Re: technical question about fingerprint usbkey
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


sci.crypt archive

Re: technical question about fingerprint usbkey

From: Anne & Lynn Wheeler <lynn@garlic.com>
Date: Tue May 24 2005 - 16:31:40 CEST



"frozt" <frozt54@gmail.com> writes:


> i saw them fool those things with a melted gummy bear on techtv...



the issue can be security proportional to risk.



something like 30 percent of debit cards are reputed to have the


PINs written on them. part of this is the serious proliferation


of shared-secrets ... and the difficulty of people being forced


to remember scores of different shared secrets.


http://www.garlic.com/~lynn/subpubkey.html#secrets



some number of the fingerprint scenarios are targeted at the


pin/password market where there is significant, common practice for


people writing down their pin/password.



in this case the issue comes down what is simpler, easier for


a crook (having stolen a card)



1) to lift a pin written on the card and fraudulently enter


the pin



2) to lift a fingerprint possibly left on the card and fraudulently


enter the fingerprint.



-- 
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/


Received on Thu Sep 29 21:38:21 2005