of the algorithms used in howdy and their effectiveness, rather than correct packaging and linux permissions. Internally Howdy uses convolutional neural networks (CNN - http://dlib.net/cnn_face_detector.py.html) and OpenCV to find and match faces. It would be nice if it had been subjected to stringent tests such as those done by NIST:

https://pages.nist.gov/frvt/html/frvt1N.html

see for example:

https://www.necam.com/AdvancedRecognitionSystems/NISTValidation/FingerprintFacial/

I am aware of fprintd but it is beyond my scope,

This is already packaged and has a wiki page:

https://koji.fedoraproject.org/koji/packageinfo?packageID=7228

https://fedoraproject.org/wiki/Features/Fingerprint

The source code of fprintd is at https://gitlab.freedesktop.org/libfprint/fprintd

For fingerprints, there also seem to be standards:

https://www.nist.gov/programs-projects/fingerprint-recognition

and a NIST implementation:

https://www.nist.gov/services-resources/software/nist-biometric-image-software-nbis

Not sure if fprintd matches these standards, or if there is something significantly better.


For biometric authentication applications such as fprintd and howdy, maybe some kind of quality assurances are required, in particular for hardware specifications and algorithm effectiveness, in addition to the normal packaging procedure.


_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux