BKIS, a Vietnamese security centre, recently demonstrated that face-recognition security programs found in Toshiba, Asus and Lenovo laptops can be bypassed with a special photo.
To enroll in the face recognition software, the built-in webcam on the laptop scans the face for prime areas, such as the eyes or more conspicuous facial features. The special photo, which does not have to be of high quality, is processed so that the key areas are enhanced and the contrast levels are adjusted to the expectations of the software.
Dong Ngo of CNET recently underwent a Skype demonstration with a BKIS technician. The technican then captured a photo of Ngo's face, and produced a special "unflattering" photo five minutes later using a special algorithm. Ngo was able to use the photo to log in to his Lenovo Y430. The technician later then demonstrated this procedure on similar Asus and Toshiba notebooks.
In lieu of fingerprint scanning and the traditional username/password combination, face recognition software may not be the most secure way to protect data. Until then, I'll just use my own "specially" produced photos (courtesy of Photoshop) to tweak that, uh, zit, maybe even change my eye color—ooh instant nose surgery—to log me in. But only after I post that photo of "myself" on my Facebook profile. Hah! [CNET Crave]