Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Biometrics Site Opens Doors

Posted by Zonk on from the scanning dept.

flickerfly writes "A new site to unite the individuals interested in Linux and Biometrics has opened its doors. LinuxBiometrics.com's purpose is to fill the biometrics void in the Open Source community. With the increased adoption of Linux in europe and the recent increase in biometrics interest by the EU, this appears to be a field ready to blossom into heavy adoption and will be in need of OSS support."

32 of 117 comments (clear)

  1. Confused by Anonymous Coward · · Score: 3, Funny

    Linux = good
    biometrics = bad
    Linux + biometrics = ?

    1. Re:Confused by 0x461FAB0BD7D2 · · Score: 2, Insightful

      Linux + biometrics = optional

    2. Re:Confused by mboverload · · Score: 4, Interesting
      Once you lose your fingerprint to theives you are screwed for the rest of your live.

      You can't change your fingerprint or your biometrics, which is why they are a stupid idea. Once they come up with a way to even imitate retnas the whole security system that was based around biometrics will be SCREWED.

  2. This site looks like spam.. by grazzy · · Score: 2, Insightful

    .. and besides, doesnt biometrics suck? It's all about onetime identifiers. You cant easily change your eye, breath or thumbprint if they happened to fall into the wrong hands.

    1. Re:This site looks like spam.. by drinkypoo · · Score: 2, Informative

      If your eye or fingers fall into the wrong hands, you've got bigger issues than access controls. Proper security works with something you have, and something you know; biometrics, and a password.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    2. Re:This site looks like spam.. by damiangerous · · Score: 4, Insightful
      No, biometrics doesn't "suck". But it's also not the security panacea it's usually made out to be. Biometrics can be a valuable part of the security "arsenal". One good use for it is a verification where the main breach won't come from malicious access but rather laziness.

      For example, a friend of mine is a pharmacist. The pharmacy technicians do most of the putting of pills in bottles, but everything has to be reviewed and signed off on by a pharmacist before it's released. The pharmacist verifies the finished prescription, uses his thumbprint to indicate he approves it, and a label is printed. With a password system it's far too easy for anyone to print out the approval label, and that's what would happen. Not out of maliciousness, but simply out of convenience.

    3. Re:This site looks like spam.. by B3ryllium · · Score: 2, Funny

      So if your place of work utilized a butt-print scanner, and it got broken into, you could say they stole your data "arse 'n all"?

    4. Re:This site looks like spam.. by the+grace+of+R'hllor · · Score: 2, Funny

      That's a horrible joke, and you deserve to be sent consecutively to each dimension of Hell for that.

      But this is Slashdot, so at least your audience has been desensitized.
      -- :-)

    5. Re:This site looks like spam.. by damiangerous · · Score: 2, Insightful
      Your biometric credentials couldn't be "compromised" for this purpose, that's the whole point as to why it's useful. It's a limited access, limited purpose system. It's only accessed from two physical terminals located in the pharmacy only during staffed hours and only does one thing, prints prescription approval labels. It exists to ensure that a given pharmacist actually does approve a given prescription rather than a tech who shoulder surfed a password or a lazy/too busy pharmacist who just gave the techs his password because he trusted them.

      As for being any good? Yes. It's ideal for this particular scenario and probably many other highly similar ones.

    6. Re:This site looks like spam.. by Bastian · · Score: 4, Interesting

      You don't need to cut off a person's finger to get their fingerprint, nor do you need to cut out their eyes to have a model for what their retinas look like. In fact, both those plans would be inadvisable since a good biometrics system (which is what you'd be encountering anywhere you're willing to horribly mutilate or kill someone to get into) will involve sensors designed to tell if what's being scanned is alive.

      The technology to mimic body identifiers will come. A cheap technique for mimicing a person's fingerprint well enough to fool a biometric scanner is already well-established, and will fool heat-sensing scanners, too, since all you need to do is coat your fingertip with some gelatin and then etch it.

      And I would suggest that the "something you have, something you know" system is severely compromised if the "something you have" part is something that can't be voided and replaced. It means that you have to either re-do the entire security system from the ground up to use a different "something you have" whenever someone steals an important "something you have", or you are forced to fire the person who owned that "something you have", or you have to accept that for at least that one person, you no longer have a "something you have, something you know" system.

      If you really need it to be attatched to your body, why not put it in the form of some sort of implant, like the ID chips people put in their pets?

    7. Re:This site looks like spam.. by JimBobJoe · · Score: 3, Insightful

      The pharmacist verifies the finished prescription, uses his thumbprint to indicate he approves it, and a label is printed. With a password system it's far too easy for anyone to print out the approval label, and that's what would happen.

