[tdicola]

I'd love to understand more about how the face recognition works. Does it have any way to combat someone just printing out a picture of your face and holding it up? I've done some simple face recognition stuff with OpenCV and it's super easy to fool with photos.

[vmarsy]

Windows Hello uses a combination of special hardware and software to accurately verify it is you – not a picture of you or someone trying to impersonate you. The cameras use infrared technology to identify your face or iris and can recognize you in a variety of lighting conditions.

and later in the webpage:

all OEM systems incorporating the Intel® RealSense™ 3D Camera (F200) will support the facial and iris unlock features of Windows Hello

So by reading this we can assume it does more than 2D recognitions since this is a "3D Camera"

[higherpurpose]

3D models have been created out of 2D images before. I'm not saying this will be hackable from day one, but it will probably take a few short years for a well sponsored and motivated attacker. Hopefully the technology will also keep up and within a year or two we'll see updated versions that make it even harder to replicate.

However, if I were to pick, I'd go for fingerprint recognition instead. Images of people's faces are everywhere online. It's much less likely to have a good photo of your fingerprints.

[megaman821]

The video actually shows a person attempting this, and it did not unlock the computer.

[rplnt]

It did..? I think.

[ehaughee]

It was an odd way to demo the tech as it was really quick. But what happens in the video is that the user holds a picture up in front of his face and nothing happens. Then he removes the picture to show his face and is immediately logged in. It seemed to happen much quicker than the other examples of unlocking, in the same video, that I assumed it was a video example of how the tech would work and not necessarily a real life demo. Obviously I could be wrong though.

[freehunter]

For facial or iris detection, Windows Hello uses a combination of special hardware and software to accurately verify it is you – not a picture of you or someone trying to impersonate you. The cameras use infrared technology to identify your face or iris and can recognize you in a variety of lighting conditions.

[tdicola]

Ah, so reading between the lines I'm going to guess they're building Win 10 devices with a built in kinect-like device that does depth sensing in addition to photo recognition.

[TeMPOraL]

Time to start 3D-printing faces...

[Someone1234]

You could, but it is an IR camera, so you better have the IR characteristics of your 3D face match also. If you combine IR and visible light photography you actually get a layered face-scan which is VERY hard to fake (not impossible, hard).

e.g. http://produceconsumerobot.com/biosensing/content/Face%20fev...

[higherpurpose]

What if you just hack the webcam firmware - like celebrity hackers and FBI have done for years already?

[MichaelGG]

If you can modify firmware, you've probably already won. Unless the auth is done remotely and requires remote attestation, perhaps.

[Raphmedia]

I'm sure it could be done with paper folding.

[TeMPOraL]

Come to think of it... print a cylindrical projection of the photo and then wrap around a cylinder...

[Groxx]

And then point a projector at it to warm up the paper at the right places.

I really wish biometrics would quit claiming to be significant improvements over anything but writing your password on a post-it on the computer. They all fall very quickly.

[rpedroso]

This is an important point. I wonder if they're going to have hardware standards for the fingerprint readers. Low-quality finger print readers can be spoofed with prints lifted from everyday sources.

[stevecalifornia]

In the article it says it uses infrared.