Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux And Biometrics (Redux)?

Posted by Cliff on from the let's-try-this-question-again dept.

An Anonymous Coward asks: "Does anyone out there have current information on the use of biometrics with Linux? There was an article in the Linux Journal, but it was more of an introduction to the topic than a discussion of the state of development. Are there any biometric products that have decent Linux drivers for them? If so, is anyone currently using them to replace password authentication?" We last touched on this subject last May with little commentary on the subject. Has a year made any difference?

2 of 4 comments (clear)

  1. No! No! Baad Designer, No Biscuit! by human+bean · · Score: 3
    Don't build systems that use biometrics for authentication.

    Anytime you make a system that distributes real value (money, information, control) in exchange for authentication (bio or otherwise) you, as a basic safety feature, must ensure that the authenticating method and device can be handed-off to anyone in functioning condition.

    To do otherwise is to invite coersion of the authenticating individual. You have to be able to take the smart-card (or whatever) out of the wallet, lay it down on the ground, tell the coercer the codes, and then back away. As funny as it may seem in our movie-plot-soaked society, most criminals (or professionals, depends on who is doing the coercing...) are only interested in your assets, not you personally. Once they have what they came for, the rest is none of their concern. Muggers would rather be whacking your card for cash and moving on than beating you up (there are exceptions).

    Don't think that body parts are sacred. "I don't need you, I only need your thumb...", and systems that require a living bioauthenticator are the worst (ugly image of what people will do to somebody else for twenty thou tastefully not inserted here).

    This is not to say that biometrics are not useful. I for one would love to view 3-d images made by a computer that measured your pupil distances and adjusted the display accordingly. Or which figured out who I am, so as to route my telephone calls to whichever room I am in.

    --

    *whup* "Get along, little electrons. Heeyah!"

  2. I partially disagree... by HadronPie · · Score: 2

    ...at least when it comes to retinal patterns. Any (well, most, I guess - I'm not an expert) damage that might be incurred to an eyeball by forcefully removing it would probably disrupt the retinal patterns enough to make any attempt to use an extracted eyeball for identification fail. (one of the many problems I had with the movie Demolition Man...)

    Then there's voiceprint - but only for less secure stuff where there's very little chance of a high quality recording being made covertly.

    Yes, for less hi-res scans like thumbs and palms, there's much room for dismemberment...