      Essentially...biometrics is useful when security isn't important. (I think that will be the biggest uses of biometrics for years to come...non-security applications...like at my local grocery store where employees use their thumbrpint to sign into a time-clock. It is only loosely a security application, it's more of an application of convenience.)

      In the end, there is no security and privacy tradeoff, the main tradeoff is between privacy and convenience, and security and convenience. Biometrics is very convenient, but it's not very private and it's arguably not secure.

    8. Re:This site looks like spam.. by suitepotato · · Score: 2, Insightful

      .. and besides, doesnt biometrics suck? It's all about onetime identifiers. You cant easily change your eye, breath or thumbprint if they happened to fall into the wrong hands.

      I'm not sure how your breath can fall into the wrong hands. I have trouble smelling my own breath by cupping my hands over my face. As to your eyes and thumbs, are you one of those people who has detachable parts? Like, when your S.O.(yes, some Slashdot readers have actual real life involvements with women) says "get your butt out of bed" you can hand it to her and say, "sure, take it, let me sleep."

      Joking aside, bioelectricity, thermal output, and a bunch of other things are easily checked for to prevent use of amputated body parts.

      Optimally, there would be stress identification methods and more than one password such that if someone tried the gun-to-your-head coercion method, you could silently tip off the system to call the authorities to the location. Be nice if every important system had personal 911 sort of passwords right now. "Send two units to the ATM at Stepford Avenue, we have a possible kidnap."

      Biometrics is wonderful stuff in my book to keep people out of stuff where they don't belong. I just don't want a national ID card where I have to keep a record of my dna on file and so forth. But biometrics to secure my stuff? Better than leaving it wide open.

      --
      If my grammar and spelling are off, I am [distracted/tired/careless] (take your pick)
    9. Re:This site looks like spam.. by halleluja · · Score: 2, Insightful

      No, biometrics doesn't "suck". (...) Not out of maliciousness, but simply out of convenience.

      That is the scary part. In a few decades I will have to open my car with my retina just because 90% of the people is too lazy to put their keys on a nail near the door...

      I'd prefer to have my keys stolen and my eyes comfortably in their sockets, thank you.

  3. It's a matter of trust and privacy by kebes · · Score: 5, Interesting

    Open source biometrics shouldn't just be for those wacky Europeans who like OSS. Important security issues like biometrics should be engineered in an transparent fashion. This is necessary so that the citizens can be assured that their privacy is not being infringed, and that their security is being maintained.

    Closed formats and security through obscurity have well documented shortcomings. For important government and security applications (voting machines, encryption, etc.) it seems like an open standard and open software is a much better way to ensure reliability, stability, fairness, and so forth. After all, security is pointless without trust... and I would argue that trust in a system is enhanced by it being open.

  4. Be careful with biometrics! by tquinlan · · Score: 4, Interesting

    All Linux biometrics should look for HEAT in addition to regular biometrics (ie, fingerprint), so that something like this doesn't happen:

    http://news.bbc.co.uk/1/hi/world/asia-pacific/43 96 831.stm

    A cold finger shouldn't be usable, and that will keep them all attached!

    --
    DBA? Software Engineer? My company is hiring! Click
    1. Re:Be careful with biometrics! by TripMaster+Monkey · · Score: 3, Informative

      A cold finger shouldn't be usable, and that will keep them all attached!
      So the bad guys will keep it in a thermos full of hot water until it needs to be used. Problem solved.

      Seriously, though, the point that most people seem to be missing here is that your biometric identification information (fingerprint, retinal scan, iris scan, etc.) has to be stored somewhere. If it's stored somewhere, it can conceivably be accessed and altered illicitly, allowing acces to unauthorized parties. I believe most attackers will choose this method over the 'garden shears' option.

      --
      ____

      ~ |rip/\/\aster /\/\onkey

    2. Re:Be careful with biometrics! by kebes · · Score: 5, Interesting

      This is one of the problems with biometrics. I would rather someone steal my bank card and demand to know my PIN, rather than having them cut off my hand or cut out my eye.

      For every countermeasure there is a counter-countermeasure. If heat sensors are included, thieves will just use a lighter (or whatever) to warm a finger before using it. I've often thought that retinal scanners should check to see if blood is actually flowing in the veins/arteries in the retina, but this is not (currently) feasible I think. If this countermeasure existed, then no doubt someone would figure out a way to beat it (artificially flowing liquid through a detached eye sounds complicated, but you could probably fool the sensor by casting moving shadows on the back of a detached eye, thereby simulating the proper pulsating effect of veins...). I've also thought that eye-scanners that use the iris pattern instead of retinal pattern could emit a flash of light and monitor the rate at which the pupil contracts. This would be proof that the eye is alive (since it reacts) and could even perhaps guard against people being drugged or stressed. Again, however, I worry that someone would overcome it.

