Re: What laptop should I buy for running Debian?
Tzafrir Cohen wrote:
> On Tue, Dec 19, 2006 at 02:49:03PM -0800, Paul Johnson wrote:
>> Baz wrote:
>>
>> > So, you were able to get the fingerprint reader working.
>>
>> I'm not sure biometrics are ready for prime-time yet. I don't trust
>> fingerprint readers and refuse to use biometrics for ID or authentication
>> beyond their traditional uses because most fingerprint readers can be
>> fooled by a Jello finger with a reproduction of the print on it, and I
>> can't exactly go down to Handcrafters and get a new fingerprint in about
>> an hour if someone does compromise my fingerprint.
>
> Let's take this elsewhere. The firngerprints are a bad authentication
> token as they're probably all over your computer. How about using the
> that scanner as a scanner to identify an object with a unique pattern
> you carry with you?
That's getting closer. Something like what banks and offices use for access
control to customer terminals and secured doors would be better: Swipe
your card, then enter your passcode. Biometrics could take the place of
the swipecard, though. Point being, one factor authentication is
inheirently insecure, and one-factor biometric authentication doubly so.
Case in point: Some models of BMW use the owner's fingerprints as an
ignition "key." What have African car theives started to do? Hack the
hand off the owner and use the disembodied hand to start the car! I'm not
sure which is worse: Having someone mutilate you to get your auth token or
have someone copy it with jello knowing you can't readily replace it...
Reply to: