Forwarded from: Steve Vawter <svawterat_private> Could not this allow for some smart fellow to put their own device on the system with their own fingerprint, bypassing the security? What type of security keeps this from occurring? > Their fingerprint-recognition devices keep the print data in the > devices themselves, not on a server or PC, and they have added other > security enhancements. Last year we looked at Precise Biometrics's > 100 SC. This year, the new USB-connected Precise 100 MC surpassed > our expectations, earning a Reviewer's Choice designation." Steve Vawter UNIX SYSTEM ADMINISTRATOR Zone Labs, Inc. 1060 Howard Street San Francisco CA 94103 ph 415-341-8323 fax 415-341-8299 cell 510-409-9184 pager 877-933-0549 -----Original Message----- From: InfoSec News [mailto:isnat_private] Sent: Monday, May 06, 2002 12:27 AM To: isnat_private Subject: [ISN] Biometric Security Not Ready to Replace Passwords http://www.newsbytes.com/news/02/176325.html By Carlos A Soto, Government Computer News WASHINGTON, D.C., U.S.A., 02 May 2002, 2:05 PM CST Biometrics vendors are doing their best to supplant passwords as the chief form of computer security, but Government Computer News Lab tests indicate that many of their products are not quite ready. Some developers have continued to improve already good devices, but others need to go back to the drawing board. Bad biometric security is worse than no security at all because it can lock out a legitimate user, admit an interloper or - perhaps most dangerous - lull a network administrator into a false sense of safety. For this review we examined six fingerprint-recognition devices and one voice-recognition device. A word of caution: An administrator cannot deploy large numbers of any of those fingerprint devices without third-party administrative software. [...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue May 07 2002 - 04:52:39 PDT