500
Microsoft’s Windows Hello fingerprint authentication has been bypassed
(www.theverge.com)
This is a most excellent place for technology news and articles.
Wtf. It shouldn't even need those permissions. All it needs to do is scan if the fingerprint it stores matches you.
It uses web view for web authentication for registering your Hello PIN to your Microsoft account. So it's by design on Microsoft's end. You can then use the Windows Hello credential as a passkey but if you don't want that, you'd need another solution for biometric auth.
Still, that does not explain the Edge dependency. Lots of programs can communicate with their respective servers without browser technology.
It kinda does though, if you look at it from a speed/competency aspect. I'm more and more convinced that the people who build out features only have tangential ideas on how it integrates into the overall system, so just throwing a browser at every problem gets you a cookie cutter backend with APIs and let's you shove half baked features out the door without having to figure out how to wrap data in protocols since you just hand your payload so the browser and wait for a response.
Oh sweet summer child. No. That would have been the intelligent approach. It could have been fast and secure but it wouldn’t have had all that delicious telemetry nor taken another step towards charging you rent just to use your computer.
They locked it behind two online services. Welcome to the new Microsoft. If it doesn’t include charging you rent or using you & your private information to train a large ai model. They don’t care.