fingerprint login - some issues
Alan Cox
alan at lxorguk.ukuu.org.uk
Sun Jul 5 15:42:39 UTC 2009
> But seriously, I've read about all sorts of things people have done to
> fool fingerprint scanners, and seen some of them demonstrated. I put no
> faith in them to protect you when you need it. And I put no faith in
> them to stuff you around when you need access.
The other problem with them for laptops is users like nice smooth black
shiny laptops and leave their fingerprints all over them - kind of like
leaving the keys in the ignition.
> It strikes me that you could have some image printed on a keytag, and
> swipe that across the scanner, just as effectively as using your finger.
> And, unless someone can steal your keys, that'd be a harder image for
> someone to surreptitiously copy than your fingerprints (which they can
> copy from anything that you've touched).
And more importantly - there is a revocation process. Fingerprints are an
abysmal security tool because you can't change them. Once a copy of your
print leaks from any possible source holding it or is copied from any
random object you touch the entire world has the key forever.
The tech for print copying is now very good - so good that its actually a
problem for law enforcement because "beats me officer, maybe someone made
a copy of my print at home like they show you on youtube" is actually a
rather good answer.
Alan
More information about the fedora-list
mailing list