> No, this means I can just walk up to your machine, and plug > my mouse in, > replacing your biometric mouse. Then when the host asks for the > biometric info, my mouse sends back the proper info, and access is > granted. Actually no - that isn't how the Biolink biometric system system works (that's the one we sell). The templates for prints are not stored anywhere on the mouse. They are stored within the actual computer or within a secured network appliance. Even if you stole the templates off the computer, you couldn't just input them into any old computer - you would have know the private key / template combination to use as well as pass in a live print. > In short, a broken design :) Yes, but what you describe is not how the biometric system we sell works. > See the c't article for more technical info on how to do this > if you are interested. I've read it. Its fascinating. We've tried it at work. Its not that easy to do. You have to be pretty commited and have resources at your disposal. But that's true of virtually ALL hacking activities. ------------------------------------ Andrew Plato, CISSP President / Principal Consultant Anitian Corporation (503) 644-5656 office (503) 201-0821 cell http://www.anitian.com ------------------------------------
This archive was generated by hypermail 2b30 : Tue Sep 03 2002 - 18:09:00 PDT