Slashdot Mirror
Fingerprint Requirement For a Work-Study Job?
BonesSB writes "I'm a student at a university in Massachusetts, where I have a federal work-study position. Yesterday, I got an email from the office that is responsible for student run organizations (one of which I work for) saying that I need to go to their office and have my fingerprints taken for the purposes of clocking in and out of work. This raises huge privacy concerns for me, as it should for everybody else. I am in the process of contacting the local newspaper, getting the word out to students everywhere, and talking directly to the office regarding this. I got an email back with two very contradictory sentences: 'There will be no image of your fingerprints anywhere. No one will have access to your fingerprints. The machine is storing your prints as a means of identifying who you are when you touch it.' Does anybody else attend a school that requires something similar? This is an obvious slippery slope, and something I am not taking lightly. What else should I do?"
I can think of a better way to write that:
I've used biometric scanners like this in the past. Whatever it stores to recognize your fingerprint never leaves the machine. I don't know if that's what's going on here, but it seems perfectly reasonable.
Start looking for another job..
I'm sorry, I can't hear you over the sound of how awesome I am.
Please.
If you want to get the word out, give out the name.
Its a time clock. Many jobs have them along with your address, phone number, date of birth, and social security number. Welcome to the working world. I could just as easily steal your fingerprints from your car door handle or the can you threw in the trash. After this fiasco don't expect the job offers to roll in.
Only the State obtains its revenue by coercion. - Murray Rothbard
As long as you are assured that your privacy is protected...this is a huge non-issue. Fingerprint scanners are the best (In terms of ease of implementation) way to prevent people from clocking in and out for each other, even though they are obviously easily defeated by anyone sufficiently motivated.
I checked into these before. The scanner records a description of your fingerprint, not the image. The description is used to match. It's a form of message digestion.
Most scanners of this type do not even record enough detail to qualify as evidence. Those that do must have their data shared with law enforcement, making them a hard sell as a biometric time card.
Same as the old one... My wife's workplace has this system. Works terribly but somehow it got past some CxO. Not sure if the privacy issue is a big deal however. You train the system in the system (if it's the same one). The print doesn't go out to the big Gov.
Not saying that they couldn't do that, but you do realize (being an aluminum foil shielded card carrying Slasdotter) that 'they' can get your fingerprints, DNA and bog knows what else without much of a problem these days.
Hell, at least it's pretty unlikely to show up on Facebook.
Faster! Faster! Faster would be better!
At Disney World, they require finger prints when you enter the park if you want to be able to re-enter or switch to another park (if you have a ticket that allows that). At least the government doesn't directly get them, but who knows what they're doing with them or how long they keep them. (This was several years ago; I don't know if it's changed.)
And friends, somewhere in Washington enshrined in some little folder, is a ,just walk in say "Shrink, You can get
study in black and white of my fingerprints. And the only reason I'm
singing you this song now is cause you may know somebody in a similar
situation, or you may be in a similar situation, and if your in a
situation like that there's only one thing you can do and that's walk into
the shrink wherever you are
anything you want, at Alice's restaurant.".
Use acid on your finger tips to remove the prints and use that for ID. The only problem is that you are now linked to hundreds of crimes where no traces of fingerprints were found. But at least they wont be able to identify YOU when they find your actual fingerprints somewhere.
The way that most modern fingerprint scanners work is by using matching algorithms. They scan your fingerprint and translate that into a numeric value and then store that. Not a copy of your fingerprint itself. This numeric value cannot be used to recreate your fingerprint but it can however be used to match the output that only your fingerprint will produce when scanned. To be perfectly candid its far easier to steal your fingerprints by stealing something you own than it is to take them from a fingerprint security/tracking system.
...when your boss starts asking to personally take samples of your reproductive DNA. Until then, there's nothing to be upset about.
Airplane Photos, Airline News, Planespotting Guides
When I was in High School (loooong before most of you were born) I got a part-time job as "page" at the city library (I put books back on the shelf). In order to get it I had to get a physical, be fingerprinted, and sign a loyalty oath. At least you didn't have to turn and cough.
Apparently what it is storing is a statistical summary of the biometric information (if that's not redundant). It doesn't store the fingerprints themselves anymore than an operating system will store your password. With the password, whatever you type in has to have a hash which matches the hash associated with your account. With the scanner, the summary generated each time you plop your hand on the scanner has to match (to a significant degree) the summary on file.
But, yes, if someone finds your fingerprints somewhere else, and they have access to this data, they can be reasonably certain it is you.
My other car is a 1984 Nark Avenger.
Way of the future. Seems like a trap, but probably isn't. Your actual prints are not stored anywhere. There's no image they send off to the CSI guys to zoom and enhance. When you register a finger, the software scans an image (a very bad one) and translates it into an alphanumeric string which is stored in a database and associated with your user account. That's why it doesn't work as good as it seems like it should. Roll your finger on the sensor a little to the left and the string generated by the sensor is off by a character. No paycheck for you. Of course if they hand you an inkpad and a 3x5 card, you might want to question it more...
Shift happens. Fire it up.
If you don't like the terms of work then don't work there.
and sign a loyalty oath
Was it during McCarthyism or post-9/11? *joke* *I think*
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I bet there was a handle on the door to their office too, wasn't there? Now your fingerprints are all over the door handle too! It's a conspiracy!
Seriously though, of course privacy is a huge issue these days, but worrying about your school stealing your fingerprints? You're a little extra special paranoid.
Temp companies are doing this as well. Which to me is a good reason to establish property rights for privacy. In that case, you would be the sole non-transferable owner of your fingerprint scan among other data and have sole discretion over what is done with it. They would upon your consent store one single copy of the scan on the device which if copied or otherwise removed for other uses without your consent would now have legal consequences. The beauty of the concept is that you could also establish similar rights for the contents of mail and internet connections which could possibly address the net neutrality issue as well.
Sigs are too short to say anything truly profound so read the above post instead.
I have been at places where it required a badge, hand geometry and finger print
to gain access.
Got Code?
Apparently if you visit Brazil, Europeans and Brazilians go through one line. Americans, we can all step over here to get fingerprinted, retina scanned, etc.
Why? We do it to them, so they do it back. F.
Was it before you committed to the job ? If it was after - then it is a change to your contract, why do you need to accept it ? Unless it is a change in the law in which case you need to bend over and let yourself be shafted.
Not many posts yet but I already see a LOT of posts pushing the idea of not working for this employer. This is not a solution. If we don't fight it and win, it will be adopted by more and more employers until it snowballs into something too big to fight. If we think this is a bad idea, it needs to be fought now while it's still in its infancy.
Reynolds Wrap fashioned into a stylish chapeau. Works every time, guaranteed (unless you hear that from a government employee, then all bets are off).
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
I am in the process of contacting the local newspaper...
Are you for real? Other than than the fact that they likely won't give a rats ass about this, you are treading on very thin ice. I'm not sure what it is you're planning on doing after graduation, but being labeled a well-known whistle-blower isn't going to do you much justice when you're out looking for a job.
We had one, after the first couple of weeks people started punching it instead of "punching in". They're supposed to also have a keypad so you can manually enter an access code, since the reader is known to be undependable.
If you want to mess it up, each time you stick your finger on it while it's "registering you" (it needs more than 1 scan), put your finger in a different position, different angle, or even use a different finger (people generally don't notice). After 5 failed attempts, they'll give up. Or, if they "insist" o "helping you" place your finger, tell them that as far as you're concerned, their broken machine is their problem, and that touching you is common assault and you'll file charges.
Nobody can prevent war, famine and suffering.
Nobody can save the economy.
