Fingerprint readers

Fingerprint readers are more for the illusion of security rather than actual security.

If a knowledgeable attacker has physical access to your PC, your data is theirs - at least in Windows-land.

Some (Microsoft fingerpint reader, I'm looking at you) send the authentication in plain text rather than cyphertext.

Some have accepted the latent image left by the last user when it has been opaqued by breathing heavily on it.

Many fingerprint readers can be fooled by soft candies. (eat the evidence afterwards!)

Or you can make your fake print out of PVA adhesive so you can use it again and again.

Some people who handle rough or abrasive materials frequently (hello, woodworkers) or who have dirty skin may not have fingerprints that are clearly defined enough for reliable, repeatable identification with a fingerprint reader.

If you find it hard to remember decently strong passwords, one solution that provides a dictionary attack proof password is to use the first letter from each word in the chorus of your favorite song.

For example, if your favorite song is "Now I wanna sniff some glue" by The Ramones, then the lyrics "Now I wanna sniff some glue, now I wanna have somethin' to do" gives you the password niwssgniwhstd - which is unlikely to be guessed by anyone!

Remember that all data protection can be bypassed with rubber hose cryptanalysis.

I used to have access to the Social Workers and Union computer files when I was in the public service, my password at the time was deathtothesocialistleft , caused a bit of a stir when I got out and they needed access:D :D :D

Quote:

---

Originally Posted by Iain

I used to have access to the Social Workers and Union computer files when I was in the public service, my password at the time was deathtothesocialistleft , caused a bit of a stir when I got out and they needed access:D :D :D

---

Carl Marx would have been proud of you :D
... and if not him, Groucho Marx :rolleyes:

Richard

Son in law (cryptography PhD) cracked a print reader at a professional conference using latex false prints. Didn't crack the iris reader though, but believed it would be vulnerable to software hack if there was enough time.

Alex,
was that the son-in-law that was with you when you were up this way? You should have told me of his talents, I would have taken him down to the local ATM to see a display of his skills! :eek: ;) :D

Quote:

---

Originally Posted by journeyman Mick

Alex,
was that the son-in-law that was with you when you were up this way? You should have told me of his talents, I would have taken him down to the local ATM to see a display of his skills! :eek: ;) :D

---

It was indeed, Mick. But he was probably too busy playing computer shoot-'em-up games.:rolleyes:

Sorry I haven't been in touch since I came back - bit busy. Was good to catch up with you & put a face to the name. Hope things are starting to dry out a bit Mick & Cliff.