Security Basics mailing list archives
RE: Biometric question
From: "Kenneth W. Kubiak" <kkubiak () bflohearspeech org>
Date: Thu, 7 Nov 2002 14:30:33 -0500
Felix, In short, I'm not sold on ANY biometrics security solutions. It just seems that, particularly since the 9/11 attacks in the U.S., that we've tried to move too fast in implementing these sort of high-tech solutions that we aren't entirely sure how they work, if indeed they work at all. I'd heard something similar about fingerprint scanners, but I just couldn't remember how they were fooled. Go figure... we spend hundreds of thousands of dollars on developing a new technology like that, only to have it fooled by something you can buy with spare change from a vending machine! Anyway, I remember reading not too long ago, that facial recognition scanners could be fooled something like two-thirds of the time by holding a laptop screen up to the scanner from a few feet away that produced a low-res image of the person to be authenticated. Unfortunately I can't find the article at present - but I wouldn't think facial recognition's the way to go either. I think if you're planning on implementing a biometrics solution, that it should be supplemented with the conventional password backup, or at least a secondary biometrics solution. Ken -----Original Message----- From: Michael Sconzo [mailto:msconzo () tamu edu] Sent: Thursday, November 07, 2002 12:13 PM To: security-basics () security-focus com Subject: RE: Biometric question -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 One of the more memorable things that I have read about fingerprint scanners is: http://www.counterpane.com/crypto-gram-0205.html#5 You can basically fake a fingerprint biometric machine with a gummi bear. If I remember correctly, the majority of fingerprint scanners are vulnerable to this type of attack. One of the big things to look for is one that samples SHAPES not POINTS, and remember the more the merrier. As for other types of biometrics, I am not too sure, hopefully somebody else can shed some light on those. - -mike - -----Original Message----- From: Felix Cuello [mailto:felix () qodiga com] Sent: Wednesday, November 06, 2002 1:27 PM To: security-basics () security-focus com Subject: Biometric question Hello list! I will work in a project where phisical security will be based on biometrics, in fact only will be based on fingerprints biometric. How secure are fingerprints?, what biometric are more secure? (voice, eye, ??? what else). I'm not a security expert :-) Thanks a lot, Felix [my english is bad... please sorry :-)] - -- Felix Cuello felix () qodiga com Qodiga/its Av.Santa Fe 882 P.13 Of. "E" C.P. ABP1059C Tel.: (54) 011 - 4312-1698 Buenos Aires - Argentina -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPcqfKy76iJsaBRvcEQJ4GQCg8IIGDvldPOk6Bll7RV8spScjPDAAoPuy DzeFhJhhlLBeyqWGS/NABATs =kUtf -----END PGP SIGNATURE-----
Current thread:
- Biometric question Felix Cuello (Nov 07)
- RE: Biometric question Michael Sconzo (Nov 07)
- RE: Biometric question Kenneth W. Kubiak (Nov 08)
- Re: Biometric question john slee (Nov 08)
- RE: Biometric question Naveed Ahmed (Nov 08)
- RE: Biometric question sanjay . patel (Nov 09)
- Re: Biometric question Joey (Nov 09)
- Re: Biometric question Richard Caley (Nov 08)
- Re: Biometric question Mailing Lists (Nov 08)
- Re: Biometric question Volker Kindermann (Nov 08)
- Re: Biometric question Catfish (Nov 09)
- Re: Biometric question Noah Salzman (Nov 09)
- Re: Biometric question Blake Girardot (Nov 09)
(Thread continues...)
- RE: Biometric question Michael Sconzo (Nov 07)