From: m e (mje@list.intersec.com)
Date: Tue Jan 27 2004 - 08:58:20 EST
>When we investigated fingerprinting products, two colleagues cracked the
>system by using a paper photocopy of a finger. They placed it on the
>=66ingerprinting pad and pressed it with another finger to provide the
>heat that the pad needs to detect. I was incredulous of their account,
>but after reading the Putte source below, this sounds credible.
>
very cool. this i'll try and let you know.
please devil's advocate the following argument.
We are not trying to build a cruise missle to kill a fly.
We want 50% security control that 100% of the people use, not
100% security control that 50% of the people use.
I can't see a threat scenario where wife copies sales guys
thumbprint on gummy bear while sales guy is sleeping to get
a peek at his USB drive. Yes it may happen once a year, but
chances are they will lose USB device first.
Real vulnerability is sales guy loses USB drive, and Joe
Six-Pack picks it up and brings it home to his kid. Or leaves
USB drive at customer site and customer gets curious and tries
to look at it.
So what are the vulnerabilities in this scenario?
---------------------------------------------------------------------------
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:46 EDT