Re: Biometrics

From: Gadi Evron (ge_at_linuxbox.org.INVALID)
Date: 12/01/03 

Date: Mon, 01 Dec 2003 18:45:32 GMT

Simon wrote:
> Thanks - I think I'll look at pre-boot encryption/decryption systems instead
> although I get the feeling that if somebody wants in then they will get in
> no matter what!
>
> It's a sad world.

Okay, there are some good articles and books on the subject, but I have
a few things to contribute to this discussion.

Basically, it all comes down, once again, to who has you in their
sights, and how much of a target you are.

If someone will invest enough in it, they will eventually get in to
anywhere. But you can make their life very difficult. :)
So pretty much - yes, nothing is really impossible, as long as we follow
the rules of physics, and then some. :)

Myself, I like biometric systems.

It is true that finger-print based biometric systems are somewhat
unreliable for a few reasons, some of which include relatively easy
faking, there are very few duplicates (0.who-knows-how-many-zero's...1
per cent of the world's population has the same fingerprint, probably 1
out of a million, 10 million or 100 million people - I am bad with
statistics). Then there are the problems of how secure your system is,
based on how many minuteas you use? If too many you may not be
identified tomorrow, and if too few.. the rest of the world can pass for
being you.
I can go on for quite a bit about all this and a lot more, but you get
my drift.

Every system has its downsides.

The whole point is to use the biometric system along with another system.
That way you double the technology, and it is more difficult, to a
level, to get in.
For example, password + finger print.
Something you know + something you are.

As a security minded person when I hear the word laptop though, I start
sweating. I can't even begin to imagine the loss of information caused
world-wide by people simply forgetting the laptop somewhere.

My two cents. 

-- 
	Gadi Evron.
The Trojan Horses Research mailing list - http://ecompute.org/th-list