Andrew Plato wrote:
>Once again the idea is RISK REDUCTION. When used as part of a two-factor logon process (passwords and prints) there is a significant increase in security and decrease in potential for abuse. To successfully crack the system somebody would need BOTH thumb and password.
>
The difference between reliability engineering and security engineering:
* reliability engineering: you design against the ambient threat,
i.e. look at what's happening in the environment where you're
going to deploy, and ensure that the system can survive that.
* security engineering: you have to design against plausible
threats, i.e. assume that the attacker sees you do what you're
doing, and gets a turn to adapt to that.
You can build a security system that only allows people wearing orange
pants to log on, and that will stop 99.9% of all attackers today. But it
is not security.
Biometric thumb prints are slightly more effective than requiring orange
pants.
>Okay, I am being glib, but consider the REALITY of abuse: Our hacker would have to take a mold of my thumb, carefully build a replica, and break into my laptop. But you know what - if there are people running my company taking plastic molds of my thumb - my company has bigger problems then cracked biometrics. The act of fingerprint lifting had better raise some eyebrows around the office.
>
Go read this link: http://www.counterpane.com/crypto-gram-0205.html#5
It explains how exactly that can be done, using store-bought supplies
that cost $10, by amateurs, in about an hour. You don't have to lift
fingerprints in the office; you just casually steal a coke can while
looking like you are helpufully tidying up, and lift the fingerprint
from the coke can out of sight.
Biometrics are a joke, and far too few people know that.
>> * For cheap & cost-effective: use a strong password policy enforcer,
>> and ensure that passwords are not sent in the clear (i.e. use SSL
>> or SSH everywhere, especially for e-mail).
>> * For high security, strong authentication for computer systems is
>> 2-factor tokens: a smart card with a PIN keyboard on it, so that
>> to break in you have to both steal the smart card and know the
>> user's PIN code. Here's some resources on 2-factor tokens
>> o http://www.itsecurity.com/asktecs/may901.htm
>> o http://www.rsasecurity.com/products/securid/securid_softwaretoken_for_windows.html
>>
>Do you have any idea what a RSA token deployment costs? Suffice to say it is WELL outside the budget most of the firms in Oregon.
>
Sure. Really high security is very expensive. There are cheaper
alternatives to RSA 2-factor tokens, and they are commensurately less
secure.
Once again: for cheap & cost-effective, use a strong password policy
enforcer. It will be cheaper and more effective (i.e. resist more real
security threats) than the thumbprint stuff. The main defect is that it
is boring, and not sexy like biometrics. Biometrics get a lot of sex
appeal from movies, which always set them up as nearly unassailable. For
some reason, biometric customers never notice that the biometric
authenticator always gets spoofed by a little piece of rubber. And the
movie leaves out the fact that the little piece of rubber has been
effectively built with $10 worth of stuff by a mathematician screwing
around in his spare time.
>Compared to a $95 mouse or even the full-on enterprise deployment, the savings is enormous.
>
In the cheap end of things, instead of spending $95 per station on a
biometric device that only offers a sham of security, why not deploy a
strong password policy enforcer like this one
http://www.anixis.com/products/ppe/default.htm?anixispid=0A1002
Disclaimer: I have no affiliation with Anixis, and don't even know if
their product is any good. It's just the first one that came up on the
google search. Andrew is the security VAR, and I would rather see him
rep'ing password policy enforcers than biometrics. WireX does not
currently play in this space, so we don't have a product to push.
Crispin
--
Crispin Cowan, Ph.D.
Chief Scientist, WireX http://wirex.com/~crispin/
Security Hardened Linux Distribution: http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html
This archive was generated by hypermail 2b30 : Tue Sep 03 2002 - 17:10:29 PDT