Re: Biometrics (was Re: [fw-wiz] Username password VS hardware token plus PIN)

From: Marcus J. Ranum (mjr_at_ranum.com)
Date: 04/15/05

  • Next message: Adam Shostack: "Re: Biometrics (was Re: [fw-wiz] Username password VS hardware token plus PIN)" 
    To: "Paul D. Robertson" <paul@compuwar.net>, "Michael J. Tubby B.Sc. (Hons)" <mike.tubby@thorcom.co.uk>
Date: Thu, 14 Apr 2005 21:21:24 -0400

    Paul D. Robertson wrote:
    >I don't think a wrist is that much more trouble than a finger to a
    >machette

    I know you're just being funny, but this all misses an important
    point: against an opponent that is willing to physically attack,
    threaten, or torture you ALL authentication systems
    are worthless. Especially if you assume a level of indirection
    can be added (I.e.: "log me into the system or your child dies.")

    There's only so good it's worth making these things. My problem
    with biometrics is that they're not even *that* good without a
    heck of a lot of extra mechanisms and tweakage. Biometrics
    are really only good if you, ummm.... sell biometrics.

    mjr.

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Adam Shostack: "Re: Biometrics (was Re: [fw-wiz] Username password VS hardware token plus PIN)"

    Relevant Pages

    • RE: EFS and biometrics? Other options?
      ... Subject: EFS and biometrics? ... he is using this for laptops. ... individual like this the authority to change the template, ... >> and skin from my index finger fingertip while working on a computer. ...
      (Security-Basics)
    • RE: Biometrics
      ... fingerprints, leaving your finger over a sensor. ... With biometrics you always have to find a balance between false ... WideString as your finger representation. ... Regards, ...
      (Security-Basics)
    • RE: EFS and biometrics? Other options?
      ... Subject: EFS and biometrics? ... > and skin from my index finger fingertip while working on a computer. ... It's more difficult for a fingerprint authentication system to recognize ...
      (Security-Basics)
    • RE: Biometric question
      ... more tolerant modes (you can put your finger on 'close' to the same way ... Manager of Security Solutions ... biometrics, in fact only will be based on fingerprints biometric. ... How secure are fingerprints?, ...
      (Security-Basics)
    • RE: Hacking USB Thumbdrives, Thumprint authentication
      ... For this reason I hope people don't choose biometrics as a mainstay. ... Perhaps people should spend more time analyzing these technologies so that there are reasons to avoid biometrics as a whole. ... Also those>serious about finger print biometric ... system will combine "have" and "know" methods for truer authentication. ...
      (Vuln-Dev)