rss
 
comment(s)

archives
J|F|M|A|M|J|J|A|S|O|N|D
(20##) 10 9 8 7 6 5 4 3 2 1 0 <
 
DesktopWeb FormText   shouldnt it be called 'biostandards' in the USSat, 18 Jun 2005 17:29:31 GMT # 

optionsScalper is talking about biometrics. specifically he mentions the MS fingerprint reader ... which i own but have not used yet (damn you MS fingerprint reader and Media Center Edition 2005 for not supporting domains). fingerprint reco is interesting because it has already been successfully attacked with the gummy finger ... mmm, gummy finger. there are ways to harden this up some by requiring 'proof of life' (not the movie). of course there are other physiological traits that can be used as well ... think minority report (the movie). but there are also behavioral traits such as your handwriting and voice. BTW Speech Server and SALT need a way for me to perform speaker verification. the problem with those is that they can be attacked as well. somebody could use an app running on a tablet to learn my handwriting lack of style, as well as constantly recording my voice to extract the phonemes. granted ... that would be tough ... but not kimpossible. and then there is what i know ... the password ... which can only be obtained through means of torture, women, or looking at the post it note under my keyboard. which brings up multi factor authentication. e.g. doing a blind signature of a password in which i dont use my standard handwriting style. or having voice reco done while my retina is scanned. patting my head and rubbing my belly at the same time while having my DNA extracted is also as unique as a snowflake. so i dont see us replacing passwords with biometrics ... just augmenting them. and that should give us the false sense of security that we so desperately need