Re: Re: fprintd: found storing user fingerprints without encryption

[Roman Drahtmueller <draht () schaltsekun de>]

> > Dear all,
> >
> > I would like to report a vulnerability of 'fprintd'.
> >
> > 'fprintd' does not encrypt sensitive information before storage.
> > *CWE-311: Missing Encryption of Sensitive Data*

[...]

This misses the point.

* Encryption shifts the problem to protecting the symmetric key, which
  is the very same problem. => Encryption solves other problems, but not
  this one.
* If you have sufficient privileges to access the fingerprint data,
  then you no longer need the data.
* You can't "safeguard" the fingerprint data by applying additional O/S
  controls such as SELinux, AppArmor, etc, you can only add more useful
  privilege transitions and protect against attacks that exploit
  implementation errors. Google "store fingerprint data ios android",
  there are suitable solutions.

Mostly: Your fingerprint is not a secret like a password, it is a username.

Since you can't change the fingerprint (biometrics problem), it is not 
very useful as a single authentication factor. Either you live with 
this, or you combine the fingerprint with a different authentication 
factor type.

Roman.