I know there was extensive testing when face recognition authentication came to smartphones. I wonder how an open source project like this one compares. I suspect there are substantially more false positives/negatives than on a commercially developed version that needs to support everyone to be successful.
thekevan 1 days ago [-]
"A note on security
This package is in no way as secure as a password and will never be. Although it's harder to fool than normal face recognition, a person who looks similar to you, or a well-printed photo of you could be enough to do it. Howdy is a more quick and convenient way of logging in, not a more secure one.
To minimize the chance of this program being compromised, it's recommended to leave Howdy in /lib/security and to keep it read-only.
DO NOT USE HOWDY AS THE SOLE AUTHENTICATION METHOD FOR YOUR SYSTEM."
e-topy 2 days ago [-]
Apple's Face ID uses what is essentially a 3D camera, a simple 2D color camera cannot compare to that in terms of accuracy.
lozenge 1 days ago [-]
Windows also uses infrared LEDs to light your face and prevent a flat photo from being recognised as a face.
throwaway889900 1 days ago [-]
Windows is an operating system and does not have dependence on specific hardware being present.
zettabomb 1 days ago [-]
Incorrect. Windows Hello uses special hardware.
throwaway889900 1 days ago [-]
Right, Windows Hello requires it for facial auth, Windows itself does not. Hello still works, just you have to authenticate with a different method if the hardware isn't present.
98codes 1 days ago [-]
There are definitely webcams that work with Windows Hello, and those that don't.
crowcroft 1 days ago [-]
Apple has clearly done a lot of work in this space and have decided to retain Touch ID on Macbooks. I think this is fairly instructive.
real0mar 1 days ago [-]
That was primarily because the face id sensor stack is too thick to fit in the laptop lid
crowcroft 1 days ago [-]
The point being that they think they need those sensors in order to create a secure system.
1 days ago [-]
1 days ago [-]
aniviacat 1 days ago [-]
AFAIK Pixel phones, including the Pixel 9, only use 2D images for face unlock. So it's definitely possible to reach mainstream quality with conventional cameras.
(Unless you'd argue that the face unlock found on Pixels is not passable either)
MengerSponge 1 days ago [-]
I don't know how Google does it, but it's possible to extract 3d information from a 2d sensor. You either need a variable focus or phase detection in the sensor.
Doesn't that mean that any camera can be used to infer phase (and thus depth for face ID, which is a high risk application)?
> variable focus
A light field camera (with "infinite" focus) would also work.
MengerSponge 6 hours ago [-]
Very cool. Yes, probably? I'll have to think about the relationship between image quality and the fidelity of the derived phase measurement, because it's not obvious how good a camera needs to be to be "good enough" for a secure system.
Last time I tried it, I wished the DM indicated its processing my face and also if it failed, and a button to retry. Also will the model be fooled by an IR photo of my face?
I did have fun opening the IR camera feed and seeing objects of various opacity in visible spectrum behaving differently in IR.
Boltgolt 2 days ago [-]
Main dev here: If you're on the 3.0 version you'll be able to install howdy-gtk, which will show a popup at the top of your screen when authenticating.
You can also enable "rubberstamps" which require an action from you like nodding yes to confirm authentication and making it harder to fool. As noted in the readme though, Howdy is never going to be 100% secure
charcircuit 2 days ago [-]
This isn't "Windows Hello style." This program extracts features from a 2d image instead of doing depth reconstruction first. This makes it easy to fool with a piece of paper.
Also this only handles user authentication unlike on Windows where it can be usedpasskey. disk encryption and for passkeys.
Edit: This program also saves the landmarks of your face into a file in plain text when it gets added.
jeroenhd 2 days ago [-]
FWIW Microsoft's branding team fumbling everything into Windows Hello isn't the project's fault. The "Windows Hello" part that they're trying to find an alternative for was the only "Windows Hello" for a while before Microsoft also decided that all of their TPM operations were now Windows Hello things.
That said, without the depth reconstruction, I do agree that this is nowhere close to Windows Hello's features. That's not the devs' fault (that kind of mostly-secure facial recognition is very hard) but I also don't think the comparison is apt. But who knows, if this project gains popularity, maybe in the future that kind of thing becomes possible.
This is more akin to Android's facial recognition, except for using the IR camera. Which is still acceptable for plenty of people. After all, many fingerprint readers on Linux share similar risks and are often regarded as secure enough. I think the availability of this project, even if it's nowhere near Windows Hello's standards, is a great addition to many Linux desktops, as long as their users understand the limitations.
As for the plaintext, Linux doesn't really have a secure storage mechanism (even the standard secrets API is easy to fool) so obfuscating the facial features doesn't really serve a purpose. As long as your disk is encrypted, I don't think that's a risk (and if it isn't, whoever is looking at your laptop can just browse through your photo albums anyway).
Boltgolt 2 days ago [-]
Depth reconstruction with IR cameras in laptops today is incredibly hard. While the camera itself is exposed in Linux as a USB camera, the sync with the IR emitters is completely lost. Because of this we cannot extract a "left" and "right" lit image reliably as Windows hello does
written-beyond 2 days ago [-]
Really? When I tried on an hp spectre 5 years ago it made the hell sensors make a horrible clicking sounds and the LEDs glow red. I assumed it was doing something with depth analysis.
senectus1 2 days ago [-]
yeah its more of a taster demo. I wish them luck in developing it properly though... I'm doing an ubuntu MOE for a corp atm and man, I really miss the windows hello logins.
