[ISN] Placating the public's misconceptions

From: mea culpa (jerichoat_private)
Date: Tue Mar 16 1999 - 16:26:03 PST

  • Next message: mea culpa: "[ISN] Otsuka Shokai to Start 24-Hour Remote Virus Service"

    Placating the public's misconceptions
    By John Davidson
    The only thing really lacking about internet security is public
    comprehension. Why is so much of the public so insecure about e-commerce,
    when it's perfectly willing to do far more reckless things like turn their
    TVs into answering machines for aliens? Maybe the fear is brought on by
    the IBM TV ads, saying the net isn't safe (unless you buy IBM software). 
    Whatever's causing it, Eye Site believes web dread is largely misplaced.
    Even with only the most basic level of security - the weak encryption
    commonly used to secure the link between consumer and online merchant -
    the internet is still just about the safest place to hand over credit card
    details.  But for some reason, people who gladly read their credit card
    details out loud over the phone eschew the internet. It doesn't make
    sense, as IBM says. 
    Still, we must pander to cyber-sissies, and so Eye Site has been looking
    at new PC-based fingerprint authentication technology from the Lucent
    spin-off, Veridicom. 
    Veridicom has produced a silicon chip that can tell who you are just by
    pressing on the back of it.  The idea is that users lock up their digital
    certificates inside their PC or on their smartcard, so that they can only
    be accessed by someone with their fingerprints. 
    Thus, any transaction done on the internet using the certificate must have
    been done by the certificate owner, or at least by someone with the
    owner's fingers. (Eye Site's suggestion: if someone steals your fingers,
    cancel your cards.) 
    The interesting thing about this technology is not that it works - there's
    been electronic finger print security technology on the market for years -
    but that it works and it's expected to only add around $5 to the cost of a
    At $5, there's no reason why it couldn't be incorporated on every PC or
    every modem connected to the internet.There are of course privacy concerns
    about standardising a biometric technology, but it is possible to roll out
    a system where no-one except the PC's owner keeps a copy of the prints,
    short circuiting any temptation the banks may have to pass those prints
    onto Athena the Starwoman for analysis. 
    Will biometric technology make the internet a safer place? It hardly
    matters. All we need is something that relieves public anxiety. If someone
    could convince internet users that every PC had a secret number in it that
    revealed their identity over the internet, that could work too. Only,
    that's too ridiculous to contemplate. 
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:20:58 PDT