Nobody can brush your teeth for you.
Vote for Nobody!
Unfortunately, it's also true that "nobody has access to your fingerprints". :-O
" I am in the process of contacting the local newspaper, getting the word out to students everywhere"
Do yourself a favor and hold off on that. All I can think of while reading your submission is one of those tea baggers holding up a sign that reads "MORAN."
Seriously, this is jumping the gun a little. Now, I am doing some side work for a company that requires me to submit to a polygraph on request, and I had to have a full set of ID photos and turn in two fingerprint cards to be able to do this job ONE DAY A WEEK. You are being asked to sign in to a computer/time clock using the numerical value of the sum of the points of your finger. It is not like they asked you to provide them with copies of your fingerprints to keep on file to make sure you didn't touch your bosses prized [insert whatever the boss prizes]. Take a step back - there is no reason to become this upset over something so simple. I had to have my fingerprint scanned in when I >WENT to school, because it was used for accessing the chemical cabinet in the bio-lab. Wow... what a rant... maybe I should have just summed it up with call Johnny Cochran...
...that the next time a pompous administrator says in public "nobody has complained about that," you know that he is lying. Settle for not just knucking under without saying anything at all. Settle for knowing, if you do know, that your complaint has reached someone who sets policy and that you're not just making things hard on a bunch of other ordinary workers whose job is to keep things running.
This is not nothing at all, but it's a small thing.
You can't change the world through indignation. You really have only three choices. First, be docile and do nothing at all. That's often a good option by the way. Second, make sure your concerns have been heard, even if they are dismissed. Or, third, be prepared to devote at least a year or two of your life to the cause of fighting this thing.
If you feel that spending a year or two toward the goal of getting the university to stop using fingerprinting gadgets for access to work-study jobs is worth it, and is what you want to do with that chunk of your life, you can probably achieve your goal. I dunno how. Work through the union if there is one? Start a union if there isn't one? Make appointments and personally talk to one administrator after another, calmly, until you figure out how to get the policy changed? Personally work out an actual proposal, including costs and benefits, for alternative security, so you're presenting them with something positive and their work all done for them, instead of just saying "don't do what you're doing?" Find a faculty committee that's interested in the question that you can swing to your side? I dunno.
"How to Do Nothing," kids activities, back in print!
Wait till they start genetically testing everyone with DNA requests for security purposes.
Thats when the fun will begin.
Expect to be denied loans based on life span and proclivities to all sorts of diseases they find you will contract.
Effectively they can prevent your student loans/grants to save money as they certainly do not want to invest in anyone who won't be around long enough to pay back that 100K.
All sorts of monkey business is planned. If you have a kid right now, the blood of every baby born in US hospitals MUST be saved by the department of homeland security for a genetic test for identification.
-Hack
PS: NO, they DO NOT tell you about that last part.
Got Geometrodynamics? Awe, too hard to figure out? Too bad.
Pygmy feet? Ba dum ba, sorry couldn't resist ;)
... require kids to give their fingerprints for lunch. Because a card or money is "too hard". Shyeah right. But this is modern times, so no complaints please. Oh, and the relevant privacy protection agency said the parents had no say in whether schools fingerprinted their kids, because this was ``something between the school and the pupil''. Who is the legal guardian of those pupils again?
Also, many, many countries now require people to submit fingerprints for the "biometric" part of the RFID passports. And maintain central databases of all citizens' fingerprints obtained that way, naturally. Did I mention that in most such countries all citizens already had to have an ID card or passport anyway? This goes way deeper than some stupid agency deploying a fingerprint reader to clock in and out of work. Biometrics are becoming endemic. Live with it, or bitch to your senators. Best start now, if it isn't already too late.
It's jarring - to be sure. But consider that most public schools demand fingerprints from their teachers now. It would be nice if there was indication that this sort of privacy challenge was peaking - but i think it's only accelerating.
I work on campus at my university at the food court. We too require to scan our finger (right thumb) whenever we punch-in and punch-out. I guess this is a reasonable arrangement to thwart proxy punch-ins.
I installed these at a client.
The issue was the employees would take an afternoon off to go to an appointment, and get buddy to clock them out at the end of the day - The emplyoee would then get paid for an afternoon they didnt work.
The time clocks have a fingerprint scanner. You place your thumb on the device as you punch out. Now buddy cant swipe out for you, and you cant defraud your employeer.
They also had biometric locks instead of prox cards on the doors. Much more convieient then having to remember a card the few days when i was on site.
My university uses palm scanners to identify students to allow them access to the campus gym. To my understanding, instead of using an actual image, it generates a unique ID based on sample points within the palm image and then discards the original. From that point forward it just compares the generated ID. I guess, it can technically store an image, but the system would likely need to be modified (cracked) to function in a way the manufacturer did not intend.
If you have doubts about the storage, usage, or security of your information, you have the right to question the system. A good question to ask yourself is "what could someone do with this information if it were abused or compromised?" This may help put such situations into perspective.
I understand your reasoning for being concerned. However, sometimes there are certain things that we must do in the modern workplace to maintain/continue/engage employment. Sometimes that means giving up something like your fingerprint. However, I would recommend that you ask student services and/or your student rights council as to how this information is going to be used or disseminated and if your biometric information will be deleted upon you leaving your work/study position. But be assured -- this type of information is not uncommon in corporate situations. Biometrics as an additional authentication mechanism besides passwords (one time or otherwise) are not uncommon. I've had OTP passwords/Secure Certificates/Biometrics all on one card many times in the workforce.
Our university requires students to leave their left thumb as the enter the building. They can pick it up as they leave. We only storage it temporarily, and do not make copies of them.
--dmg
I prefer nodding my head, going along, working my way through the system. Then when the day comes that I can and understand it enough to not get caught, I sabotage it. Of course posting here I'll never get to do that in a dramatic fashion but I can inspire anonymous cowards can't I?! ;)
Shh.
Gattaca! Gattaca!
For justice, we must go to Don Corleone
Not the image anyway. They store the relative positions of specific details of your print. 2 minutes on Google would have told you this.
The question remains though whether you want them to hold a representation (of any kind) of any part of your body on file.
Deleted
I've used the same sort of device for my student assistants to clock in and out with. Your fingerprints are scanned, but not stored. A pattern is built for the computer to scan in the future when you use the timeclock - your print isn't there.
They're using biometrics because they're concerned about students logging each other in. That was my rationale (what are you going to do? Cut off your finger for your friend to clock you in?).
That said: Those scanners suck, especially with smaller fingers (my female employees had great trouble with that thing). I moved to a keypad-based device. It takes a touch more babysitting to keep everyone honest, but I leave it in a fairly public area.
Meanwhile how much do they pay? What are the benefits? etc?
http://saveie6.com/
Fingerprints and a full background check are becoming required for more and more jobs. The state of Florida fingerprints everyone that handles state funds, works with children, or is in a profession that requires licensing (like doctors and nurses). While geek jobs may be among the last to fall, do not be surprised (especially if you are a government employee or contractor) if you have to give up a real set of your prints someday. So, this set of prints that will remain internal to the biometric machine would be a nice way to get used to the intrusion!
Comment removed based on user account deletion
Your prints are not stored, a geometric design made from identifiable parts of your fingerprint are stored.
Your making a big deal about nothing. Besides as other people have pointed out I can grab your fingerprints from your car door, or from a soda can in your trash. FYI your bank has your fingerprint, and odds are that your parents had your fingerprints taken at some point in your life as you are in college.
---In a time of Chimpanzees I was a Monkey.
Get a concealed pistol license. That way your fingerprints will already be on record with the police and the FBI, and you won't be losing anything by being fingerprinted at work.
