Firewall Wizards: Re: Biometrics (was Re: Username password VS hardware token plus PIN)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Firewall Wizards mailing list archives

Re: Biometrics (was Re: Username password VS hardware token plus PIN)

From: "Marcus J. Ranum" <mjr () ranum com>
Date: Thu, 14 Apr 2005 21:21:24 -0400

Paul D. Robertson wrote:

I don't think a wrist is that much more trouble than a finger to a
machette


I know you're just being funny, but this all misses an important
point: against an opponent that is willing to physically attack,
threaten, or torture you ALL authentication systems
are worthless. Especially if you assume a level of indirection
can be added (I.e.: "log me into the system or your child dies.")

There's only so good it's worth making these things. My problem
with biometrics is that they're not even *that* good without a
heck of a lot of extra mechanisms and tweakage. Biometrics
are really only good if you, ummm.... sell biometrics.

mjr. 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

By Date By Thread

Current thread:

Re: Biometrics (was Re: Username password VS hardware token plus PIN) Marcus J. Ranum (Apr 14)
- Re: Biometrics (was Re: Username password VS hardware token plus PIN) Adam Shostack (Apr 14)
  - Re: Biometrics (was Re: Username password VS hardware token plus PIN) Marcus J. Ranum (Apr 14)
    - Re: Biometrics (was Re: Username password VS hardware token plus PIN) Crispin Cowan (Apr 15)
- Re: Biometrics (was Re: Username password VS hardware token plus PIN) Kurt Buff (Apr 14)
- Re: Biometrics (was Re: Username password VS hardware token plus PIN) Kevin (Apr 15)