http://spiresecurity.com/?p=616 Risk and Cybersecurity Analysis Wed, 21 Aug 2013 23:28:51 +0000 hourly 1 http://wordpress.org/?v=3.5.1 http://spiresecurity.com/?p=616&cpage=1#comment-881 Pete Fri, 14 Oct 2005 21:29:21 +0000 http://spiresecurity.com/blog/?p=616#comment-881 First, they don’t have to “steal” my fingerprints – I am happy to leave them lying around on anything I touch.
But It’s the “can duplicate it at will” part that is a dubious point. What happens is that forgeries are made using jello molds are whatever. The system that is interpreting my fingerprint, then, must be able to tell the difference. If it can’t, then the whole idea of biometrics must account for the potential for forgeries, not because of secrecy, but because of the ineffectiveness of the solutions.
My point is against the silliness of suggesting that “you can’t reset a fingerprint like you can a password” – if you go into it thinking that this stuff is secret, then your system design is going to be off anyway.

]]> http://spiresecurity.com/?p=616&cpage=1#comment-880 Kulesh Shanmugasundaram Fri, 14 Oct 2005 19:50:11 +0000 http://spiresecurity.com/blog/?p=616#comment-880 I’m not quiet clear about your argument against “stolen fingerprints.” Suppose someone stole your fingerprint and can duplicate it at will. How would you fix the system?

]]>