Ive been seeing those things almost everywhere now. You type in a pin number and put your hand in the machine. Most of the time its right hand down, one company I worked for said someone asked what if you dont have a right hand. It works just the same left hand up.
This was in a hotel. I just saw one at the library the other day. Im pretty sure it isnt about your finger prints, but the shape and contours of your hand in combination with your pin.
Its not like you can hide much from the government, its a Federal Work Study job.
Im a troll because I disagree with you.
so they can find out who takes the longest shit
"What else should I do?" Well, if you don't want to work there, you might consider applying elsewhere.
If you do want to work there, you might want to reconsider alarming the news media and anybody else who'll listen.
There are consequences to your choice. You'll find it's like that a lot in life.
at the wide acceptance of this on Slashdot. There is NO NEED for biometric passkeys. For all those parroting ' it only stores a hash' , is it really that far out of the realm of reality to think that at some point they can flip a software switch and you have fingerprint pictures?
Good-bye
You act like this is an unusual thing. I know that my brother attended work study and im sure he had to get his fingerprint card. Also anyone remotely working for the state has to get fingerprint clearance. what that means if you are clean record is the state has your fingerprints on file. And if you have a previous felony, you won't be approved for the job at all, because you won't get state clearance.
Dystopian, yes. Unusual for us in Arizona, no.
The government has been collecting people's biometric information for awhile now.
I worked as a bank teller in the 1980s and one of the requirements was that I submit my finger prints to the FBI. No finger prints = No Job.
You also have to give your finger print to get a driver's license in California. No finger print = No Driver's license.
For my own specialty, the licensing organization that everyone is required to use requires fingerprints and SSNs. They also exert copyright over one's memory, which I find rather disturbing (apparently reading is a form of copying the data from the paper to your mind). Fingerprints are used in case you ever want to leave the testing area, tested upon check-in for everyone (???), then upon exiting, and upon return. SSNs are collected for no discernible reason since they assign their own ID numbers (still mandatory though).
Throw in the credit card number I had to use to pay their fee ($550; oh how I wish for them to have competition) and they have enough information to really be worrisome. Thankfully my information is secure so long as nobody guesses the zip code for my hometown... That and they don't lose the data (encrypted only in transit), nor ever decide to change their rather vague privacy policy about their indefinite data retention...
Finger print scanners are cheap now. Have a look on ebay.
You can lift a print using sellotape. So anyone who sees you touch something can log your fingerprint into a database and then share that info and use it for comparison.
Deleted
cut off finger? gummy bears can beat the system and the myth busters where even able to beat high tech lock with a copy on paper.
You cannot get a job without a background check at minimum and that will require prints going to the FBI at minimum. I have on file somewhere prints with local police, prints with FBI, DIA, all branches of the service, and I forget what all. I've been scanned nude to get a security clearance. I've had the inside of my mouth photographed, I recall one of them wanted and got palm and foot prints. Retinal scanners were not reliable then.
If they are using the prints in a biometric device inquire politely if the data in it has a high degree of security because you don't want your prints to be compromised. If they treat it like classified data that is the best you can hope for.
You have a choice. You can work anywhere that does not require prints. I won't stop you.
I will support you if you wish to restrict this to ONLY government and/or contractors with the provision it's considered classified. I do not support this for any other purpose.
Of all the things in the world to worry about, a fingerprint reading timeclock is very close to the bottom of the list. Your fingerprints are not stored, nor are they uploaded to some evil master government database. You fingerprints are not DNA. They can't be used to predict if you'll get colon cancer by age 50. Quite frankly, they're not even private. You leave them all over the place every single day. I don't think this rises to the level of concern of someone taking a picture of you and putting it on an ID card. And we all know about how much evil has been done with misappropriated badge ID photos.
I've had to have my fingerprints taken three times for my job, That was not required by my employer, but their clients. And not just for biometric access, but for background checks. I was a little worried the first time, partly because I wasn't sure if my arrest record had been really expunged. The second and third times, they really didn't care if you were arrested, but only if you were convicted, and for most crimes, only if it was in the last ten years. But still, these are the compromising you will probably learn to make to keep food on the table. It isn't good, but the alternate could be letting someone convicted of computer fraud walking around unescorted in a credit card data center or someone convicted of bomb-making access to the baggage area of an airport.
I notice several comments "it doesn't store anything" it has to store something or what's the point of using it? While it may not be your actual fingerprint it is a point match at minimum, some police use point matches as low as 12, others higher and IMO this is even worse than taking your fingerprint because there have been several incidents where points have matched more than one persons fingerprint.
Don't think it doesn't get shared with the authorities databases either, both the UK and the USA are in the process of building DNA and fingerprint databases of innocent people, they get the DNA at birth, you know where they get the fingerprints.
Why on Earth is any non-criminal worried about their fingerprints being known to the world? Frankly this privacy paranoia is an illness. I am not ashamed of any place I go nor of anything I have done and I could give a hoot if the worst moments in my entire life were put on TV for all to view. The reason why is simple. I have miserable moments just like everyone else. Their bad moments are nothing but boring to me and I am fairly certain that my bad moments would bore them to tears.
And as far as commercial interests targeting me with advertising or whatever I could care less. Target away. I have only so much money to spend anyway so it is highly unlikely that advertising will get more out of my hide.
In some ways these privacy nuts remind me of the guy shaking in his boots
With the password, whatever you type in has to have a hash which matches the hash associated with your account.
Whatever you type in + a salt should match the hash associated with your account.
Yeah They clone all the good students and keep them around for TA positions.
To login BonesSB would present a finger, the same information points would be measured, then hashed then the two hashes compared.
I am not saying that they did go to that extent, but they could have.
If this is a government run college you are okay. If it is private you are screwed.
The government has very clear and defined limits on what they can legally do with your fingerprints. And what they can't legally do they can't prosecute you for. They also are subject to "Freedom of Information" requests to divulge what they know.
Private industry is not covered by any requests for information beyond "Discovery" requests in a lawsuit. They can supply your fingerprints to any government, any private agency. And they can do whatever they want with that information up until it offends the ethics of management to the point where they will chance never getting a job in private industry against their conscience.
The government employees who are ethically offended and whistle-blow tend to get fired and fined. And in extreme cases jailed for a time. But they don't get as bad treatment as corporate whistleblowers.
Welcome to the real world. Tread lightly.
Exceptin' Alice.
Infuriate left and right
This might sound extreme, but it's not as bad as it sounds: mutilate your fingers. Just take a razor blade and *gently* cut off your skin where your fingertips are. This shouldn't hurt at all, you don't want to go deep. The result will be a bald finger with no prints. Your fingertips will be a little sensitive while they heal for a week or two.
The purpose of this device is to keep people from cheating on their hours. You can get all Big Brothery all you like, but there is one and only one technology that can reliably ensure that people come to work and do the jobs they're paid to do.
It's called "management". The way it works is, you know your employees' names, you stop by their workstations, both to help them with problems they're having and to check to see that they're doing their jobs. You build up a culture of trust, so that when they need to leave work they *tell* you, and you arrange for them to make up the time.
Or you can treat them like condemned criminals, and let them be monitored by machines while you sit in your throne of an office eating donuts and browsing bmw.com. It's really up to you.
Why would a bank have your fingerprints? Mine doesn't. A bank I once worked for does (or did; that was a long time ago and they fingerprinted all employees because it was a federal requirement even in the 1970s).
