[ALUG] (no subject)

Andreas Tauscher ta at geuka.net
Fri Nov 4 22:32:48 EAT 2016 

On 04.11.2016 10:51, Erik Rowberg wrote:
> What is alternative?

Not using it at all. It is broken by design (c).

The problem with biometric is:
Once your e.g. fingerprint is compromised, you can not change it.
And since you leave your biometric markers everywhere they have to be
rated as compromised.

The normal capacitive fingerprint readers are really easy to cheat and
you leave thousands of fingerprints everyday everywhere.
Getting a fingerprint of anybody is not a very serious problem. From a
glass, a door handle, whatever hard surface.
Even a simple photo of your hand is enough.
Proved in 2014 when Jan Krissler aka Starbug from the Chaos Computer
Club during a press conference took a picture of the right hand of the
German minister for defence from a few metres distance with a standard
camera journalist usual using at such events.
The fingerprint extracted from this photo matched exact the real
fingerprint from a water glass taken from the table at a earlier press
conference.
If you use something better than a 200mm standard objective much much
bigger distances are possible.
More difficult to cheat are the fingerprint readers at border controls.
They costing several thousand dollars but can be also cheated. It needs
only a little bit more effort.

Iris scans are even easier to cheat. A simple photo is enough and
cheating the alive recognition usual waiting for an eye blink can simple
bee fooled by moving a pencil between photo and camera up and down.
Totally broken.

And face recognition: With enough knowledge how a neural network is
ticking also no problem.

Biometrics as authentication is not working.

Depending on the security requirements:
For a simple working time check-in check-out - simply to see if you are
here a fingerprint is IMHO fine.
But a fingerprint or other biometrics as access verification to
sensitive restricted areas: This is not working. You can leave also the
key under the door matt.

Andreas

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.habari.co.tz/pipermail/linux/attachments/20161104/3e92ee4c/attachment.pgp>

More information about the Linux mailing list