On Wed, Feb 4, 2015 at 2:51 AM, David Lang <da...@lang.hm> wrote: > On Tue, 3 Feb 2015, Yves Dorfsman wrote: > >> On 2015-02-03 16:46, Edward Ned Harvey (lopser) wrote: >>> >>> surprisingly good. I like to use BioWallet as an example - you use your >>> finger to "sign" the screen of your phone to unlock a secure wallet. If >>> I >>> hand my phone to someone and tell them my password, they can't get in. >> >> >> Because of google authenticator etc... access to my phone is too important >> to >> use my finger (and I encrypt it): >> >> - I cannot forget my finger, with a password I can choose to go to jail or >> remembering my password >> >> - my passwords will die with me. If you kill me, you won't get my >> password, my >> fingers... "on the other hand"! > > > mythbusters showed that you could fool fingerprint readers with a gummi bear > (and more advanced readers without much more) > > They may be unique, but they are also extremely hard to change if duplicated > :-)
Randomly apropos to biometrics, a few months ago I was out with some techies and one of them was talking about his new cell phone and mentioned that it had the ability to use facial recognition to unlock his phone. (Although, he wasn't using the feature.) At my urging he went ahead and set it up. We then took a picture of him with someone else's smartphone, displayed it full screen on the second phone and after moving the phones back and forth for about 30? seconds managed to unlock the first phone. I don't recall the models of the phones (probably Android though) and I don't know know how repeatable this would be; but it certainly didn't do anything to encourage me to trust facial recognition for security purposes. Bill Bogstad _______________________________________________ Discuss mailing list Discuss@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