Unless you wear gloves whenever you are out in public, your fingerprints are widely available -- on door handles, coffee cups, newspapers, pens, resumes, handrails, elevator buttons, ATM keypads ... Modern techniques are amazingly effective at reconstructing very detailed prints from sources that you would think would be compromised (see, e.g. http://science.slashdot.org/article.pl?sid=08/06/22/1245243), especially if they can collect a few of them.
The conceit that this is private information does not at all compute in my mind. How can something that you literally leave everywhere you go be private? Fingerprints are no different that the outside of your clothes or the shape of your face -- they are freely observable to anyone that wants to know them. Nor are they particularly personal in any sense, being just a random collection of ridges that don't reveal any intimate details about your life (palm readers notwithstanding).
Finally, these factors go against using them as any kind of 'secure' biometric authentication. If anyone can grab my prints just by following me an picking up my trash, I would prefer that they can't make a mold to deplete my bank account. Iris scanning seems much more appropriate in situations where we want verifiable authentication.
Wait...hold on here...
"I'm a student at a university in Massachusetts, where I have a federal work-study position."
Federal...as in the federal government? Dude...get real! They know EVERYTHING else about you anyway...name, DOB, SSN, height, weight, hair color, mother's maiden name, address, etc. How is a FINGERPRINT going to hurt your privacy any more??? If someone gets arrested, the cops take their fingerprints. If someone goes through a background check, more often than not they get their fingerprints taken to check through criminal databases. Biometric scanning is arguably one of the most secure ways to access secure areas and clock in/out, so they'll want to keep that server VERY secure anyway.
C'mon, man!
Remember that scene in the movie when the warden suspends that guy Doc's painting privileges? He chops his own fingers off in protest. That would show them!
You are an American, better get used to it. Of course they should be allowed to do it, think of the terrorists/pedophiles/hackers. Be a patriot and give them all the fingerprints, DNA, retina scans and personal information they want. It is for your own good.
At my bank, I key in my box number and then place my right hand on a pad with pins for finger alignment. If I am me and using my right hand, the door to the vault opens without a teller required.
The place where you work probably doesn't want to hire someone to check employees in and out after verifying their identities. A hand or finger scan is probably safer from their point of view (no forged ids) and easier on you (just show up).
What are you so afraid if? That someone is gonna plant your fingerprints, OJ? Quit being such a paranoid idiot looking for attention. It sounds like the particular timeclock they bought uses fingerprints for checking in and out simply because they have had issues in the past with Bob clocking in for John. Get over it and stop thinking the world revolves around you and that the government is out to get you.
Hey buddy, got a tip for you. They. Already. Know. Who. You. Are.
And now that you've stirred up this tempest in a teapot they probably aren't all that fond of you.
to decaf.
Dude, I live in Mexico. I went down to get my drivers license - they didn't require any drivers tests, but they wanted fingerprints. What, I'm not going to drive?
These days, everybody has everything on file about you. Give them your freaking fingerprints.
I don't get it - he choose to go to college, he choose this college, he choose this work-study program and he chooses to comply with their requirements or not. He's not forced to do anything.
So, since no one is forcing him, what is the problem? In reality he simply doesn't understand the technology - they are storing an abstracted "profile" of his fingerprint for purposes of accurately recording his work hours - does he think no one else in any industry does this? Where I work they have a "hand reader" for the janitors to clock in and out (there was a problem/question of others clocking in/out coworkers)...
I love these folks that think their local newspaper will "shine a light on this grave injustice" - no competent newspaper will cover this non-story.
Ken
The devices that were fooled were old optical devices. These are a joke and shouldn't be used for anything, ever.
The "real" fingerprint reader uses RF to scan multiple layers of skin and detects a pulse in the finger. So a gummy bear finger will not work, and a "decapitated" finger will not work. Really, nothing works except a real, living finger.
Authentec makes these devices and they are one of the few companies making ones that work.
You have eight fingers - choose a finger with the least identifiable features (pinky finger, perhaps?).
Leave your thumbs for the Banks and the Mob.
Well the last 2 banks I have opened accounts with required a thumb print. More then a few banks require them for check cashing. I just looked it up, it is not a law.
---In a time of Chimpanzees I was a Monkey.
There are numerous ways to implement biometric identification http://en.wikipedia.org/wiki/Biometrics. I don't need to look at the Wikipedia entry; I have personally had my data taken for systems using: eye scan, hand scan, and fingerprint.
Some examples of biomerics:
* I suspect that you have not been to a computer store recently, and seen many laptops have a fingerprint scanner as a security device. It's almost difficult to buy a laptop without such a system.
* You're probably too young to have been interested in "The West Wing". In that show, a palm scanner is used for access to the secure briefing room.
So, my advice is, "Get over it." These folk are making some place secure, and that's probably not a bad thing.
Looking at space, radio, science and computing from a 'down-under' amateur enthusiast perspective.
I need to go to their office and have my finger prints taken for the purposes of clocking in and out of work.
They aren't taking your finger prints. They're registering you in their timeclock machine. It's a relatively cheap, simple way to make sure real human beings are clocking in and out.
The simplest are just crappy fingerprint readers plugged into a PC running some software... The nicer ones are stand-alone devices.
Generally speaking, they'll get you set up ahead of time... But your name and employee number and whatever into the machine. Then they hit some button and have you put your thumb on the machine - this registers your thumbprint to your information. Generally it's just a thumbprint, not a full set of fingerprints. Generally speaking, there's no way to get that print information out of the machine. You might be able to load up the whole data file on another machine... But they aren't going to send your prints off to the FBI or anything.
This raises huge privacy concerns for me
Because you, evidently, don't understand what's going on.
They don't want to track your every movement. They aren't going to turn your prints over to the FBI. This isn't some invasive policy. They just want to make sure that it's you clocking in and out... And not some buddy you gave your timecard to so he could cover for you showing up late to work.
as it should for everybody else.
Yes, of course it should. Because unfounded fear and paranoia are very useful things.
"Work is the curse of the drinking classes." -Oscar Wilde
Deal with it. It's a Federal job and use of fingerprints/biometric info is widespread. If you apply for a full time job with the Fed you will be fingerprinted and GASP undergo a background check.
According to Wikipedia, "Loyalty oaths are still required by the California Constitution for all officials and employees of the government of California".
Unbelievable!
I know this will surprise many slashdot readers but using your fingerprint as described by the poster for the purpose of clocking you in and out of work would be illegal in many countries accross Europe (with the possible exception of the UK). In France, for example, you can actually get fined by the data protection authority for doing so.
It's true that most of these devices don't store an image of your fingerprint but rather a "template" : a description of some special features of your fingerprint. But that doesn't change the problem.
Indeed, many data proctection authorities accross the EU consider that biometrics pose sevreall security and data protection issues and must therefore be used with caution. Fingerprint biometrics are of special concern, in particular when the biometric data (templates) are stored in a central database. The big problem with fingerprints is that we leave them everywhere, on all objects we touch. Someone can pick up your fingerprint and test it against the templates inside the database. (Sounds crazy or technically impossible ? It's much easier than you think : i've tested it myself, that's part of my job). There are other issues whith fingerprint biometrics that I won't detail here.
In the end data protection authorities in the EU consider that the use of a central fingerprint database is excessive if your only objective is only clocking people in and out. Instead, they encourage the use of a smartcard to store the biometric data : you show your finger to the biometric reader and it gets compared with the data stored in the smartcard. This solution offers the same benefits in terms of security but you keep control of your biometric data.
On the one hand (pun intended), I understand that if your employer has access control, everyone need to submit to it, otherwise it doesn't make much sense. Ditto if they use one system to record 'attendance', they won't set up a different system for students. That's part of the work experience you're getting, and submitting to it as a student is no worse than having to submit to it as a regular worker. Fingerprint scanners are very convenient for everyone: no card to lose, code to forget, no possibility of cheating...
