Vulnerability Development mailing list archives
Re: Hacking USB Thumbdrives, Thumprint authentication
From: Adeel Hussain <ad33lh () hotmail com>
Date: 6 Feb 2004 14:41:59 -0000
In-Reply-To: <002f01c3eab8$e6e03040$1400000a@bigdog> I think many of you are hitting the nail on the head. Biometrics authenticate based on "something you are". Biometrics fall down if the digital representation of what you are is available to a third party. It's like giving your password to a company (or several companies) and still expecting it to be secure. All it takes is a less than moral company, a security breach or internal threat to expose a companys data and that could include the biometric data they have collected. As biometrics get cheaper and more "out of the box" solutions are produced I think you will see allot of companies move to them because of the perceived security benefits. With the more companies that use biometrics the greater the risk of data being exposed. Think it is far fetched that your biometrics could be exposed? From my personal experience I have been involved with two areas that used biometrics for identification. Both were work related so I had a choice of use it or get a new job. Another place that biometrics has been introduced is the US border. Most people entering the US, who are not US citizens or citizens of exempt countries/groups, will have photo and fingerprint data collected. Now my next questions, do you trust the US government to keep your data safe? To use it appropriately? Do you trust most major corporations? Where do you draw the biometric line and what are you willing to give up to protect "what you are"? Adeel
Current thread:
- RE: Hacking USB Thumbdrives, Thumprint authentication David.Cross (Feb 03)
- Re: Hacking USB Thumbdrives, Thumprint authentication Kurt Seifried (Feb 05)
- <Possible follow-ups>
- RE: Hacking USB Thumbdrives, Thumprint authentication David.Cross (Feb 06)
- Re: Hacking USB Thumbdrives, Thumprint authentication Adeel Hussain (Feb 09)