The Security of You

  • Comments posted to this topic are about the item The Security of You

  • Excellent editorial, Stev.

    I dabbled in security years ago. What you're saying is absolutely correct: people expect newer technology - whatever it is - to be better. This expectation historically sets the stage for fantastic examples of security gaps. Some of them have been written about and made into movies.

    The truth is: newer != better. At least not always.

    Newer almost always means new security holes. The downside (and we see this in software as much as anywhere) is we don't know where the new holes are... yet.

    :{> Andy

    Andy Leonard, Chief Data Engineer, Enterprise Data & Analytics

  • Good editorial.

    I find biometrics dangerous, not sure why but the entire concept feels like it's invading my privacy and me as a person and I do not believe it's any better then a card or a ring or something else that is not a part of my body. Besides, a failing ring/ card can be replaced, if I have an accident with my thumb and burn the skin or if it's is going to take my blood sample every time.. no way.

    Besides, I'd prefer to have my card stolen then my thumb if I ever happen to work at a place where such things is an issue!

  • Actually, we do know many of the security holes, but the vendors generally like to ignore them, describing them as 'impossible' and so forth.

    I don't have a reference to hand, but just last week The Register was reporting that people had been able to get a hold of Jacqui Smith's fingerprints. These will then be published on the Internet, allowing anyone to make their own latex copies, or whatever. Other studies have shown that a simple photo-copy is enough to fool most finger-print scanners.

    Throw away your pocket calculators; visit www.calcResult.com
  • I think Steve's best point is the one about trusting systems too much. The more 'infallible' a system, the more unready we are whenever it does happen to fail.

    Can you say, 'Titanic'?

    No system is infallible and maybe we're better off with known issues that keep us on our toes.

    ___________________________________________________
    “Politicians are like diapers. They both need changing regularly and for the same reason.”

  • Biometrics have lots of problems. Even assuming the data is read-only secure (by which I mean someone can't substitute their fingerprints for yours, or yours for some known criminal!) you still have an insurmountable problem.

    Using the Jacqui Smith example above, her biometric data (fingerprints) are now out in the wild. Even barring Misson-impossible style physical imposture scenarios, the real problem is remote verification (ie over the internet).

    The computer doing the checking is NOT checking your fingerprint(s). It's checking the *digital representation* of your fingerprints, sent from God-knows-where. That means A) you can't verify it and B) once the biometric is compromised, you're screwed. You can't replace your fingerprints or your retinal pattern--that's the whole *point* of biometrics.

    So what biometrics gives you is an irreplaceable piece of data that is easily stolen and used to "prove" a criminal is you.

    Sound like fun?

  • Someone pointed it out; we don't know what the issues are. It's like us designing applications and users not realizing what the issues are until they see the final product. We won't know what the problems are until they start occurring.

    This is one area I can secure my laptop with, but I don't want securing my banking, medical, or any other records for some company.

  • The problem with biometrics is no different from other manifestations of the Big Brother Card. The implication is vast. When BOBB (Barack Obama Big Brother) and his minions act in my best interest when I don't agree with their conclusions, who knows what they will do with and to my BBC.

    THe problem is not so much with the card. The problem is with the people who control the information.

    No Thanks.

  • I'd argue with the Patriot Act, I wouldn't trust the other side any more.

  • If your bank account or credit card becomes compromised, you can be issued a new account number.

    If your fingerprints become compromised, you can't get new prints

    ...

    -- FORTRAN manual for Xerox Computers --

  • But we can remove the old ones! :w00t:

  • I've always been skeptical of biometric security simply because it assumes secure endpoints, which is precisely the least logical assumption that a security system should make. With USB fingerprint devices becoming much more common, are you just going to trust that my USB reader isn't sending a digitized copy of somebody else's prints? Do I really want to send a digitized copy of my fingerprints across the wire to a website to sign in?

    Imagine the DBA scenario: "Hey, Bob. We've got 40k rows of orphaned fingerprint records in here. Those developers must've dropped the foreign keys again. What do we do with 'em?"

    I do think that biometric security makes for more interesting replay attacks. Along the same lines as high quality video spoofing that the Pentagon has been worrying about for years. Is it real? Or is it Memorex? Or completely fabricated? The cost of very believable, utterly fabricated video is going down, too.

    I have a tablet with a fingerprint reader on it @ home and unless I am very careful to go slowly (with any of my ten digits), it's about 2:3 correct scans or less. Cold or very dry fingers make it even harder.