On the other hand, yes, it's a bit scary, especially since you've got to assume that any data collected is neither safe nor secure, and will end up is with the worst possible people. Don't be swayed by the argument that the system only stores verification points: if the system is effective, this representation of your prints is as good as the real thing (otherwise the system is useless).
I'm not sure having a hissy fit about it is any use, and it WILL hurt you with future employers. If it's that important to you, find another employer. And check beforehand, next time.
The Cloud - because you don't care if your apps and data are up in the air.
You read too much Slashdot. Just finish your fucking degree.
Getting a grip was the problem in the first place.
First, to those people who make the declaration "Don't be so paranoid, they can take your fingerprints from a door handle or a cup", I retort that you should then have no problem complying with a requirement from an employer/bank/whatever to take your DNA and keep it on file, because obviously they could just get it form a piece of hair or skin you leave around everywhere(welcome to Gattica!). That argument is a batch of crap. The taking of fingerprints is absolutely an invasion of privacy for those who are concerned about malice or undesired use/supeona of the information. And the people making the argument that a hash or encoding of the fingerprint data makes it impossible to use as evidence doesn't understand that law enforcement, etc. can fairly easily obtain that hash, then get a second scan from you and compare the hashes in order to positively identify you.
All that being said, most fingerprint scanners used for timeclocks, door locks, etc. don't store the data with sufficient precision to use it as credible evidence that the scan was you. This is part of why they are both non-trivial and pretty easy to fake. It's precisely that dual, semi-contradictory nature of fingerprint scanners that make them so useful as a biometric access device.
Of course, you have no idea if the biometric scanners used by this university have that kind of precision, so it's probably best for both you and the university if they simply modify the policy to state that the precision of data the devices gather do not and shall not be able to qualify as proof of identity of in a court of law.
Then you're clear. Your biometric data at that point has the same significance as an ID badge. Any use of that data as evidence must be corroborated.
It might not have been such a good idea to contact a paper or other news outlet unless the university refused to clarify their agreement.
We have a finger Print time clock at work. It reads one finger.
Take a deep breath.
Now let it out.
http://www.reuters.com/article/idUST23858020071120
But are they priced at the very high security level and most plces has the lower cost ones that are easier to beat.
If it is just a description of the fingerprint, wouldn't it be like a hash. You can verify that the person is indeed who they claim to be (you are clocking in), but they won't be able to frame you for murder, because they can't produce a fingerprint from the description. This seems just like a hash to me.
The methods for crafting a usable but false finger for the purpose of spoofing electronic fingerprint imaging systems are well documented, but the fun part comes when you do some additional google searching.
This is a link to Lee Harvey Oswald's ten card
Others are available.
The crux of concern may be called "privacy" but isn't necessarily privacy. I don't think that he is necessarily concerned with how much of the fingerprint is retained or if it can be released, blah blah blah.
The issue here is one of human dignity. He feels (as do many others) that fingerprinting is a violation of his sense of human dignity. That somehow using your fingerprint in this type of operation makes him feel less human, less respected, more like a criminal, what have you.
Privacy doesn't seem to be the real issue here, unless they're selling your prints to the Feds. What I would like to know is: given the fact that these things don't work worth a damn, why would they be using a system like this in the first place?
I mean, if I had to use a fingerprint scanner for identification, I'm the kind of person who would fool with it just for fun. The only way they have been able to make them "reliable" -- that is, reliably accept your fingerprint and not lock you out -- was to loosen up the match criteria enough that they are much too prone to false positives, which in turn makes them easy to fool.
I would do things like clock in Susan for four hours when she is really on vacation in Hawaii, for example, just to see what happens. Or clock in Sam at 3 a.m. so that when he comes around at noon and scans, he's really clocking out. And so on. Consider it like friendly hacking... you are showing the owners that their system just doesn't work. It's a useful technique when they simply won't listen to reason.
In California, for a long time, you've needed to provide a thumbprint to get a driver's license.
The time to worry about slippery slopes is when you're at the top, not hurtling down them as we are now.
Why is there an "insightful" mod and why isn't it "-1"? If I wanted insight, I wouldn't be reading
I think you should definitely make sure to explain to others that this is an issue of human dignity and not necessarily "privacy (because people will try to find what the privacy violation is and will get confused if they can't find one, if their personal values aren't bothered by one thing or another.)
Your sense of human dignity is higher--you feel that it is inappropriate to fingerprint individuals who are not guilty of a crime, that somehow fingerprinting is disrespectful or inhuman. That you don't want to be a number on file, because it affects your sense of humanity. I'd cite the example of how the US Visit program caused a significant drop in how many visitors were coming to the US--visitors, who, understandably, didn't want to feel like a criminal just to come to the US and visit NYC.
It's worth following up with this even if you decide not to go with the job.
If you decide to go with the job, hopefully the employer is reasonable and will let you log in without your fingerprint, which the machines are damn well capable of. If not, and you want to offer up some passive resistance, say you have eczema. I personally actually have a case of eczema, which wipes out the fingerprints on a couple of fingers. You could possibly use an industrial solution of an AHA/BHA hydroxy acid (cosmetology sites may carry things like that, like 25% glycolic acid) to hyper exfoliate your skin and then use a rough pumice or other type of grimy surface to finish off the prints.
For example, they could enter my federal work-study place of work .
Not the image anyway. They store the relative positions of specific details of your print. 2 minutes on Google would have told you this.
Unfortunately this is pretty much the same thing in terms of actual security (see http://biometrics.cse.msu.edu/Publications/Fingerprint/FengJain_FMModel_ICB09.pdf)
FYI my professor happens to make exactly what you are looking for. In a nutshell, we create a non-invertible biometric template. You can think of it as a kind of "fingerprint hash". If the server is ever compromised there is no way to recover the fingerprint. Plus it's managed like a public key infrastructure, so you can actually revoke it if it's lost / stolen. Here are some of the papers he's written on this technology:
http://vast.uccs.edu/~tboult/PAPERS/Scheirer-Boult-bipartite-ICB2009.pdf
http://vast.uccs.edu/~tboult/PAPERS/biocrypt-scheirer-boult-biosymp2008.pdf
The company he runs has already created a secure biometric login system which uses these secure "biotopes" to automatically log time tracker entries (basically a secure biometric punchcard system). If you have any questions, please contact my professor:
Dr. Terry Boult < tboult AT vast.uccs.edu >
Sure, these things may just store a digest of your fingerprint. It still means that fingerprints otherwise collected can be connected to you.
What did you kill someone and rape the corpse? Who cares little girl. If you want the big 'G', then suck it up little girl! Grow up; because, you are about as much of a threat to a grape as the boy who won't break a grape in a food fight. Little idiots!
"The laws of science be a harsh mistress." --Bender
This is a biometric time clock that is used to prevent "Buddy Punching" or having your friend punch you in or out of a job. The system stores a mathematical algorithm that it can use to make sure you are who you say you are. The owner of the clock cannot see your fingerprint, nor can they download it or use it in any way. If you see anything other than an electronic scanner and they say it is for anything other than the time clock, you need to look into it.
try to send them this video.
http://www.youtube.com/watch?v=LA4Xx5Noxyo
Understand the matching algorithms. Cast fingerprint. Work til buddy spoofs your fingerprint [gloves?]. Make biometric scanners a cost prohibitive option and policy will follow. It'll be fun. Intermittently punch IT/boss out early, etc. Distribute what you learn, but be quiet.
