PyCon Israel 2023

πŸ‡ΊπŸ‡Έ Face Off: Brute-force attack on Biometrical-databases
07-04, 16:30–16:50 (Africa/Cairo), Hall 3 (2nd Floor)

Join us to unravel the mystery behind facial recognition technology and explore potential security vulnerabilities. Let us show you how we broke into a biometric database with a sophisticated, Python, machine-learning, brute-force attack!

Magic happens every time you take your phone out of your pocket. Somehow, just by looking at the screen, your phone recognizes you (and only you) and magically unlocks.

Have you ever stopped for a minute and thought to yourself - How does that even work? And maybe more importantly, how secure is it?

In this session, we're going to understand how facial recognition works under the hood. We'll dive into some potential security problems, and we'll show you how we were able to break into a biometric database built on the Dlib-python-library by applying a sophisticated brute-force attack. The results will surprise you.

- Intro - The magic of Face ID [1 min]
- Under the hood - How Deep Learning Face ID works [4 min]
- Comparing faces - Exploring the Face-Space [3 min]
- Recap - Tying it all together [2 min]
- Exploitation - Weird behavior & Possible weakness? [4 min]
- Shocking results! - [1 min]
- The Attack - Our attack on a Biometrical database [4 min]
- Summary [1 min]

Session language –


Target audience –


Roy is a passionate Python developer who earned his B.CS degree at just 18, with a background in drone technology and security research, previously served as a Drone Development Officer in the IDF and managed an AR/VR development team. He has worked on autonomous drones in the defense industry and is currently a senior developer at Ownbackup, specializing in security.