Results 1 to 5 of 5
Thread: Thinkpad Fingerprint Reader
Enjoy an ad free experience by logging in. Not a member yet? Register.
Thinkpad Fingerprint Reader
I doubt you can get it to work on linux, but regardless, I think it's just another marketing gimick. First off, (AFAIK) it doesn't protect the BIOS or anything, which means you should be able to use a live distro to get around it. Also, (again AFAIK) it stores the fingerprint information the same way it stores windows passwords , which means this can be hacked without too much trouble. Just ask yourself "Do I really need this?". A friend has a laptop with the fingerprint reader and all this means is that it takes about 10 seconds longer than usuall for him to start Windows.
Really? I can see what you mean about the real benefit of it but my company (a gov. contractor) places a great deal of importance on laptop security. We do things like encrypt file systems and use various forms of authentication to protect our clients' projects/data so I just thought this might add another layer to that. I had actually heard, though, that the newer models of Thinkpads could integrate the fingerprint reader into the BIOS. Anyways, thanks for the reply. My hopes weren't too high to begin with.
Originally Posted by psic
- Join Date
- Dec 2006
On IBM/Lenovo laptops, the fingerprint reader can be configured to protect access to the BIOS; it can also be used to prevent to booting of any kind off any devices, including internal disk and CD-ROM.
The data for the fingerprint reader can be stored protected using the integrated TPM chip in IBM laptops. When stored in this way, the data is not available from the machine's hard disk. The TPM chip is designed to be tamper-resistant, so the data protected by it should be inaccessible to anyone lacking engineering experience and specialized lab equipment (in order to, for instance, remove the epoxy casing surrounding the chip).
The fingerprint reader on IBM laptops can also be used to protect passwords by storing them on disk (without the TPM chip), and the BIOS protection is optional, so a configuration such as you describe is possible on these machines, but is only one way to use the device. Also, other laptops with integrated fingerprint readers (such as newer Dells) may work differently, without a TPM chip. However, the fingerprint reader devices produced by IBM/Lenovo can be configured to be an effective security measure, with the weakest point likely being the fingerprint recognition itself.
I've seen both of these features in action by configuring them on Thinkpads (using the provided Windows software), but they're no secret:
What can our Fingerprint Reader offerings do for you? ... BIOS password (also known as power-on password) replacement is currently available on select ThinkPad notebook systems.
(describes the external USB fingerprint reader, which is the same type of device integrated into Thinkpads)
The USB Fingerprint Reader is supported on PCs with a USB port.
The full functionality of this product is only available on notebooks and desktop systems that have a Trusted Platform Module (TPM) security co-processor and Client Security Software (CSS).
The ThinkPad fingerprint scanner communicates with a TPM (Trusted Platform Module) chip located on the motherboard. ... ThinkPads also take advantage of the ability to use BIOS passwords to require authentication when starting the computer or accessing the hard drive.
- Join Date
- Dec 2006
There is an integrated fingerprint reader on the right side of the machine, approximately where your palm would rest while typing. It's supposed to allow you to use a scan of your finger instead of passwords in various applications and such, but at the moment it only works in Windows.