"a federal work-study position"
What if you just refuse? Can't the school find a position for you that won't involve fingerprint scanning?
A lot of companies use integrated suites of hardware/software for timekeeping purposes - a prime example would be Kronos. It does help lower costs on average, but I must say I hate the software part of it :P
Many professions require people to be fingerprinted. It can be for background check reasons, or for security reasons (like your work in a position that might have access to other people's property) or whatever. While it isn't common, it isn't rare. Also there are various things that require it like all concealed carry permits I'm aware of. They take your fingerprints and hold them on file before issuing you a permit.
Now never mind the kind of information that you have to give for the SSBI to get a security clearance. They want to know everything about you, they talk to your family, friends, teachers, etc.
What it comes down to is in various cases if people are going to trust you with something, you are often asked to trust them with some information about you. Just how it works. I find it funny that some people think it perfectly natural that an employer should trust them with access to expensive and important data, equipment, resources, etc all while knowing nothing more than what is on their resume, which could all be lies. They get all offended if said employer wants to know more and do something like a criminal background check and credit check. They don't trust the employer with that information, but expect the employer to trust them.
I used to work part-time as a pizza delivery guy when I was in high school. We signed into the computers at work to clock deliveries in and out using a thumbprint scanner. I didn't mind 'cause we had to sign in and out often and it was faster and more reliable than using a username/password.
Of course, that was just a little pizza place, not the university that I attended, and they only had a crude electronic copy of my right thumbprint, not the whole set. I'd be a little suspicious if the university brought you in to take EVERY fingerprint.
For the most part though, I don't think you've got much to worry about.
If this is like the systems I've investigated for work (I work for a large retailer, and "buddy punches" are a major problem) they aren't taking your fingerprint, they're teaching the system what your fingerprint looks like. A subtle difference, but a difference.
Some time clocks don't ever send the fingerprint outside that box; it's just used to make sure you are you.
The ones I've seen that I thought were better use hand geometry instead of fingerprints. Nobody feels touchy about the electronic version of tracing a pencil around your fingers.
The preferred solution is to not have a problem.
Along with your DNA the government at one time when you were a child would of had you fingerprinted as part of those "Find your kidnapped baby' scares.
Get over it, us military folks have our DNA, teeth scans, and fingerprints all taken on joining. It's a federal job. If you dont like it go get another work study, they'll want a piss test probably. Worried about losing urine??
Its for authentication and tracking purposes. Its totally valid, if they want to install a fingerprint system to protect property which is obviously a valuable part of their organization. Its just a form of tracking and control no different from having you name and passwords. If privacy is what you want, get off the internet, and stop posting in forums, you have publicly given away your work, location and employee status. Besides you dont need to remeber passwords, clock in, clock out card(which everybody can see what time u clock in and clock out). And you obviously overeestimate the state of sophistication of current fingerprint recognition technology and their ability to record and transfer such informaiton One afternoon in a data center alone with the urge to pee and the machine denying you EXIT will teach you that. You want to oppose fingerprint , oppose on practical grounds, sweaty fingers, authentication failures, position errors....
The proper solution to this sort of problem is to have a fingerprint scanner in the punch-in system, but make sure that the fingerprint is not stored there and certify the machine that way. Then, every employee gets a smartcard with their biometric data stored on it in encrypted form. The key to unlock the fingerprint is in the time punch device and is sent to the smart card to be used temporarily when the device needs to check the fingerprint. The smartcard does not send the fingerprint data to the time punch device, the time punch device sends its scan to the smartcard and the smartcard sends back a confirmation or denial that it's the same fingerprint along with a hash of the fingerprint data that can't be used to recreate the stored fingerprint data, but does verify that the fingerprint data on the card has not been changed. So, the employee carries a card with nothing but encoded garbage on it if someone steals it, the time punch device doesn't store the fingerprint. If they forget the smartcard, they just punch in a code and the time punch device snaps their picture and a supervisor can spend 10 seconds checking it later, and employees who forget their card too often get a reprimand or something. Alternatively, the scanner could be on the smartcard instead, but that would make the smartcards too expensive (of course, most vendors of systems like this will probably charge 50 times what the cards cost them anyway). There are a number of potential holes in this if used as an access system, but for a time punch system, it should be fine. Now, of course, the machine could secretly record the fingerprint data anyway, but we're assuming a world where the company you work for isn't in a sinister plot to accumulate peoples fingerprints, just our normal everyday world where someday the company behind the time punch system may co-operate in some police investigation and the police will take the opportunity to dump their entire fingerprint database into their own databases. Presumably if they guarantee that they're not collecting the info and actually have a system in place to enforce their guarantee, if it turns out that they're lying, they can be sued into oblivion and maybe face criminal charges (the second is not very likely for 'co-operating' with police, even if what they did was totally illegal, as we've seen) for obvious active malice rather than being able to get away with claiming it was just an accident.
The big picture problem is that there is mistrust from employers to employees and employees with the outside world.
Companies have NO IDEA how to a) recognize talent b) recognize character and because of their failings in this regard they put up all of these countermeasures.
(Hire people smarter than you, but don't trust them an inch!)
Employers have an unconscionable amount of power and control over its employees and not taking a stand is the passive, safe, and lazy thing to do.
If you are playing along with the erosion of your liberties for an employer you may as well consider yourself an indentured servant or a slave and start answering everything with "Yess massah, anything you say massah"
The Admins, local, state and Federal, only care about getting the victum, uhh ... enrollee, to consent to sexual intercorse as a means of "payment."
If they can't get sex, they will take money.
If they can't get money, then they will cock-up some BS about National Security and that they are the real "Jack."
In all, it is just a scam.
Look, a free market is what is good, pure, and true.
If you don't like the terms, don't apply or comply. This has no bearing on anyone else. In the end, it will work itself out.
If you make a stink but don't *really* do anything about it, it's an exercise in futility. If you're hoping to do a work-study for an organization for which it would be a significant risk to employ a convicted felon (or comparable point of contention), perhaps you should look at alternative options.
There is no "right" to work.
Suck it up and deal with it.
This type of Orwellian crap comes directly from the same people who run the same banks that ran our economy into the ground, and who literally rob from the rest of us in order to support their stupid police-state bullshit.
Yes, everything you're upset about is the product of the "same people."
It's funny, no matter what political nutjob I talk to--on the left or on the right--they always seem to think that there is some group of the "same people" who are directly responsible for everything they don't agree with.
1984 only happens when people ask for it. Why does the TSA waste all our time with security theater? Because we (well, not me) asked for it. We said, "Boo-hoo! 19 crazy assholes crashed some planes! Search my crevices for safety!!!" and the government complied. Why are we saddled with credit card debt (well, I'm not)? Because people said, "Boo-hoo! I want a 60-inch HDTV, but I don't have a job! Charge me many times over the purchase price so I can get one now!!!" and the private banks complied. Why did we have to bail out the banks? Because if they failed, the entire US economy would have crumbled, leading to people (well, me too) crying, "Boo-hoo! We don't want to have a couple really bad decades while we rebuild! Take our shared resources and give them to assholes!" and the government complied. And the UK? Do not even get me started. They've gotten themselves so worked up over imaginary child molesters that you can't even take a picture in public because you might whack off to any of the kids in it.
There isn't some shadowy elite doing this to us; we're doing it to ourselves. That's the fundamental problem with democracy and capitalism. People, despite being really great individually, are complete morons as a group. Your attitude seems to want to claim the benefits of these systems as "because of me" and the drawbacks as "because of other people; probably the Illuminati or something." The real hero and real culprit are aspects of what you see in the mirror.
