![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
ewxThis article, about a women demonstrating that biometrics can be faked (although she got caught in the end), reminded me of this one, which ought to be trotted out any time anyone suggests using fingerprints to protect anything even slightly valuable.
(I read that fingerprints don't match between identical twins, so the other obvious objection to the immigration control system using fingerprints might not stand.)
(no subject)
Date: 2009-12-08 12:50 pm (UTC)(no subject)
Date: 2009-12-08 06:46 pm (UTC)(no subject)
Date: 2009-12-08 01:08 pm (UTC)I remember security used to be something of a choice between "nothing", "a little, enough to incentivise a casual maelfeasor to go somewhere else" and "a lot, enough to make the weak point somewhere else in the system", but fingerprints managed to introduce a layer worse than nothing, "enough to incentivise a casual maelfeasor to chop body parts off with a machete".
I think Schneier said if you want anything approaching sensible security you should assume your fingerprints are public knowledge, and ask if the system makes sense in that case.
(no subject)
Date: 2009-12-08 01:10 pm (UTC)(no subject)
Date: 2009-12-08 01:19 pm (UTC)(no subject)
Date: 2009-12-08 02:04 pm (UTC)http://www.theregister.co.uk/2002/05/16/gummi_bears_defeat_fingerprint_sensors/
http://www.engadget.com/2005/12/11/play-doh-fingers-can-fool-90-of-scanners-sez-clarkson-u/
(And http://www.techdirt.com/articles/20051212/110218.shtml has a comment from someone who did it with latex)
But as ewx said, it might be harder to fool the immigration officers watching.
(no subject)
Date: 2009-12-08 02:45 pm (UTC)(no subject)
Date: 2009-12-08 04:47 pm (UTC)(no subject)
Date: 2009-12-08 02:41 pm (UTC)The trick? A false fingertip with not only the fake fingerprint, but with a tiny sac of the real person's blood under it.
(The title GATTACA itself is a reference to an arbitrary DNA sequence.)
(no subject)
Date: 2009-12-08 03:28 pm (UTC)And you don't want to know how far through the film I was before I made the connection!
(no subject)
Date: 2009-12-08 03:31 pm (UTC)(At least, I hope that's the case, otherwise I feel dumb too.)
(no subject)
Date: 2009-12-08 03:39 pm (UTC)(no subject)
Date: 2009-12-08 05:09 pm (UTC)(no subject)
Date: 2009-12-08 09:41 pm (UTC)(You could argue that since Japanese immigration control is more about public demonstration that foreign workers are being kept out than actual security, it doesn't matter that they use a slightly dodgy biometric system :-/)
(no subject)
Date: 2009-12-08 03:08 pm (UTC)http://www.foreignpolicy.com/articles/2009/11/30/the_top_10_stories_you_missed_in_2009?page=0,6 (getting a real passport with fake documents still works)
(no subject)
Date: 2009-12-08 05:22 pm (UTC)(no subject)
Date: 2009-12-08 08:09 pm (UTC)(no subject)
Date: 2009-12-09 12:25 am (UTC)(no subject)
Date: 2009-12-25 10:21 pm (UTC)