dpfp driver and library are progressing steadily, hoping to make an initial release within the next few days.
Looking for hardware hackers
I’d like to thank Joaquin Custodio for donating a Digital Persona U.are.U 4000B fingerprint reader, which completes my collection of every type of product in the range! It will be interesting to finally confirm whether there are any differences at all between the 4000B device and the MS hardware.
Actually, Joaquin sent me a total of 7 UareU 4000B readers! 6 of them are incomplete: no chassis or cable, and they have defects in the glass surface.
These standalone units are intended for distribution to interested hardware hackers. There is some persistant and flashable memory on the device (some form of EEPROM) as well as a central IC. There is also an easily accessible 15-pin interface to the board.
It’s not clear if dumping the device memory contents will prove useful, but it’s an interesting possibility. If anyone is interested and has access to the kind of equipment needed to hack on this kind of thing, please send me an email and I’ll send you a device. Joaquin also tells me that there are plenty more units available.
Encryption, round 2
I was sent the URL to Black Hat Europe‘s list of accepted papers. Particularly interesting is a paper titled Hacking fingerprint Scanners – Why Microsoft’s Fingerprint Reader Is Not a Security Feature.
The speaker, Mikko Kiviharju, made the same discovery that the fingerprints from the Microsoft devices are not encrypted at all, and will be talking about ways that the lack of encryption can be used to fool the system.
After reading that blurb, I found Mikko’s email address and sent him an email detailing my findings with the encryption control bit in the device firmware.
Naturally, Mikko was interested and is now investigating the encryption mechanism in use. And he’s quite the man for the job:
Mikko Kiviharhju has worked several years as a research scientist in the fields of data security and cryptology within Finnish government.
There’s not much to report yet, I am sending Mikko the various logs we have so that he can perform further analysis. So far, he has identified a possible bug in the encryption algorithm: 3 rows of every encrypted image are never encrypted. You can see this clearly in the image I posted last time. That is slightly weird.
Hi, is there a way of getting Mikko’s paper on fingerprint scanners ? Download, email ?
Thx,
Alan.
i buy one U are U 4000 sensor, first i have the installation CD, but now the CD is broken because my stupid brother, please help me
Model No. : URU4S-U1
Part No. : 50006-001
Rev. : 101
Serial No. : 46811985
please help me, i need software for my device
please help me………
See I am newbie forgive me
I want to upload the digital persona firmware to my MS device but I still want to use that on windows
Only want to upload for encryption and SDK purposes
Help is apprecited and thanked
Mail me at kiran.alamgir @ gmail.com
Where can I get the Password Manager for my DigitalPersona 4000 USB Scanner? I dont have the Microsoft One.
I tried the DigitalPersona Password Manager from M$ website but the drivers packaged with it dont work. And when using the drivers from digitalpersona.com I can get winxp to see the device but cant install the password manager from M$, it says it cant be installed with the digitalpersona scanner.
Many thanks,
MrChris
Send U.are.U 4000 driver file
I aquired a few UareU 4000 finger scanners (damaged cases, cut wires, basically useless for real world use, but something to play with).
Have you found anyway to use it without the original software? I have no intention of buying the software, just to play around with it.
can you help me where to dowload the driver of DigitalPersona U.are.U 4000B driver for free because i lost the cd… T_T