Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Biometrics Site Opens Doors

Posted by Zonk on from the scanning dept.

flickerfly writes "A new site to unite the individuals interested in Linux and Biometrics has opened its doors. LinuxBiometrics.com's purpose is to fill the biometrics void in the Open Source community. With the increased adoption of Linux in europe and the recent increase in biometrics interest by the EU, this appears to be a field ready to blossom into heavy adoption and will be in need of OSS support."

14 of 117 comments (clear)

  1. It's a matter of trust and privacy by kebes · · Score: 5, Interesting

    Open source biometrics shouldn't just be for those wacky Europeans who like OSS. Important security issues like biometrics should be engineered in an transparent fashion. This is necessary so that the citizens can be assured that their privacy is not being infringed, and that their security is being maintained.

    Closed formats and security through obscurity have well documented shortcomings. For important government and security applications (voting machines, encryption, etc.) it seems like an open standard and open software is a much better way to ensure reliability, stability, fairness, and so forth. After all, security is pointless without trust... and I would argue that trust in a system is enhanced by it being open.

  2. Be careful with biometrics! by tquinlan · · Score: 4, Interesting

    All Linux biometrics should look for HEAT in addition to regular biometrics (ie, fingerprint), so that something like this doesn't happen:

    http://news.bbc.co.uk/1/hi/world/asia-pacific/43 96 831.stm

    A cold finger shouldn't be usable, and that will keep them all attached!

    --
    DBA? Software Engineer? My company is hiring! Click
    1. Re:Be careful with biometrics! by kebes · · Score: 5, Interesting

      This is one of the problems with biometrics. I would rather someone steal my bank card and demand to know my PIN, rather than having them cut off my hand or cut out my eye.

      For every countermeasure there is a counter-countermeasure. If heat sensors are included, thieves will just use a lighter (or whatever) to warm a finger before using it. I've often thought that retinal scanners should check to see if blood is actually flowing in the veins/arteries in the retina, but this is not (currently) feasible I think. If this countermeasure existed, then no doubt someone would figure out a way to beat it (artificially flowing liquid through a detached eye sounds complicated, but you could probably fool the sensor by casting moving shadows on the back of a detached eye, thereby simulating the proper pulsating effect of veins...). I've also thought that eye-scanners that use the iris pattern instead of retinal pattern could emit a flash of light and monitor the rate at which the pupil contracts. This would be proof that the eye is alive (since it reacts) and could even perhaps guard against people being drugged or stressed. Again, however, I worry that someone would overcome it.

      The exact form of the criminal's counter-countermeasure of course depends on how the device works, but eventually they'll figure out how to beat it. Now, a technological escalation on cracking encryption or snooping network traffic is one thing... but when it comes to biometrics, it puts peoples lives in danger. So perhaps we should rethink this whole biometric thing. Is my car or bank account really worth so much that I'm willing to endanger my hand or eye???

    2. Re:Be careful with biometrics! by kebes · · Score: 2, Interesting

      Contrary to myth (i.e.: television shows), twins do not have identical fingerprints (or retinal patterns, etc.). They have identical DNA, but the patterns on your fingers are developmental. Twins have very similar fingerprints, but the exact curves depend on exactly how a person matured in the womb, and are thus distinct and distinguishable even for twins. Identical twins will have different birth marks and so forth.

      So in reality, if a biometric scan is supposed to prevent the 6 billion other people on earth from opening a lock encoded to me, then my evil twin brother will also be locked out. Real biometric scanners, of course, may not be that refined.

    3. Re:Be careful with biometrics! by HermanAB · · Score: 5, Interesting

      So, what about cold countries. I once walked into the bank and could not sign my name - my hands were too cold. So, they just laughed and carried on without a signature.

      --
      Oh well, what the hell...
  3. Exploring linux/biometrics in 2000... by Anonymous Coward · · Score: 3, Interesting

    ... and trying to locate a PAM implementation was ridiculous. The vendors had locked into MS, and completely ignored the huge Solaris/Unix situation; government for example. When visiting with the Biometrics people in several research institutions, they gave me a dumb look when I asked about open source of a PAM, and it was all about Windows. Duh. Sun was extremely tight-lipped as they apparently were keeping that market as an opportunity for themselves.

    I did find some odd threads of software activity, such as Univ. of Michigan, but that all seemed to go nowhere or die out; maybe they were all sucked up by the NSA? or the Banking industry?

    I'm sure this site will draw more open interest.

  4. Biometric is kinda fine by vadim_t · · Score: 2, Interesting

    But only when not used for anything important.

    For example, at a small company they're installing a biometric thingy to keep track of when people enter and exit. It looks like the biometric sensor will be used as a replacement of the username, and still require a password.

    Now, using it for something seriously important, such as ATMs is definitely a very bad idea.

  5. Re:Try: by azmeith · · Score: 4, Interesting

    How can any form of biometric software (os or otherwise) be 'good'?

    The way I see and understand it, it will never be perfect, not because humans are not smart enough to come up with innovative uses of a techonology but simply because the human body which provides the biometric information in the first place is a living, breathing, evolving, ever-changing entity. Moreover I just happen to believe that we as humans, being so error prone, can never come up with a fool proof system, irrespective of what a whole bunch of govt agencies would like us to believe.

