On 1/14/20 10:34 AM, Benson Muite wrote:
On 1/14/20 9:00 AM, Luya Tshimbalanga wrote:
On 2020-01-13 12:56 a.m., Benson Muite wrote:
On 1/12/20 9:38 AM, Luya Tshimbalanga wrote:
The challenge about upstream is when they lack activity for years
and contributions are very difficult when users lack knowledge of
coding without proper guidance. For example, attempting to improve
say CellWriter (sorely missing due to the lack of port to Wayland
compositor) and howdy, a Windows Hello facial recognition like for
convertible laptops turned out too much as a graphic designer and
trying to get someone knowing to code turned out complex than
anticipated.
Only options is to actively test and give input so far.
Deepin Linux seems to have a face recognition login (or at least
support for this), but still searching for the implementation. The
two PAM based authentications (Howdy and PAM-facial-auth):
https://github.com/devinaconley/pam-facial-auth
https://github.com/boltgolt/howdy
seem to suggest they are not intended when high security is
required. Tests on manufacturer developed authentication also seem
to suggest not so secure:
https://www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password-slides.pdf
However, a number of banks and KFC do use this in China, so maybe a
good open source implementation is missing (something other than a
trial version). Most of these rely on machine learning algorithms,
maybe something machine learning SIG might be interested in.
Thank you for the PDF. However, the presentation is sightly outdated
given the listed hardware dating from 2008. Some modern laptops are
equipped with a IR camera Windows Hello type device which could be
suitable for iris recognition similar to devices like Samsung Galaxy S9.
Thanks for feedback. Not having to remember many passwords is very
useful.
Maybe am wrong about faces/fingerprints as passwords:
https://www.openwall.com/lists/oss-security/2019/05/08/5
Speaking about howdy, I packaged it on COPR for testing purpose and
looking for improvement.
Great, may be of interest:
https://github.com/boltgolt/howdy/issues/233
My initial worry is more on the security of the algorithms used in
howdy and their effectiveness, rather than correct packaging and linux
permissions. Internally Howdy uses convolutional neural networks (CNN
- http://dlib.net/cnn_face_detector.py.html) and OpenCV to find and
match faces. It would be nice if it had been subjected to stringent
tests such as those done by NIST:
https://pages.nist.gov/frvt/html/frvt1N.html
see for example:
https://www.necam.com/AdvancedRecognitionSystems/NISTValidation/FingerprintFacial/
I am aware of fprintd but it is beyond my scope,
This is already packaged and has a wiki page:
https://koji.fedoraproject.org/koji/packageinfo?packageID=7228
https://fedoraproject.org/wiki/Features/Fingerprint
The source code of fprintd is at
https://gitlab.freedesktop.org/libfprint/fprintd
For fingerprints, there also seem to be standards:
https://www.nist.gov/programs-projects/fingerprint-recognition
and a NIST implementation:
https://www.nist.gov/services-resources/software/nist-biometric-image-software-nbis
Not sure if fprintd matches these standards, or if there is something
significantly better.
For biometric authentication applications such as fprintd and howdy,
maybe some kind of quality assurances are required, in particular for
hardware specifications and algorithm effectiveness, in addition to
the normal packaging procedure.
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
