Re: replacing compromised biometric authenticators

[Alain Hebert <ahebert () pubnix net>]

    Odd,

    1. captcha(?)

    In my millennia of experience I never saw a captcha used as a mean 
for DC access control.  Just as a programmatic way to reduce brute force 
for some website functions.


    On my network janitor keychain I have (in order of hackability from 
easiest to hardest)

        1. keycard only

        2. keycard + fingerprints

        3. keycard + face (2d)

        4a. keycard + eye

        4b. keycard + top of hand mapping

    But all the DCs, I deal with, have highrez cameras and tailgating 
controls...  Biometrics are just a part of a wider system.

-----
Alain Hebert                                ahebert () pubnix net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770     Beaconsfield, Quebec     H9W 6G7
Tel: 514-990-5911  http://www.pubnix.net    Fax: 514-990-9443

On 10/12/17 16:58, Rich Kulawiec wrote:
> On Wed, Oct 11, 2017 at 05:04:08PM -0400, Ken Chase wrote:
> > If the current best operating practice is to avoid biometrics, why are they
> > still in use out here?
> (1) for the same reason some idiots still use captchas
> (2) new hotness > old and busted, regardless of merits
> (3) because they facilitate coerced risk transference away from the
> people who are actually responsible (and are paid to be so) to the
> people who shouldn't be responsible (and aren't paid to be)
>
> ---rsk