      The exact form of the criminal's counter-countermeasure of course depends on how the device works, but eventually they'll figure out how to beat it. Now, a technological escalation on cracking encryption or snooping network traffic is one thing... but when it comes to biometrics, it puts peoples lives in danger. So perhaps we should rethink this whole biometric thing. Is my car or bank account really worth so much that I'm willing to endanger my hand or eye???

    3. Re:Be careful with biometrics! by kebes · · Score: 2, Interesting

      Contrary to myth (i.e.: television shows), twins do not have identical fingerprints (or retinal patterns, etc.). They have identical DNA, but the patterns on your fingers are developmental. Twins have very similar fingerprints, but the exact curves depend on exactly how a person matured in the womb, and are thus distinct and distinguishable even for twins. Identical twins will have different birth marks and so forth.

      So in reality, if a biometric scan is supposed to prevent the 6 billion other people on earth from opening a lock encoded to me, then my evil twin brother will also be locked out. Real biometric scanners, of course, may not be that refined.

    4. Re:Be careful with biometrics! by HermanAB · · Score: 5, Interesting

      So, what about cold countries. I once walked into the bank and could not sign my name - my hands were too cold. So, they just laughed and carried on without a signature.

      --
      Oh well, what the hell...
    5. Re:Be careful with biometrics! by swillden · · Score: 2, Informative

      I've often thought that retinal scanners should check to see if blood is actually flowing in the veins/arteries in the retina, but this is not (currently) feasible I think.

      Actually, if there's no blood to inflate the vessels in the retina, the scanner will not be able to see them. In addition, the shape of the eye changes when removed from the head. Retinal scans of dead eyes simple do not work. Iris scans are a little "better" in this respect, but I've read that the eye changes enough that scanning a dead eye would also probably not produce a match.

      I saw a conference talk on this subject a while ago, by a researcher who had been experimenting with cadavers. He was even able to get some livescans of eyes of terminally-ill patients and then check the same eyes post-mortem. I don't recall the name, but Google will probably turn him up.

      The exact form of the criminal's counter-countermeasure of course depends on how the device works, but eventually they'll figure out how to beat it.

      To a point, but all security is built on the notion that if you can make it hard enough, the attacker will decide to attack something else. When you start talking about providing artifical blood flow into the detached eye, or simulating pupil response, your average mugger will prefer to just kidnap the whole person and force them to authenticate themselves.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  5. Biometric locks leave me feeling uneasy. by Andy+Mitchell · · Score: 2, Insightful

    I think ever since seeing the classic sci-fi series http://www.bbc.co.uk/cult/classic/blakes7/Blake's 7 as a kid the idea of biometric locks has filled me with dread.

    There is a scene where the protagonists try to persuade the guard they have over powered to put his hand on the sensor to open the door so they can progress their escape. Naturally he is not helping.

    Then Gan says to him: Look, we only need the hand. If you want to stay attached to it, do as you're told.

    Strangely enough, instant compliance!

  6. Exploring linux/biometrics in 2000... by Anonymous Coward · · Score: 3, Interesting

    ... and trying to locate a PAM implementation was ridiculous. The vendors had locked into MS, and completely ignored the huge Solaris/Unix situation; government for example. When visiting with the Biometrics people in several research institutions, they gave me a dumb look when I asked about open source of a PAM, and it was all about Windows. Duh. Sun was extremely tight-lipped as they apparently were keeping that market as an opportunity for themselves.

    I did find some odd threads of software activity, such as Univ. of Michigan, but that all seemed to go nowhere or die out; maybe they were all sucked up by the NSA? or the Banking industry?

    I'm sure this site will draw more open interest.

  7. But I thought... by StarManta.Mini · · Score: 2

    ....biometrics were supposed to keep doors CLOSED? :)

  8. Biometric is kinda fine by vadim_t · · Score: 2, Interesting

    But only when not used for anything important.

    For example, at a small company they're installing a biometric thingy to keep track of when people enter and exit. It looks like the biometric sensor will be used as a replacement of the username, and still require a password.

    Now, using it for something seriously important, such as ATMs is definitely a very bad idea.

  9. Re:Try: by azmeith · · Score: 4, Interesting

    How can any form of biometric software (os or otherwise) be 'good'?

    The way I see and understand it, it will never be perfect, not because humans are not smart enough to come up with innovative uses of a techonology but simply because the human body which provides the biometric information in the first place is a living, breathing, evolving, ever-changing entity. Moreover I just happen to believe that we as humans, being so error prone, can never come up with a fool proof system, irrespective of what a whole bunch of govt agencies would like us to believe.

