Biometrics (was Re: [fw-wiz] Username password VS hardware token plus PIN)

From: Devdas Bhagat (devdas_at_dvb.homelinux.org)
Date: 03/31/05

  • Next message: Paul D. Robertson: "Re: Biometrics (was Re: [fw-wiz] Username password VS hardware token plus PIN)" 
    To: firewall-wizards@honor.icsalabs.com
Date: Fri, 1 Apr 2005 00:02:28 +0530

    On 24/02/05 08:19 -0500, Paul D. Robertson wrote:
    <snip>
    > > Of course, specific biometric implementations do not need to fall foul of
    > > this vulnerability; when we (the industry) get past the hype and debate
    > > actual architectures, we might come up with something usable and secure. :)
    >
    > The implementation doesn't matter if the attacker set believes that they
    > can breach the system. For instance, if a rumor starts that iris scanners
    > in ATMs open up if you pop out an eyeball and hold it on the end of a pen,
    > there will be a bunch of one-eyed victims running around _even if the
    > premise is untrue_.

    http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm

    Anyone feel like continuing to use or recommend biometrics?

    I would *much* rather be safe.

    Devdas Bhagat
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Paul D. Robertson: "Re: Biometrics (was Re: [fw-wiz] Username password VS hardware token plus PIN)"