iSight Security

Posted by: whitlock

iSight Security - 05/06/07 05:49 PM

Hey Everyone,

I'm not a software programmer, though I can come up with ideas.  Unfortunately I don't know where to contact someone about this.  If you can make the idea a reality, or know someone who can, that would be great.

Basically since Apple laptops anymore come with built-in iSights, and they can be used during the login process, why not have them act as a secure login device?  You could use facial recognition by itself or with a password.  Another idea is to have a random photo or special bar code that can be used which can be kept in your wallet.  To log in, you will need to use your password as well as the photo.  This would obviously slow down login time, though people couldn't exactly remote login without knowing or having that picture. 

If this exists and I'm ignorant, call me on it.  I'd download the software in a heartbeat.  If not, something like this should be made and for the cheap (or free) crowd.
Posted by: oojacoboo

Re: iSight Security - 05/06/07 09:01 PM

thats a good idea whitlock.  It wouldn't really be used by alot of people, as they wouldn't have a need.  But, I could see some really using a feature like this.  My question is, how do you load an app with the login?  I would think you would have to modify the OS for that.  Then, what about updates and incompatibilities, etc...
Posted by: Waragainstsleep

Re: iSight Security - 05/07/07 10:05 AM

How good is facial recognition this days? It'd be a pain if you couldn't log in because you shaved your beard off one morning...
The barcode idea isn't so bad. You could get one tattooed on the back of your wrist or something.

Maybe just use the mic for voice recognition instead. Even more Mac laptops (and iMacs) have mics than iSights, and the technology is probably more reliable.

As for loading at login, there is a startup items folder in your Library (there is on Tiger and Leopard anyway). There is probably other ways too. Just add a line to an appropriate startup script maybe. ARD is running when the login window comes up, and that isn't in startupitems.
Posted by: manhackman

Re: iSight Security - 05/07/07 10:25 AM

thinking about this made me think of an iris scan instead... Mostly because I often grow and shave my beard!  A pic of your face or iris could appear on the screen and you could move around on camera, with a %50 alpha to line it up more or less... I think it could make it a little easier on the software to make a recognition.
Posted by: whitlock

Re: iSight Security - 05/07/07 11:25 AM

I hear ya on the beards...I jump between phases.  I figure something more like a bar code or image that the iSight can easily recognize yet be complex enough for login purposes would be great. 

The breakdown is that the tool would could use the 'isightcapture' command (via http://www.intergalactic.de/hacks.html) with the program and have it active with the login. 

The authsight hack (http://www.zdziarski.com/authsight.tar.gz) , which takes a screenshot after an invalid login, works by tailing the /var/log/asl.log for invalid attempts.  Authsight would obviously not work for this purpose and could not be used. 

Maybe having a successful login attempt via password, then a check against an image prior to loading the rest of the OS would work.  It would login, though an application would prevent use until the image is verified. 
Posted by: Waragainstsleep

Re: iSight Security - 05/07/07 12:49 PM

That way the app could use the same command ARD uses to lock screens.....
Posted by: whitlock

Re: iSight Security - 05/07/07 05:08 PM

Ok, so far we know figured out:

    - Use a command to use the isight (isightcapture?)
    - How to incorporate it into the login (after password, before *Finder)

Though we still need to:
    - Have some sort of image recognition built into this application
    - Have it actively scan until the image is OK
    - Continue to the Finder

Man, I wish we had a programmer lurking on the board...

* Up for debate
Posted by: whitlock

Re: iSight Security - 05/07/07 05:47 PM

OK, so if you use a barcode scanning solution that's currently available (http://bruji.com/cocoa/barcode.html), it will keep scanning until it reads a valid barcode.  Once completed, it will enter the barcode.  I suppose if there is a hidden field, which only the program can input the text, it would work.  The only downside I can think of is if someone were to find a way to enter the text in manually, bypassing it. 
Posted by: zenstate

Re: iSight Security - 05/07/07 05:57 PM

I think a better way is to mount an isight to your ball sack and have it verify you that way  wink
Posted by: whitlock

Re: iSight Security - 05/07/07 06:14 PM

iSight Barcode Scanner Script
    -  Modified to use a login hook after initial login via password (or not)
    -  Loads before the Finder can load
    -  Programmed to accept a predetermined number (same as barcode) and nothing else
    -  Once the correct number is entered, will tell OS X to load the Finder

Okay, so this sounds possible and completely free with the least knowledge of programming necessary.  Does this sound sane?  Am I missing something here? 

...and yes, I keep creating new posts because I want to keep records of this so others can add to it...
Posted by: oojacoboo

Re: iSight Security - 05/07/07 07:02 PM

what happens if you lose your barcode?
Posted by: whitlock

Re: iSight Security - 05/07/07 07:16 PM

Originally Posted By: "oojacoboo "

what happens if you lose your barcode?


Guess you better have terminal skills
Posted by: manhackman

Re: iSight Security - 05/07/07 08:10 PM

Originally Posted By: "zenstate "

I think a better way is to mount an isight to your ball sack and have it verify you that way  wink

It could be called:
a) iBalls
b) Ball-Sight
c) iSack
Posted by: Waragainstsleep

Re: iSight Security - 05/08/07 11:22 AM

Originally Posted By: "oojacoboo "

what happens if you lose your barcode?

Hence my suggestion of a tattoo.

If you examine your startup script(s) (I don't mean scripts you install to run at start, I mean the one which governs the boot process on any Mac: /etc/rc), you will find a few references to password files. I didn't bother to work it all out, but I think it copies a password file from somewhere which I guess it then uses to compare to your input in the login window. Someone with better scripting skills and a longer attention span than me could probably work something out that way, but here is an easier one:

If you can get the barcode scanner idea to work during the login window, then simply use the barcode scanner to write half of your password into the password box, and type the rest yourself. Easy.
Posted by: TCPMeta

Re: iSight Security - 05/10/07 06:11 PM

Thing is all it takes is say you got a nasty burn or a scratch on your tat then you're screwed.
That;s why they use finger prints. Some systems have a backup finger print from a different finger on the other hand so if you lost the finger or hand you have a backup.

I think the best idea is a simcard like setup or the good old fashion passwords.