Biometrics (was Re: [fw-wiz] Username password VS hardware token plus PIN)
From: Devdas Bhagat (devdas_at_dvb.homelinux.org)
To: firstname.lastname@example.org Date: Fri, 1 Apr 2005 00:02:28 +0530
On 24/02/05 08:19 -0500, Paul D. Robertson wrote:
> > Of course, specific biometric implementations do not need to fall foul of
> > this vulnerability; when we (the industry) get past the hype and debate
> > actual architectures, we might come up with something usable and secure. :)
> The implementation doesn't matter if the attacker set believes that they
> can breach the system. For instance, if a rumor starts that iris scanners
> in ATMs open up if you pop out an eyeball and hold it on the end of a pen,
> there will be a bunch of one-eyed victims running around _even if the
> premise is untrue_.
Anyone feel like continuing to use or recommend biometrics?
I would *much* rather be safe.
firewall-wizards mailing list