IP: Re: biometrics....

[David Farber <dave () farber net>]

> Date: Mon, 21 Jan 2002 14:18:22 -0500
> From: Adam Shostack <adam () homeport org>
> To: farber () cis upenn edu
>
>
> On Sun, Jan 20, 2002 at 11:29:16AM -0500, David Farber wrote:
> | >From: "Mike O'Dell" <mo () ccr org>
>
> | >why anyone should believe in the unassailability of that
> | >particular technology, as opposed to any other technology,
> | >is beyond my meager abilities.
>
> There's an interesting switch in the article which obscures what I
> think is a key point:  Who is attacking the system, and how?
>
> Denning starts by discussion biometrics that work for her ('umpteen
> zillion account names and passwords in order to use the computers in
> my office...'), and then switches to biometrics such as face
> recognition technology that may work on behalf of someone else.  (I
> can see putting face recognition in a camera on my pc, but it seems
> more generally used to scan for pretty women in crowds.)
>
> I don't see that biometrics as a good idea for managing passwords more
> securely leads to it being a good idea for scanning crowds or airline
> passengers.  That the same sort of technology is applied seems to be
> the main link.
>
> Bruce Schneier and I applied a very similar analysis (that the
> security of the system depends who controls and benefits from the
> technology) to smart-cards in
> http://www.counterpane.com/smart-card-threats.html
>
> Adam
>
>
>
> --
> "It is seldom that liberty of any kind is lost all at once."
>                                                        -Hume

For archives see:
http://www.interesting-people.org/archives/interesting-people/