Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mouse Scans Palms to Verify ID

Posted by CmdrTaco on from the logs-you-in-and-reads-your-future dept.

p00kiethebear writes "'Fujitsu is eyeing a variation on the centuries-old art of palmistry as the latest biometric weapon against unauthorized access to computer systems and facilities. The company has developed a computer mouse that will scan the palm of the user and deliver not a look into the future but verify the identity of that person.', With a .5% error rate I wouldn't be surprised if we saw this in offices within the next few years."

17 of 145 comments (clear)

  1. heh.... by bdowne01 · · Score: 4, Funny

    A lot of good that does from keeping someone from typing 'rm -rf *'. :)

    --
    -brain
  2. Wash your hands by theefer · · Score: 4, Funny

    Now you'll eventually have a reason to wash your hands : if you don't, you won't have access to the computer !

    Mom's gonna be happy ...

    --
    theefer
  3. The Switch by espionage_7 · · Score: 3, Interesting

    Well I would just switch out the mouse with one of my own =)

  4. Why a mouse? by Pyromage · · Score: 3, Interesting

    Why use a mouse? I mean, mouses are subject to so much wear and tear that the sensors and lenses have to be real beaten on. I don't see a reason not to have a palm-checking USB device instead.

    Something just used for recognition would seem to be a bit more practical. Cheaper because size wouldn't be a significant factor, and also it'd be easier to lock down against theft.

    But a mouse is just asking for trouble. Its got a .5% error rate when clean, but what about when six months old, sweaty, covered in coke, chips, and bodily fluids and has been used for 8 hours a day for the last half year?

    A mouse is a bad idea.

    1. Re:Why a mouse? by Scrameustache · · Score: 3, Funny

      what about when six months old, sweaty, covered in coke, chips, and bodily fluids

      Jeez, I'd hate to shate a machine with you! :- )

      --

      You can't take the sky from me...

  5. Re:Slashvertisement? by Jeremiah+Cornelius · · Score: 3, Interesting
    Here's the good part.

    The thing attaches to an ordinary PS/2-style mouse port. That's a secure channel!

    So anybody who can land a trojan on the box, can easily capture the valid auth dialogue with the device...

    It wouldn't be too tough to have a bogus "print" stored electrically, and rep[lay it either from the actual port, or read from a location in memory.

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
  6. Re:Slashvertisement? by Jeremiah+Cornelius · · Score: 3, Interesting

    Actually, now I think of it, there is a HUGE contact area on this thing! Must leave a great print on the reading surface! What an opportunity for capturing palm-prints for forging access.

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
  7. Re:I can see it now... by Cyno01 · · Score: 5, Funny

    most biometric scanners can compensate for small temorary differences, if 95% of your hand still matches the file your ok, so small cuts are no big deal, if however you spilled acid on your hand or something, that'd be a different story

    --
    "Sic Semper Tyrannosaurus Rex."
  8. Issues with Practicality by neurostar · · Score: 4, Interesting

    I personally am not in favor of biometric protection devices. Even if they are 100% effective and never make mistakes reading, I do not feel that they are a wise choice.

    Bruce Schneider wrote a good column about biometrics here. I don't like the fact that some biometrics are very easy to steal. This means that once someone discovers your biometric "password" they can use it anywhere because you can't change your password.

    So I personally would be wary about having too much faith in such a device. /p neurostar

    1. Re:Issues with Practicality by JoeBuck · · Score: 4, Insightful

      To paraphrase Schneider: if someone steals your palmprint (for example, by getting a print off a surface that you touched and making a duplicate good enough to fool the scanner), where do you go to be issued a new palm?

      Biometrics are ok if they are only part of what you need to get into the system (e.g. the right fingerprint plus the right password).

  9. Re:Slashvertisement? by Idarubicin · · Score: 3, Interesting
    Must leave a great print on the reading surface! What an opportunity for capturing palm-prints for forging access.

    Actually, that's one improvement that this system has over the easily-fooled fingerprint based systems. Since this system uses reflectance measurements from the palm that are affected by deep structures (veins), the palm print left on the mouse won't do a potential cracker any good.

    That said, I suspect that the system really isn't worth the trouble. Other posters have noted that the mouse connects to an ordinary PS2 port, so there's an opportunity for a spoof right there. And the 0.5% error rate sounds good--but only if those are all false negatives. If the system is misidentifying users 0.5% of the time for a database of 700 users, then there will be a truly embarrassing failure rate in a corporation of, say, ten thousand users.

    --
    ~Idarubicin
  10. the question is... by carpe_noctem · · Score: 5, Funny

    Will someone write an application for this mouse to read your palm? That would be a nice touch each morning when checking the 'ol inbox.

    --
    "Quoting famous computer scientists out of context is the root of all evil (or at least most of it) in programming." - K
    1. Re:the question is... by silverhalide · · Score: 3, Funny

      It'll be a good update to the popular "fortune" program!

  11. Re:Slashvertisement? by Idarubicin · · Score: 3, Insightful
    Of course, since we have physical access to the machine anyway, we might as well install a keystroke logger as well as record the authentication from the mouse...

    I guess it comes back to what we already knew--as soon as someone has unfettered physical access to a machine, it's security is effectively compromised.

    You want to limit access to a computer? Put it in an office. And lock the door. Know who has keys. Audit those keys.

    --
    ~Idarubicin
  12. Eczema sufferers will love this (not) by charlie · · Score: 3, Interesting
    Like a rather large number of people, I have atopic eczema. This means that patches of my skin get red, sore, and swollen, then subsequently dry out and turn flaky and opaque before falling off. It's unsightly, sometimes painful, and itches like hell -- but it's not infectious. Nor is it curable. (Spot the "opaque" bit. That's important, in the context of this gadget.) The only treatments we've got for it are palliative, and it can be triggered by stress, allergies, or other environmental. factors. Finally, just for fun, one of the commonest parts of the body to be affected is ... the palm of the hand.

    So now a visible percentage of the population are now going to be intermittently locked out of their computers by a stress-related illness. Isn't technology great?

  13. 0.5% by Cryptnotic · · Score: 3, Interesting

    Is that 0.5% rate the "false positive" or "false negative" error rate? If it is a false positive rate, then that means 1 in 200 times, the wrong person will be allowed access. That is much worse than the false negative, i.e., 1 in 200 times the correct person will have his authentication fail.

    --
    My other first post is car post.
  14. 1 in 200 error rate? That's not good! by skoda · · Score: 3

    [i]With a .5% error rate I wouldn't be surprised if we saw this in offices within the next few years[/i] A 1/2% error rate is a 1 in 200 error rate. That's not very good. That means you could walk through a large office and have a fair chance of being falsely recognized by the id system.

    --
    ShoutingMan.com