People are so paranoid nowadays. Let's say everytime they fingerprinted you, they retained a copy, and submitted them to the Dept. of Justice to do a criminal check. The only people that would have anything to worry about are criminals. All they are doing is logging you, same as using a user name and password. Just quicker. And less foolable. Boohoo.
If you contact a local news or student organization, do you think your potential employer will be happy? You've already decided you don't want this job by doing that. If you don't want the job, then what's the problem? Walk away. Nobody is making you do it. Making a big scene is childish.
Ok you left out the most pertinent information. What EXACTLY do you do for an organization and what organization is it that requested your fingerprints? If you are in a work-study position where you are working for the government then yeah you should be security checked.
Your question should reveal more about your job and less about how you got it.
Searching for the user name BonesSB came up with these two hits, both have to do with pot. I know that this is a long stretch but lots of people reuse the same user name for multiple sites. If it is the same user it would make sense that they would be worried about privacy based on the following links.
http://www.hipforums.com/newforums/showthread.php?t=381456&f=221
http://cannabis.com/viewProfile.php?user=Bonessb
Just saying...
Grow the fuck up and pony up your fingerprints. Be glad you have a job, you twit.
If it's a distinguished school with an honor code, point out that they're insulting you by assuming you're defrauding them. If you get caught defrauding them, you can get suspended or kicked out--but they shouldn't assume that you're doing it. It's like systems that automatically hash assignments to check them for cheating. You can have trust and a few people will take advantage of it, or you can have distrust and dishonor, which is demeaning to the integrity of the school and insulting to the student.
-- IANAL, this isn't legal advice, and definitely isn't legal advice for you. Also, Squee!
I doubt this will come as a shock to most /. readers, but having your fingerprints taken is quite common in the workplace. Many employers will require this as part of a background check. If you work for a company with significant US federal contracts, you should expect it. When you enter and leave certain countries, fingerprints are required (e.g., Japan). Actually I am more comfortable with being identified by my fingerprints or retina than by my name or address or whatever other text data is found in all those zillions of databases that know about me. Identity theft is so common but as far as I know it hasn't quite caught up to biometrics yet. Seriously, this is no big deal because you can't really use fingerprint data to tell anything else about you. Now if they want a mouth swap or hair samples then I would object!
There's no sense in being precise when you don't even know what you're talking about. -- John von Neumann
Systems like this generally don't store an actual image of your fingerprint, just a hash. Not out of any sense of social justice, just because a hash takes less storage space than an image of your fingerprint.
So some scenarios you might be imagining might actually be out of the question. For example: no one is going to break into the database, steal your fingerprint, and frame you for a crime.
Since when is your fingerprint (even an image of it) private information? Is your hair color private? Eye color? What other publicly visible morphology is private? If fingerprints are so private how come you don't wear gloves everywhere? You're putting your fingerprints on everything! Would you put your SSN on everything you touched? Also, the mere fact that the university does this, and no one cares, indicated that, well, no one cares.
Sheesh... this is the same as having public and private encryption keys. The private one is for you, the public one is... you guessed it, public, and cannot be used to reproduce or fake the private one. They only store enough data to verify your fingerprint again. VERIFICATION and IDENTIFICATION are two very different things. No privacy issue.
Move along, nothing to see here...
GEEZ! The Slashdoters sure can pitch a fit about nothing!
These devices only store a few numbers that were derived from the patterns of your prints. They don't store anything near the actual image. When you re-scan your finger to clock in it creates a new set of numbers and looks for a set that is statistically close to something it has in it's database. Usually you have to enter a PIN as well because these things do such a crappy job that without knowing where to start, it would have a terrible time figuring out which of the stored sets of numbers match up to the one you just scanned in. I'm not saying that some systems can't do a great job. I'm just saying that the kinds of systems they sell for time-clocks are usually pretty lame. Especially after they get beat around for a while. So all these time-clock units really do is determine if the clock-in scan is statistically close enough to the original scan to be more likely to be you than some other employee. The actual data stored is less personally identifiable than your name. Are you gonna complain if they ask you to give your name when you clock in?
I also seriously doubt that these things produce any form of standardized data that could be transferred to any other system. Heck, sometimes the scans won't match up just because you bought a slightly different model from the same manufacturer to replace a broken unit. Ever try to troubleshoot one of these systems? It is a nightmare.
So, you have nothing to worry about. "They" are more likely to track you by mere facial recognition via security cameras than by your fingerprints.
People are dying all the time. Heck, you might even be able to get away with something that isn't a finger, like a rubbery mold made from someone else's finger.
Get the finger-like tool, then use it to clock-in and clock-out. If you ever need to be AFO (that's Away From Office), just hand the finger-like tool to your buddy at work and take off. Of course, if your manager is actually a human being you can probably just talk to them and change around the hours you work in the day so you can get your appointments and other stuff done while also completing your work.
Also, in related news: (try to) Get a different job. Preferably one that doesn't make you give them biometric data, implant an RFID chip in your bicep, etc...
coding is life
In the company which i work for, we have biometrical recognition to go in certain place of the building. But there are no privacy concern, only the hash of the fingerprint is stored, and it is in my badge. They don't have any useful data at all, just an SHA256 of an approximation of my finger. So it all depend on how they do it
The problem with finger printing, is it's used mostly for identifying criminals.
So ya, I might not want to give some "federal work study" my fingerprints because they aren't the most trust worthy of peeps, imo.
Wonder how many "criminals" or maybe students with expired visas they "catch" this way?
Be seeing you...
I finished my undergraduate degree and applied for Doctor of Pharmacy program. We are required to also apply for a state pharmacy intern license. This required sending in fingerprints to FBI and BCI. I called the place where they give out driver's licenses and they did it for a fee (it was under $50 but I don't remember exact amount).
I don't know why U Mass is taking work study jobs so important. I remember they limit you on how much money you can make via work study. I am limited to $2,000/year. I know someone else who is limited to $1,000 and someone else limited to $5,000.
Is that what you're saying?
It's all suddenly a lot clearer...
No sig today...
What privacy concerns? All a fingerprint says is that you are you.
It won't tell them your sexual proclivities. Or if does then that is your fault.
It won't tell them your medical history, if does that is your health care providers fault.
etc...
Fact is that if you apply for a job where a background check is required, then you will most likely have to provide your finger prints.
From what I understand and my experience, most bonding companies require fingerprints too, if not all of them.
There's lots of reasons to worry about fingerprint scanners[*] but "privacy" isn't really one of them.
You leave copies of your fingerprints wherever you go, on everything you touch.
* Main reason: They're not very secure - people leave copies of their 'key' wherever they go...
No sig today...
Biometric data is a weak security, because it cannot be changed.
My datacenter uses thumb fingerprint to allow 24-hours access.
I tried this: took my thumb fingerprint, printed it on a printer,
then put this paper to the datacenter thumb scanner - it let me in.
I heard there are more advanced thumb scanners, where
paper printed fingerprints would not work,
but then people can make "real" fingerprints from an eraser.
Anyway - anyone can obtain your fingerprints from any object you
touched, and then make a an entrance pass from it.
Fingerprints is a weak security and should not be used
for anything serious.
What's so private about your fingerprint? I mean, it's *your* *private* finger, but... did you steal something and don't want to be caught? Or did you drink from a colleague's cup and are too embarassed to admit?
Serbia already has biometric passports and identity cards (changing every 5 years), makes fighting crime and person identification easier.
