Find the answer to your Linux question:
Results 1 to 5 of 5
Does anybody know if the integrated fingerprint reader on Lenovo's (IBM) line of laptops will work with Linux? The specific model I'm looking at is the R52 but I would ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Engineer Thrillhouse's Avatar
    Join Date
    Jun 2006
    Location
    Arlington, VA, USA
    Posts
    1,377

    Thinkpad Fingerprint Reader


    Does anybody know if the integrated fingerprint reader on Lenovo's (IBM) line of laptops will work with Linux? The specific model I'm looking at is the R52 but I would assume that the same fingerprint reader would work on different models. I was going to find out through Lenovo's website but you need to register yourself in order to do that. Thanks in advance.

    -Kurt

  2. #2
    Linux Engineer psic's Avatar
    Join Date
    Nov 2004
    Location
    Ljubljana, Slovenia
    Posts
    1,205
    I doubt you can get it to work on linux, but regardless, I think it's just another marketing gimick. First off, (AFAIK) it doesn't protect the BIOS or anything, which means you should be able to use a live distro to get around it. Also, (again AFAIK) it stores the fingerprint information the same way it stores windows passwords , which means this can be hacked without too much trouble. Just ask yourself "Do I really need this?". A friend has a laptop with the fingerprint reader and all this means is that it takes about 10 seconds longer than usuall for him to start Windows.

  3. #3
    Linux Engineer Thrillhouse's Avatar
    Join Date
    Jun 2006
    Location
    Arlington, VA, USA
    Posts
    1,377
    Really? I can see what you mean about the real benefit of it but my company (a gov. contractor) places a great deal of importance on laptop security. We do things like encrypt file systems and use various forms of authentication to protect our clients' projects/data so I just thought this might add another layer to that. I had actually heard, though, that the newer models of Thinkpads could integrate the fingerprint reader into the BIOS. Anyways, thanks for the reply. My hopes weren't too high to begin with.

    -Kurt

  4. #4
    Just Joined!
    Join Date
    Dec 2006
    Posts
    1
    Quote Originally Posted by psic
    First off, (AFAIK) it doesn't protect the BIOS or anything, which means you should be able to use a live distro to get around it. Also, (again AFAIK) it stores the fingerprint information the same way it stores windows passwords
    This is incorrect.

    On IBM/Lenovo laptops, the fingerprint reader can be configured to protect access to the BIOS; it can also be used to prevent to booting of any kind off any devices, including internal disk and CD-ROM.

    The data for the fingerprint reader can be stored protected using the integrated TPM chip in IBM laptops. When stored in this way, the data is not available from the machine's hard disk. The TPM chip is designed to be tamper-resistant, so the data protected by it should be inaccessible to anyone lacking engineering experience and specialized lab equipment (in order to, for instance, remove the epoxy casing surrounding the chip).

    The fingerprint reader on IBM laptops can also be used to protect passwords by storing them on disk (without the TPM chip), and the BIOS protection is optional, so a configuration such as you describe is possible on these machines, but is only one way to use the device. Also, other laptops with integrated fingerprint readers (such as newer Dells) may work differently, without a TPM chip. However, the fingerprint reader devices produced by IBM/Lenovo can be configured to be an effective security measure, with the weakest point likely being the fingerprint recognition itself.

    I've seen both of these features in action by configuring them on Thinkpads (using the provided Windows software), but they're no secret:

    http://www.pc.ibm.com/us/security/fi...intreader.html

    What can our Fingerprint Reader offerings do for you? ... BIOS password (also known as power-on password) replacement is currently available on select ThinkPad notebook systems.
    http://www-307.ibm.com/pc/support/si...cid=MIGR-64724
    (describes the external USB fingerprint reader, which is the same type of device integrated into Thinkpads)

    The USB Fingerprint Reader is supported on PCs with a USB port.

    The full functionality of this product is only available on notebooks and desktop systems that have a Trusted Platform Module (TPM) security co-processor and Client Security Software (CSS).
    http://redmondmag.com/columns/articl...torialsID=1042

    The ThinkPad fingerprint scanner communicates with a TPM (Trusted Platform Module) chip located on the motherboard. ... ThinkPads also take advantage of the ability to use BIOS passwords to require authentication when starting the computer or accessing the hard drive.

  5. #5
    Linux Newbie
    Join Date
    Dec 2006
    Posts
    105
    There is an integrated fingerprint reader on the right side of the machine, approximately where your palm would rest while typing. It's supposed to allow you to use a scan of your finger instead of passwords in various applications and such, but at the moment it only works in Windows.
    Unix, Linux tips...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •