Why the oems resist giving proper drivers for fingerprintπ‘ https://lemy.lol/post/24413858
The one on my ThinkPad started working when I upgraded to KDE 6 / Wayland. I was pretty happy about that.
this post was submitted on 05 May 2024
460 points (96.7% liked)
linuxmemes
20473 readers
807 users here now
I use Arch btw
Sister communities:
- LemmyMemes: Memes
- LemmyShitpost: Anything and everything goes.
- RISA: Star Trek memes and shitposts
Community rules
- Follow the site-wide rules and code of conduct
- Be civil
- Post Linux-related content
- No recent reposts
Please report posts and comments that break these rules!
founded 1 year ago
MODERATORS
Oooh I gotta try that
For me it only works for signing in after sleep, but not for anything else (T490). Does your Thinkpad work better/in more ways?
Same, I can't use it in the terminal or anything like that, but it didn't work at all before.
Oh nice, I have a Carbon X1. I knew that fprintd has worked for a while, and has allowed me to enroll fingerprints, but has never successfully worked for authentication.
That was my issue too, also on an X1C (gen 9)
Linux is just more secure and keeps you from doing a stupid mistake.
If they did that weβd discover a minix system sending your fingerprints to CIA. and we canβt have that now, can we?
im sure there isnt a malicious reason why many fingerprint reader drivers are proprietary
And I'm sure that there's a completely closed, separated and proprietary subsystem in your CPU that has access to everything happening on your computer. Literally everything, all input and output, everything the CPU is doing, just everything. Look up Intel ME or AMD PSP
I understand wanting to use this, but, fingerprint reader is so I secure I usually avoid it.
Is it really less secure than a password? How so?
If it's compromised you can't change it for one
Also you can't be legally forced without a warrant to give a password but biometric data you can be legally forced without a warrant to give up
Lol let's take the kid gloves off, shall we?
Fingerprints, as a means of authentication, is just straight up not secure.
Man, I knew fingerprint encryption was bad but that is nuts.
Fwiw theyβre able to do the same thing by the sound of someone typing a password across the room. Not advocating for fingerprints or anything, just these exotic hacks are everywhere
...my memory was that this only worked after the routine had been trained on your typing idiosyncrasies
The thing is, one of those attacks requires you to type your password. The other requires you to touch something.
With a password you can have an exact binary comparison. Either you supplied the correct password or you didn't.
But with biometrics you just have an approximation because your fingerprints change slightly due to the position in which you hold them, your health, humidity, pressure and probably other stuff I'm not thinking of. So the sensor can only say that it's like 95 % or whatever sure that it got the correct fingerprint. And this uncertainty makes it much easier to exploit.
And your fingerprint is not secret. You leave it all over the place. Especially on devices you use every day. And your fingerprint can (and will) be taken without your consent. And you cannot change your fingerprint if it gets compromised.
All those spy movies showing how trivial it is to circumvent biometric security have in common that whatever method they used was realistic.
Lol my hands are jacked from physical labor and health, scars on my fingers, dry skin, my thumb print only works only 50% of the time anyhow.
A fingerprint is a password you leave a copy of on everything you touch.
Biometric data can be used as login but is unsuitable as password, since it can't be changed once compromised.
I use it if only because my wife won't use passwords on her devices. We aren't even at step one for device security. I'll take what I can get, or what she's willing to work with.
Can you get to 2FA with a 4 digit PIN, at least?
This is why you buy laptop from companies that officially support linux.
System 76 laptop has fingerprint sensor. They don't say it has one cuz it's not supported.
And since it's designed to be used as a tap/scan, and power button only on hard restart/shutdown it's hard to press to stop it being pressed on fingerprint scan, the hardware not being supported means you have to press the power button a lot instead of fingerprint.
Fprint works amazingly well on my thinkpad. Worked fine for me on KDE Plasma 5 and also works on Plasma 6 for me too.
And that's because your laptop is a thinkpad, indeed I got my fingerprint reader working on my ideapad because it has the same fingerprint reader of a thinkpad, but to get it working I needed to install the driver myself
I guess that's why everybody buys ThinkPads if they wanna use Linux hee hee
Weirdly enough, I've never got fprint working on my thinkpad (albeit I've only attempted twice).
Both times, it works fine whenever I only set up my index finger. Adding my thumb (or any other finger) then prevents either from working, removing either finger removes both, and then prevents me from adding it back.
I have no idea why I'm having this issue, but I'm assuming I'm just missing something.
Just use one finger only then
Iβm really happy that my new Framework laptopβs fingerprint reader worked perfectly out of the box.
It depends if you're lucky with the exact model of sensor you have
I've had good luck with the fingerprint scanners in various HP business laptops and fprint. The one on my old Dell laptop was straight-up unsupported though.
Ive had this problem extensively, but my new Dell XPS' works out of the box!
Never got the appeal even when I was on windows long long ago. It's not secure.
passkeys?
no need to use the 4 digit pin every single time.
I have a windows laptop with a fingerprint sensor that worked exactly like this lol
I'd reinstall the driver, it would work for a day, then stop working. One day I updated the laptop to Windows 11 and I think it fixed it, but is it worth the ads coming soon? I will see.
I stopped using them altogether when my job provisioned a YubiKey. Got one for personal usage and it's pretty solid for just about everything I'd have used a fingerprint sensor for.
Works on my Thinkpad.
Mine works just fine... on my Mac OSX:-).
If anyone is worrying about security, don't use it for that, or at all if you don't want, but it sure is nice to have that option if/when I want.
Seriously, I have multiple layers of security - extremely long & complex & unique passwords plus 2FA for banking, another (different) password and a PIV for work, etc. - and I really enjoy being able to get back into my desktop at a moment's notice after grabbing a coffee. It even enhances security in several ways: e.g. by facilitating using a shorter time-out until the system asks for authentication, plus allows you to use a more complex password for your account, knowing that you won't have to type the whole damn thing in 50 times a day. Also, even if someone had a literal camera over your shoulder watching you type your password (work? public space like library?), they would not get your fingerprint that particular way. Or if you really want to get paranoid (I don't think Mac will let you do this by default without additional software though), you could require both password + fingerprint?
It is also worth noting that the issues for desktops are not identical to those of mobile devices: someone would have to gain physical access to my machine in the first place (afaik? now I wonder about that though... are the security credentials stored in a less secure manner that a remote intrusion could spoof more readily?), which is far less common than a mobile device that you take with you and is also smaller so more easily stolen.
Protect the stuff you value the most, but for the common stuff it is nice to have a quicker method of access. Like everything else, this is merely one tool in your toolbox that you can decide how & when to use appropriately.
Werks on my Thinkpad X13
Same on Thinkpad T495
My old t22 had one that worked perfectly, rip.
Am I the only one who's fine with typing a password?
Nah, I'm also fine with it. Fingerprint sensors hate me anyway, on every phone I owned I needed to rescan my prints every few weeks or so because they just won't recognise me after a while. These days I just use passwords and pin codes.
Nah, the police in my country can compel use of biometrics but not password/key. I refuse to set them up at all.
Outside that even, on like a phone, what if I'm sleeping and a GF uses my finger without consent? It's a security hole imo.
Got it working on my ThinkPad t480 - realised I can only maybe sometimes log into the user account. Can't replace sudo, gpg, or any other type of password, and if I remember correctly it couldn't even unlock the screen. Gave up on that idea completely.
Funnily enough, the actual fingerprint recognition was more often successful on Linux than on windows.
Support seems much better now.