Re: [PEN-TEST] Biometrics

[Thomas Bueschgens <sledge () SECONET DE>]

   On Thu, 17 Aug 2000 19:32:31 -0500, Frank Knobbe
   <FKnobbe () KNOBBEITS COM> said:

Frank> Yeah, good topic. Not a discussion about biometrics devices,
Frank> but about attempts to foil them.

Frank> I had developed an idea for an attempt to circumvent
Frank> fingerprint scanners, but have never been able to put it to the
Frank> test. It basically went like this:

[ ... interesting stuff deleted for brevity ... ]

Frank> Now, if that would work, fingerprint technology may be less
Frank> secure than hardware tokens since you know when you lost a
Frank> token, but you don't know if anyone got your latent print from
Frank> your lunch drink.

Will only work for the simple cheap-o-matic devices.

The one functioning like "image-scanners". Better one check
temperature patterns, and the electric capacity of your finger.

Really cheap scanners (like the ones on keyboards or even mice to buy
nowadays) can even be fooled with just a "printed" fingerprint, so no
reason to construct a 3d-version of the "dusted-of" print.

        Tom

--
 Thomas Bueschgens              PGP-key available at server or via email
 sledge () acm org                      sledge () seconet de

 "The only system that is truly secure is one that is switched off and
 unplugged, locked in a titanium-lined safe, buried in a concrete
 bunker, and surrounded by nerve gas and very highly-paid armed
 guards. Even then, I wouldn't stake my life on it."  -- Gene Spafford