Security Basics mailing list archives
Re: Biometric question
From: Johan De Meersman <johan () ops skynet be>
Date: Thu, 07 Nov 2002 23:12:29 +0100
ktyler () nautilus-ins com wrote:
Well it depends, how desperate somebody wants to get into the computer room, e.g would they be willing to cut off your hand or pull out your eyeball. I would think that finger prints would be the best. It is considerably cheaper then a retinal scanning equipment.
there currently isn't a single biometrics system that's safer than a common DSA dual key with a decent passphrase, really.
There's two types of fingerprinters: thermal and optical. Both are easily deceived, with the use of gummi bears, wax, or even chalk and transparent tape.
Most retinal scanners can be fooled with a picture of the eye, and those that are a bit more expensive and scan for depth, too, are often fooled by cutting a hole where the pupil is, and keeping the picture in front of you eye
voice can be fooled by decent recordings, and if you're willing to put in some work you can actually use advanced speech synthesis.
And another, perhaps even bigger problem: once someone managed to get in, what are youg gonna do about it ? Get new eyeballs ?
Biometrics are fun to play with, but don't think they're a cure-all. If properly implemented, that is, in conjunction with other types of security, they can be very effective. If poorly implemented, you might prefer to just leave an active root console on the street - it'll cost less.
google for 'fool biometrics' or similar terms - you'll find a lot of interesting articles.
Current thread:
- RE: Biometric question, (continued)
- RE: Biometric question sanjay . patel (Nov 09)
- Re: Biometric question Joey (Nov 09)
- Re: Biometric question Richard Caley (Nov 08)
- Re: Biometric question Mailing Lists (Nov 08)
- Re: Biometric question Volker Kindermann (Nov 08)
- Re: Biometric question Catfish (Nov 09)
- Re: Biometric question Noah Salzman (Nov 09)
- Re: Biometric question Blake Girardot (Nov 09)
- Re: Biometric question Felix Cuello (Nov 09)
- Re: Biometric question ktyler (Nov 07)
- Re: Biometric question Johan De Meersman (Nov 08)
- Re: Biometric question Meritt James (Nov 09)
- Re: Biometric question Konrad Rzeszutek (Nov 08)
- Re: Biometric question ATD (Nov 09)
- Re: Biometric question Johan De Meersman (Nov 08)
- RE: Biometric question Bryan E. Glancey (Nov 07)
- RE: Biometric question Vince Hillier (Nov 08)
- RE: Biometric question Naveed Ahmed (Nov 09)
- RE: Biometric question Bryan E. Glancey (Nov 09)
- R: Biometric question Alessandro Bottonelli (Nov 11)
- RE: Biometric question dporter (Nov 09)
- RE: Biometric question Nero, Nick (Nov 09)
(Thread continues...)