{"id":204,"date":"2009-01-09T14:54:39","date_gmt":"2009-01-09T19:54:39","guid":{"rendered":"http:\/\/vgable.com\/blog\/2009\/01\/09\/biometrics\/"},"modified":"2009-01-26T00:05:53","modified_gmt":"2009-01-26T05:05:53","slug":"biometrics","status":"publish","type":"post","link":"https:\/\/vgable.com\/blog\/2009\/01\/09\/biometrics\/","title":{"rendered":"Biometrics"},"content":{"rendered":"<p><a href=\"http:\/\/www.schneier.com\/blog\/archives\/2009\/01\/biometrics.html\">Summary of an article by Bruce Schneier for <em>The Guardian<\/em><\/a>,<\/p>\n<blockquote><p>Biometrics can vastly improve security, especially when paired with another form of authentication such as passwords. But it&#8217;s important to understand their limitations as well as their strengths. On the strength side, <strong>biometrics are hard to forge<\/strong>. It&#8217;s hard to affix a fake fingerprint to your finger or make your retina look like someone else&#8217;s. Some people can mimic voices, and make-up artists can change people&#8217;s faces, but these are specialized skills.<\/p>\n<p>On the other hand, <strong>biometrics are easy to steal<\/strong>. You leave your fingerprints everywhere you touch, your retinal scan everywhere you look. Regularly, hackers have copied the prints of officials from objects they&#8217;ve touched, and posted them on the Internet. &#8230;<\/p>\n<p> <strong>Biometrics are unique identifiers, but they&#8217;re not secrets.<\/strong><\/p>\n<p>&#8230; <strong>biometrics work best if the system can verify that the biometric came from the person at the time of verification<\/strong>. The biometric identification system at the gates of the CIA headquarters works because there&#8217;s a guard with a large gun making sure no one is trying to fool the system.<\/p>\n<p>One more problem with biometrics: <strong>they don&#8217;t fail well<\/strong>. Passwords can be changed, but if someone copies your thumbprint, you&#8217;re out of luck: <strong>you can&#8217;t update your thumb<\/strong>. Passwords can be backed up, but <strong>if you alter your thumbprint in an accident, you&#8217;re stuck<\/strong>. The failures don&#8217;t have to be this spectacular: a voice print reader might not recognize someone with a sore throat&#8230;\n<\/p><\/blockquote>\n<p>In <a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/cc512578.aspx\"><em>Why Identity and Authentication Must Remain Distinct<\/em><\/a>, Steve Riley cautions,<\/p>\n<blockquote><p>Proper biometrics are identity only and will be accompanied, like all good identifiers, by a secret of some kind &#8212; a PIN, a private key on a smart card, or, yes, even a password.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Summary of an article by Bruce Schneier for The Guardian, Biometrics can vastly improve security, especially when paired with another form of authentication such as passwords. But it&#8217;s important to understand their limitations as well as their strengths. On the strength side, biometrics are hard to forge. It&#8217;s hard to affix a fake fingerprint to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12,24,11,42],"tags":[297,295,298,296,40],"class_list":["post-204","post","type-post","status-publish","format-standard","hentry","category-design","category-quotes","category-research","category-security","tag-authentication","tag-biometrics","tag-identification","tag-interface","tag-psychology"],"_links":{"self":[{"href":"https:\/\/vgable.com\/blog\/wp-json\/wp\/v2\/posts\/204","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/vgable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vgable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vgable.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/vgable.com\/blog\/wp-json\/wp\/v2\/comments?post=204"}],"version-history":[{"count":0,"href":"https:\/\/vgable.com\/blog\/wp-json\/wp\/v2\/posts\/204\/revisions"}],"wp:attachment":[{"href":"https:\/\/vgable.com\/blog\/wp-json\/wp\/v2\/media?parent=204"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vgable.com\/blog\/wp-json\/wp\/v2\/categories?post=204"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vgable.com\/blog\/wp-json\/wp\/v2\/tags?post=204"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}