_joel 2 days ago [-]
Is 'Hello' and those kind of biometrics generally enabled at $CORP? The ones I've gigged at have been the polar opposite of using it, due to regulatroy requirements. Even disabling macos fingerprint reader company-wide, which is prerry darn good imho.
lozenge 1 days ago [-]
I've had the opposite experience, my CORP now pushes most auth through my phone's biometric authentication, I don't even use a password.
senectus1 1 days ago [-]
yeah hello encompass facial recognition (must be dual IR cams), Fingerprint sensor and PIN.
none are perfect but they allow users to easily access their devices without having to remember and type in huge passwords.
joelthelion 1 days ago [-]
I wish we had good support for fingerprint readers instead.
It wasn't strictly plug and play, but it only took like 20 minutes of fiddling.
simtel20 9 hours ago [-]
I thought yubikeys only provided a sensor for the fact that the sensor was touched, vs fingerprint resets that actually distinguish whose fingerprint is touching the sensor before being usable as an authenticator
Pwntastic 7 hours ago [-]
most of them only have touch sensors but the yubikey bio series devices have actual fingerprint readers, and as part of the device setup you register one or more fingerprints which are then stored on the device itself
cyp0633 1 days ago [-]
I use fprintd and it works well with GNOME + builtin Elan sensor. It indeed needs more complex configuration than Touch ID or Windows Hello though.
mouse_ 1 days ago [-]
In Fedora it's (supposed to be) pretty simple. Just go into settings -> users and add your fingerprint. In practice I usually have to use dnf to nuke pam and reinstall it manually for it to start working. But they have a good skeleton set up. Still no predesktop authentication, though.
amaccuish 1 days ago [-]
That, and TPM integrated WebAuthN.
mouse_ 1 days ago [-]
Predesktop authentication is a killer feature. Hope to see it some day.
deafpolygon 2 days ago [-]
Why does it depend on python2…?
Arnavion 2 days ago [-]
Ask the Fedora maintainer? The README instructions only say Python 3. The OpenSUSE package's specfile only says Python 3, and to be sure I tried installing it and it did not pull in Python 2 packages.
Actually even the Fedora package's specfile only says Python 3, so I'm not sure why the README says that it still needs Python 2.
Edit: Okay, the explanation is in this commit message: https://github.com/boltgolt/howdy/commit/305e42fc79ef38f66c5... . The dep on Python 2 is from Fedora's PAM module package, not from howdy itself. On OpenSUSE the corresponding PAM module package depends on Python 3 already.
seany 1 days ago [-]
I wonder what it would take to get an OSS fr model to decent performance on the NIST/iBeta rankings.
fsateler 1 days ago [-]
The project seems active, but the last release is from 2020... Why no new releases?
This package is in no way as secure as a password and will never be. Although it's harder to fool than normal face recognition, a person who looks similar to you, or a well-printed photo of you could be enough to do it. Howdy is a more quick and convenient way of logging in, not a more secure one.
To minimize the chance of this program being compromised, it's recommended to leave Howdy in /lib/security and to keep it read-only.
DO NOT USE HOWDY AS THE SOLE AUTHENTICATION METHOD FOR YOUR SYSTEM."
(Unless you'd argue that the face unlock found on Pixels is not passable either)
Doesn't that mean that any camera can be used to infer phase (and thus depth for face ID, which is a high risk application)?
> variable focus
A light field camera (with "infinite" focus) would also work.
Light field? I remember Lytro! Such cool technology that never found its niche. https://en.wikipedia.org/wiki/Lytro
Is anybody making a successor product?
I did have fun opening the IR camera feed and seeing objects of various opacity in visible spectrum behaving differently in IR.
You can also enable "rubberstamps" which require an action from you like nodding yes to confirm authentication and making it harder to fool. As noted in the readme though, Howdy is never going to be 100% secure
Also this only handles user authentication unlike on Windows where it can be usedpasskey. disk encryption and for passkeys.
Edit: This program also saves the landmarks of your face into a file in plain text when it gets added.
That said, without the depth reconstruction, I do agree that this is nowhere close to Windows Hello's features. That's not the devs' fault (that kind of mostly-secure facial recognition is very hard) but I also don't think the comparison is apt. But who knows, if this project gains popularity, maybe in the future that kind of thing becomes possible.
This is more akin to Android's facial recognition, except for using the IR camera. Which is still acceptable for plenty of people. After all, many fingerprint readers on Linux share similar risks and are often regarded as secure enough. I think the availability of this project, even if it's nowhere near Windows Hello's standards, is a great addition to many Linux desktops, as long as their users understand the limitations.
As for the plaintext, Linux doesn't really have a secure storage mechanism (even the standard secrets API is easy to fool) so obfuscating the facial features doesn't really serve a purpose. As long as your disk is encrypted, I don't think that's a risk (and if it isn't, whoever is looking at your laptop can just browse through your photo albums anyway).
none are perfect but they allow users to easily access their devices without having to remember and type in huge passwords.
It wasn't strictly plug and play, but it only took like 20 minutes of fiddling.
Actually even the Fedora package's specfile only says Python 3, so I'm not sure why the README says that it still needs Python 2.
Edit: Okay, the explanation is in this commit message: https://github.com/boltgolt/howdy/commit/305e42fc79ef38f66c5... . The dep on Python 2 is from Fedora's PAM module package, not from howdy itself. On OpenSUSE the corresponding PAM module package depends on Python 3 already.
https://news.ycombinator.com/item?id=29736369