    Given all of that what scares me is not the fact that these technologies will be error-prone forever but that there will be no humans around to arbitrate any conflicts/problems in most situations (as is wont to happen when ppl start to take a system for granted). I really wouldnt want to be in a position becase a machine/system/software suddenly decides I am a terrorist because my thumb prints are obscured, because I play too many games using a fucked up pad, and taking 'pre-emptive' action.

    Just because the system will be FOSS and a few million eyes will be watching the arch/code does not mean it will be perfect. And at what point of time do we say - 'Oh crap! this is not going to work.'; when a person dies, two ppl die, two thousand non-first-world ppl die?? And assuming ppl do get tech savvy, and put up monitors (the human kind) we come back to the same old question of who monitors the monitors??

    A simple illustration of the problem is the use of ppl (too many, some would claim) in airports in Israel, India, Malaysia and a bunch of other countries which have problems with violent extremism (I hate the word terrorist - but thats a whole another story) and cant spend 10 mill USD per machine for 10 machines per airport. Their record regarding security breaches is a whole lot better then some of the most advanced western airports with some of the most advanced gizmos. It works simply because of redundancy, training, experience and human judgement, three of which a machine can probably never replicate fully.

    Give me ppl any damn time.
    --
    I'm not dumb. I just have a command of thoroughly useless information. -Bill Watterson

  6. Hand-based biometrics and public health by gotgenes · · Score: 1, Interesting

    Give time for a really good endemic/pandemic of a really nasty, contact-dependant communicable bug, and hand-based biometrics are going to look like a bad idea real quickly.

    Think SARS panic plus these stupid hand/fingerprint scanners.

    At the University of Georgia, they already have such systems set up for access into the dining halls, dorms, and the rec facility. Thank God on the other side of those hand scanners there's usually a hand-sanitizer dispenser. If it weren't for that, I can only imagine how much more frequently I'd be ill.

    Retinal biometrics, okay, just don't blind me. But hand-based biometrics... I mean, watch what you do with your hands everyday... then think about the guy in front of you in line who's using that scanner. Hope you like mucosal exchanges...

    --
    It's such a fine line between stupid and clever.
  7. Biometrics are more trouble than they're worth. by LokieLizzy · · Score: 4, Interesting
    The risk of losing an eye or a limb to a hardened criminal determined to access my personal information far outweighs whatever security such a system might offer. If such a person attacked you in the middle of the night, which would you rather do? Give them your PIN and wallet full of cash and credit cards, or try to find a way out of the situation when they realize that the only way they're going to get your company secrets/bank account is if they lop off your index finger or scoop out your eye with a knife?

    If you'd choose door number two, then you're a far stranger man than I'll ever be.

    If you're working in a business where you absolutely need the best security for whatever you're doing, then you'd better be prepared to pay top-dollar for loyal bodyguards willing to use lethal force to keep you alive.

    --
    My digital rights don't need management.
  8. Re:Confused by mboverload · · Score: 4, Interesting
    Once you lose your fingerprint to theives you are screwed for the rest of your live.

    You can't change your fingerprint or your biometrics, which is why they are a stupid idea. Once they come up with a way to even imitate retnas the whole security system that was based around biometrics will be SCREWED.

  9. Re:This site looks like spam.. by Bastian · · Score: 4, Interesting

    You don't need to cut off a person's finger to get their fingerprint, nor do you need to cut out their eyes to have a model for what their retinas look like. In fact, both those plans would be inadvisable since a good biometrics system (which is what you'd be encountering anywhere you're willing to horribly mutilate or kill someone to get into) will involve sensors designed to tell if what's being scanned is alive.

    The technology to mimic body identifiers will come. A cheap technique for mimicing a person's fingerprint well enough to fool a biometric scanner is already well-established, and will fool heat-sensing scanners, too, since all you need to do is coat your fingertip with some gelatin and then etch it.

    And I would suggest that the "something you have, something you know" system is severely compromised if the "something you have" part is something that can't be voided and replaced. It means that you have to either re-do the entire security system from the ground up to use a different "something you have" whenever someone steals an important "something you have", or you are forced to fire the person who owned that "something you have", or you have to accept that for at least that one person, you no longer have a "something you have, something you know" system.

    If you really need it to be attatched to your body, why not put it in the form of some sort of implant, like the ID chips people put in their pets?

  10. Use of biometrics by the+grace+of+R'hllor · · Score: 2, Interesting

    Biometrics as a security measure has its drawbacks, mainly because some people will not worry too much over cutting off a victim's finger. But there are other areas where biometric identification can apply.

    I could imagine getting pain or sleeping medication in a secure container that checked your fingerprint, and distributed the appropriate dosage only to the correct individual, for example. This would prevent someone swallowing the all the pills in the bottle (ie., attempted suicide), or giving medication to someone who shouldn't have it (painkillers and sleeping pills can become addictive, and some people ask 'friends' for them). Return the container to get your new dose.

    To get really fancy, install a screamer circuit that alerts the local pharmacist or housedoctor when the container is breached; this would require a widely and cheaply available wireless network, though.

    While this may technically be 'security', it's unlikely people will cut off fingers to get through it.

  11. Microsoft Finger Print Reader - Working by Anonymous Coward · · Score: 2, Interesting

    I would love to get my Microsoft Finger Print scanner working. There are the mice and keyboard combo. I have the standalone unit. It would be nice to have it working under linux. Setup GDM, KDM to use this device for sign in on a linux box.