Public bug reported: Dear all,
Currently, libfprint saves a fingerprint image (FP1 or 2?) to a file on the host without any encryption. Once fingerprint has been leaked, victims are leaked for the rest of life since it lasts for a life. It is necessary to prepare for the problem. Especially, when I use `fp_print_data_save()` using libfprint library for enrolling my fingerprints, the image is saved in user’s home directory without any protection scheme. Though `fprintd` generates fingerprint image with root permission for protecting the file from attackers, it is not of itself sufficient. FYI, similar issues on Android have been reported and cryptographic operations are introduced to encrypt fingerprint (see [1-2]). [1] https://www.blackhat.com/docs/us-15/materials/us-15-Zhang-Fingerprints-On-Mobile-Devices-Abusing-And-Leaking-wp.pdf [2] https://www.zdnet.com/article/hackers-can-remotely-steal-fingerprints-from-android-phones/ Lastly, is it a kind of `CWE-311: Missing Encryption of Sensitive Data`? (see https://cwe.mitre.org/data/definitions/311.html) Many thanks!! ** Affects: libfprint (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libfprint in Ubuntu. https://bugs.launchpad.net/bugs/1818938 Title: Found storing user fingerprints as raw image files Status in libfprint package in Ubuntu: New Bug description: Dear all, Currently, libfprint saves a fingerprint image (FP1 or 2?) to a file on the host without any encryption. Once fingerprint has been leaked, victims are leaked for the rest of life since it lasts for a life. It is necessary to prepare for the problem. Especially, when I use `fp_print_data_save()` using libfprint library for enrolling my fingerprints, the image is saved in user’s home directory without any protection scheme. Though `fprintd` generates fingerprint image with root permission for protecting the file from attackers, it is not of itself sufficient. FYI, similar issues on Android have been reported and cryptographic operations are introduced to encrypt fingerprint (see [1-2]). [1] https://www.blackhat.com/docs/us-15/materials/us-15-Zhang-Fingerprints-On-Mobile-Devices-Abusing-And-Leaking-wp.pdf [2] https://www.zdnet.com/article/hackers-can-remotely-steal-fingerprints-from-android-phones/ Lastly, is it a kind of `CWE-311: Missing Encryption of Sensitive Data`? (see https://cwe.mitre.org/data/definitions/311.html) Many thanks!! To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1818938/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