    Which reminds me... We need to invent a new protected class (in advance)! The fingerprint-challenged. My wife is one of them. Every time she's fingerprinted for her concealed carry permit, digitally or with old-school ink, the police officer or fingerprint technician has a really hard time getting a clean print from any of her digits. Her hands are so dry and prints so thin that even an FBI-trained expert gave up once and signed a notarized letter stating that "the attached fingerprints" (such as they are) were the best effort they could muster and that she should be issued a permit anyway, even though the prints probably couldn't be scanned successfully into NICS.

    Because you know that it would be descriminatory to deny someone a job just because they don't have proper fingerprints, now wouldn't it? Heh.

  • Security is a fascinating topic, and a long one if you really wanted to go into it.

    Lets go for the most common, bond/mission impossible inspired security: fingerprint readers. Is it easier to take a copy of a fingerprint, or just to chop a finger off and use that? Sometimes the latter will be easier, and it happens (http://www.schneier.com/blog/archives/2005/04/security_risks_2.html). This kind of story isn't uncommon.

    What is more interesting is gait-recognition. How is someone going to steal your gait? If a camera watching you walk down the corridor could verify you are you, not requiring any knowledge inside your head, or bits off your body to let you in the door then isn't that a great concept? Ah, but you'd have to make sure that putting a video playback of your walk in front of the camera wouldn't fool it, like the photocopied fingerprints.

    So now lets revisit the laptop thing. Gait recognition is presumably impractical - I'm not up for walking around the opposite side of the room in starbucks just to login (http://uk.youtube.com/watch?v=IqhlQfXUk7w). Fingerprint recognition I'll stay well clear of for as long as I can. If you work for a company that wants to make fingerprint recognition mandatory it might be worth asking them if they are going to pay all the employees danger money on a per-finger basis.

    How about a simpler approach? Let them steal the laptop, and even give them the password if your life or limb is risked (http://www.truecrypt.org/docs/?s=hidden-operating-system), they don't have to know its the wrong one. You might have to make sure you can turn if off before they get to it so that it boots up when they first switch it on. Less practical with cars though, I'm not sure what you'd have as the alternative to the real OS - lock them in and spray laughing gas through the aircon?

    Andy

  • The recent defeat of drive encryption by researchers using a spray can of chilly stuff and a RAM reader will also defeat the hidden o/s trick, I would imagine. Turning it off isn't guaranteed to be off-enough anymore.

    I was watching a cryptography special on one of the Discovery channels (I think) with the kids yesterday (in between games of Shadowrun and Gears of War 2), and I laffed out loud when the featured researchers were pronouncing the imminent demise of the cryptanalyst because we can make our key sizes so large now as to make them "uncrackable". Even so, it was an interesting (very high-level) overview of the history of crypto for my eight and nine year olds.

    :hehe:

    To get back to Andy's point, it was interesting that most of the well-known exploits of military cryptanalysis in WWI and WWII were primarily "social engineering" to provide the wedge, despite all of the heavy mathematical attacks.

    Note to self: When I become an evil overlord, I will not encrypt my messages in both the shiny new encryption algorithm AND the old encryption algorithm that I don't trust anymore in order to deprive my enemies of plaintext messages, even if it makes it harder to communicate with my minions. (See Wikipedia entry for the Japanese Purple cipher, if you need a reminder.)

  • There are much more fundamental problems that are easily obscured by technical issues.

    The entire principle of fingerprint evidence is scientifically flawed. In spite of what most people think they know, it does not even meet the basic criteria defined for other forensic evidence. Of course fingerprint experts will get it right many times, but there is no substance to their usual claim that their judgement is infallible. This has nothing to do with any technical issues, but comes from the fact that attempts to create a scientific basis for the reliability of fingerprint evidence have not been carried out. As a result nobody knows how reliable a positive match based on fingerprint evidence really is. And to prove that this is not a theoretical issue there the case of the terrorist attack in Madrid in which 4 FBI agents claimed a 100% match between a suspect and somebody else's fingerprint (this is not the only case of failure, but probably the one with the highest profile).

    So if this is the "golden standard" against which other types of biometrics will be measured, we should expect the worst, even if we get the underlying technology right.

Viewing 15 posts - 1 through 15 (of 32 total)

You must be logged in to reply to this topic. Login to reply