    Given all of that what scares me is not the fact that these technologies will be error-prone forever but that there will be no humans around to arbitrate any conflicts/problems in most situations (as is wont to happen when ppl start to take a system for granted). I really wouldnt want to be in a position becase a machine/system/software suddenly decides I am a terrorist because my thumb prints are obscured, because I play too many games using a fucked up pad, and taking 'pre-emptive' action.

    Just because the system will be FOSS and a few million eyes will be watching the arch/code does not mean it will be perfect. And at what point of time do we say - 'Oh crap! this is not going to work.'; when a person dies, two ppl die, two thousand non-first-world ppl die?? And assuming ppl do get tech savvy, and put up monitors (the human kind) we come back to the same old question of who monitors the monitors??

    A simple illustration of the problem is the use of ppl (too many, some would claim) in airports in Israel, India, Malaysia and a bunch of other countries which have problems with violent extremism (I hate the word terrorist - but thats a whole another story) and cant spend 10 mill USD per machine for 10 machines per airport. Their record regarding security breaches is a whole lot better then some of the most advanced western airports with some of the most advanced gizmos. It works simply because of redundancy, training, experience and human judgement, three of which a machine can probably never replicate fully.

    Give me ppl any damn time.
    --
    I'm not dumb. I just have a command of thoroughly useless information. -Bill Watterson

  10. Biometrics are more trouble than they're worth. by LokieLizzy · · Score: 4, Interesting
    The risk of losing an eye or a limb to a hardened criminal determined to access my personal information far outweighs whatever security such a system might offer. If such a person attacked you in the middle of the night, which would you rather do? Give them your PIN and wallet full of cash and credit cards, or try to find a way out of the situation when they realize that the only way they're going to get your company secrets/bank account is if they lop off your index finger or scoop out your eye with a knife?

    If you'd choose door number two, then you're a far stranger man than I'll ever be.

    If you're working in a business where you absolutely need the best security for whatever you're doing, then you'd better be prepared to pay top-dollar for loyal bodyguards willing to use lethal force to keep you alive.

    --
    My digital rights don't need management.
  11. Re:Try: by Proud+like+a+god · · Score: 2, Insightful

    Ok, OS biometric software = better than closed source, with reasons being obvious to your possibly paranoid self.

    "humans, being so error prone, can never come up with a fool proof system"
    Well there are these things called proofs, and they're used to prove things, such as how possible it is to break an encryption algorithm, or bypass some logical sequence of security.

    Why are people going to suddenly start dying or automated systems start taking "'pre-emptive' action" because there's the choice of OSS for biometric identification?

    One minute you're saying "And assuming ppl do get tech savvy, and put up monitors (the human kind) we come back to the same old question of who monitors the monitors??" and then next it's "Give me ppl any damn time.".
    Whether biometrics can be used alone or with human assistance for important identification is different from whether OS alternatives to the software are good, and seperate again from living in a society that has surrendered control to a corrupt government.

  12. Use of biometrics by the+grace+of+R'hllor · · Score: 2, Interesting

    Biometrics as a security measure has its drawbacks, mainly because some people will not worry too much over cutting off a victim's finger. But there are other areas where biometric identification can apply.

    I could imagine getting pain or sleeping medication in a secure container that checked your fingerprint, and distributed the appropriate dosage only to the correct individual, for example. This would prevent someone swallowing the all the pills in the bottle (ie., attempted suicide), or giving medication to someone who shouldn't have it (painkillers and sleeping pills can become addictive, and some people ask 'friends' for them). Return the container to get your new dose.

    To get really fancy, install a screamer circuit that alerts the local pharmacist or housedoctor when the container is breached; this would require a widely and cheaply available wireless network, though.

    While this may technically be 'security', it's unlikely people will cut off fingers to get through it.

  13. It gets worse too ... by darrylo · · Score: 2, Informative

    ... and low-tech thieves can just take the easy way out: chop off the finger.

  14. Re:Hand-based biometrics and public health by ratpack91 · · Score: 2, Informative
    Give time for a really good endemic/pandemic of a really nasty, contact-dependant communicable bug, and hand-based door handles, sink taps and money are going to look like bad ideas real quickly.

    Some experiments have found that public toilet wash basins are often full of more germs than the actual crapper.

  15. Re:Hand-based biometrics and public health by kebes · · Score: 3, Insightful

    Unless you avoid ever touching a doorknob or hand-rail, I don't see what difference this makes. Common surfaces are everywhere. We all touch them all the time. Sometimes we catch something from a common surface. Adding a palm scanner to the mix doesn't increase the risk of transmission.

  16. Microsoft Finger Print Reader - Working by Anonymous Coward · · Score: 2, Interesting

    I would love to get my Microsoft Finger Print scanner working. There are the mice and keyboard combo. I have the standalone unit. It would be nice to have it working under linux. Setup GDM, KDM to use this device for sign in on a linux box.