Mar 10, 2015 transitioning a home network from windows home server to windows server 2012 essentials: So far, very impressed. One small glitch in. Sep 15, 2017 Protector Suite 2012 by UPEK Inc. Versions: and. File name: ctlcntrv.exe.
Most laptops today ship with a fingerprint reader. Most likely, you have a laptop with one. Until very recently, most major manufacturers such as Acer, ASUS, Dell, Gateway, Lenovo, MSI, NEC, Samsung, SONY, Toshiba, and many others were using fingerprint readers manufactured by a single company: UPEK. Preface ElcomSoft discovered a major flaw with UPEK Protector Suite, which was the software shipped with the majority of laptops equipped with UPEK fingerprint readers until the company was acquired by Authentec and switched to different software. Even today, when UPEK is acquired by Authentec which now uses TrueSuite® software, many (or most) existing laptop users will simply stay with the old flawed software, not feeling the need to upgrade. Does Fingerprinting the User Lead to Tighter Security? Laptops normally come loaded with pre-installed software.
Among other things manufacturers install on your brand-new laptop is software communicating with UPEK readers: UPEK Protector Suite. Bl Thareja Vol 3 Pdf. The suite manages fingerprint reading hardware, offering users the convenience of substituting the typing of passwords with a single swipe of a finger. Ultimately, UPEK Protector Suite caches your passwords, offering near-instant login to Web sites and Windows itself.
Logging into Windows by swiping a finger instead of clicking and typing a (probably long and complex) password sounds tempting. And, it works. A simple swipe of your finger, and you’re in. Wonderful; but what about security? Here’s what UPEK says on its Web site about the Windows login: “Protector Suite QL allows for secure access to Windows by swiping your finger instead of typing a password.” Notice the “secure” part? Well, we found out UPEK makes Windows login anything but secure.
In fact, the UPEK’s implementation is nothing but a big, glowing security hole compromising (and effectively destroying) the entire security model of Windows accounts. The Issue with UPEK Protector Suite After analyzing a number of laptops equipped with UPEK fingerprint readers and running UPEK Protector Suite, we found that your Windows account passwords are stored in Windows registry almost in plain text, barely scrambled but not encrypted. Mitsubishi S4s Engine Manual.
Having physical access to a laptop running UPEK Protector Suite, we could extract passwords to all user accounts with fingerprint-enabled logon. Putting things into perspective: Windows itself never stores account passwords unless you enable “automatic login”, which is discouraged by Microsoft. If you use the Windows auto-logon feature, you’ll see a message saying “Using automatic logon can pose a security risk because anyone that has access to your computer will have access to your programs and personal files.” Simply said, no corporate user will ever use this “automatic logon” feature, which is often banned by corporate security policies. However, fingerprint logon is rarely, if ever, barred.
The common perception is that biometric logon is just as, or maybe more secure than password-based one. While biometric logon could be implemented that way, UPEK apparently failed.