If you have nothing to hide you have nothing to worry about. ...I say that a lot. Saves the effort of thinking.
at first they came for my fingerprint, and i said who cares?
then they came for my iris/retina, and i said who cares?
then they came for my colon map, and i said that stings a little.
then they came for my dna, and i said wait a minute... but they said it is now the law.
then they said 'your library book on social-something is overdue, you filthy communist hippy'
Who cares? It's not a DNA sample, or even a complete fingerprint, it's a machine that stores a few data points. These have been in widespread use for well over a decade.
You're already identified as you, this is just way for you to prove it without them having to issue things that get lost, which I'm sure can be a big logistical issue for a University seeing as college students are irresponsible idiots most of the time. I suppose they could give you a badge to swipe, but I would imagine they also have issues with students clocking their friends in and out (see previous "irresponsible idiots" statement), so this is a way to physically verify you were really there with as little administrative overhead as possible.
Be far more concerned with all the other information they have about you (like, your whole life), and how securely it's actually being stored. Security breaches at colleges are rampant, and a few data points on a time clock are really the least of your worries if it got out.
How the hell did this get to >430 replies over misplaced paranoia?
I don't get it. You wouldn't object them taking a picture of you. Even though your face is unique, the length between your facial features are unique and can help identify you as precisely as fingerprints. But when it comes to fingerprints one starts freaking out ....
They are legitimate reasons to be able to identify people. I think you are overeacting here.
The real issue of privacy lies with the databases containing that kind of data about you. Who can retrieve that informations, if it is retrieveable, and
cross-reference with other data about you. We need laws and standards, to make sure one can retains one's privacy as best as possible.
I work at a retail store that requires that everyone sign in with their finger so that they can pay us. When they implemented the system it was deal with it or leave, we are now paid for exactly how long we have been working down to the minute and that suits me fine. The machine doesn't store an image of your finger just an encrypted value of some kind that your finger matches up to. There's no conspiracy to steal your identity or in anyway a privacy concern.
What I think you should do is, nothing. You have bigger problems than worrying about clocking in with your finger.
You've never been arrested and you're 20-something? What a boring life you must lead.
I've worked in places where finger printing was mandatory so they could perform background checks, talk with my neighbors in every place I'd lived in the recent 10 years, and get a general idea what kind of person I was from financial records, credit reports, drug tests, etc.
I don't ever intend to do that again, but I'm not starting out. If you want the job, let them have it. If you don't need the job, you might explain why you aren't submitting it and thank them for their consideration. If they have a government contract, there is little they can do to override this method.
When you work sucking from the teat of government, you lose many of your "rights." Get over it. BTW, I'd vote for a law that says everything a government employee says, writes, does anywhere should be recorded and made available to any citizens in their area of coverage.
Give me a break. Fingerprints are left everywhere all the time with full knowledge of every person that doesn't where gloves. When applicable, they can and are lifted by law enforcement without need of search warrants.
In terms of use, applicant (non-criminal) fingerprints serve as a person's consent to release their criminal history record information, or lack of one. Signature alone is not sufficient. Sure, name-based searches can and are used, but fingerprints confirm the person's identity.
OK, I've actually never faked a fingerprint myself. But I've read about research on it in Bruce Schneier's blog:
http://www.schneier.com/crypto-gram-0205.html#5
Care to guess what the batting average of most fingerprint readers was against someone trying to fool them?
(Answer: the eleven commercial fingerprint ID systems, together, wouldn't defeat my son's blindfolded Little League team.)
Sheesh.
Tho I'm of the mind that they should take fingerprints of anyone requesting any sort of license (drivers, marriage, heavy equipment, medical, etc, etc)....heck, I'd be OK with samples of blood taken at birth for DNA databases.
Allow law enforcement ot only use that stuff for comparison of crimes...will go a long way to catching folks faster.
And, if I were the employer, and you went crying to the local newspaper because I wanted your fingerprints for biometrics, and you were all whiney and crap like you are now, I'd rescind the officer and publicly acknowledge that you're a boat rocker in hopes no one else would bring you on as well.
Whoever wrote that letter is obviously a fool. But show up, and bring a camera, preferably a camera crew, and some gelatin. Then replicate this experiment described by Bruce Schneier.
http://www.schneier.com/crypto-gram-0205.html#5
Nichol Draper, yes I post under my real name, my finger prints are on file in California. My mother had a day care center and I was finger printed and put on file when I was a teenager. My name, address and phone number are in the phone book. My name is in the patent database on two patents. My wedding certificate in online in California. Code I've written is on numerous sites and registered in the Library of Congress. I could go on and on. Google me and you will find even more links including my web site. This life's about getting noticed. If you are afraid of getting your finger prints into a private database, something is wrong with you.
Several years ago I had to give a fingerprint to renew my drivers license. I seems clear that even without a National ID the government has plenty of identifying information on all of us. If the FBI (or other agency) asked the DMV for my info, surely the sate would give it to them.
Also if someone from the government went to this company and demanded the fingerprint information ( and the software / hardware to process it) how many companies would refuse them? Especially if they used the secret magic word (terrorism).
Now on one hand I don't trust the government any farther than I can spit a rat. On the other hand I don't know of anyone being dragged off and falsely accused by the government. That doesn't prove it doesn't happen; just that I haven't seen it.
They shouldn't need to have a fingerprint scan to measure hours worked, because they shouldn't be treating employees like liars. To the extent that there are liars on the payroll, that's their fault for hiring such people.
I would refuse to do it on the grounds above, and wait for them to fire you. This forces them to decide whether you're more valuable than their stupid belief that you might lie about your hours. I'm sure you can get another job if they can't.
That said, I use a security badge every day I go in the office, and I'm sure that's logged... The difference is that they can easily deactivate my old badge and issue a new one. If their system is compromise, they can't issue you new thumbs. Plus there's the lop-off-the-thumbs incentive...
You need banknote paper too. Forgot that? Then it's not going to work.
Just give them the finger.
Biometric access control is not an invasion of privacy. Even if they also ran your prints through the FBI to check for a criminal record, that still wouldn't be an invasion of privacy. Criminal records are not technically private, nor are court records for anyone over the age of 18 (in the US). They aren't putting cameras in your house, recording your home telephone conversations, or reading your private e-mail account. They aren't bugging your car, or forcing you to let them read mail sent to your house. Personally, I'd rather use a fingerprint instead of having to carry keys or access cards. Sure, someone could chop off your finger, but for the case of businesses or federal offices, you will still have some form of picture ID that you have to wear at all times, so it isn't as simple as just taking someone's thumb and voila, you have access.
From what you've said, they're not actually taking your fingerprints. The machine they use for timekeeping uses biometrics, so you can't have a friend clock you in when you're not there. These machines don't keep an image of your fingerprint. When you "enroll" in the machine, your print is scanned and a vector map of certain aspects of your fingerprint is created. The geometry of this map is what identifies you. You certainly cannot reconstruct a fingerprint from the less than 100 byte map. It's like a hash value. Quit your worrying.
If a job's not worth doing, it's not worth doing right.
The crux of concern may be called "privacy" but isn't necessarily privacy. I don't think that he is necessarily concerned with how much of the fingerprint is retained or if it can be released, blah blah blah.
The issue here is one of human dignity. He feels (as do many others) that fingerprinting is a violation of his sense of human dignity. That somehow using your fingerprint in this type of operation makes him feel less human, less respected, more like a criminal, what have you.
Just because he (or anyone) "feels" so, that does not mean that feeling is reasonable, proportionate or grounded in logic.
Only an oversensitive fool with an inflated, semi-religious sense of privacy and a disproportionate sense of self-importance would think that. I mean, Jesus fucking Christ, one could extend that and claim that one feels violated and a bit less human for getting his picture (his likeness) taken for getting a driver license. This is specially true if you work in the Federal/DoD/DoE sectors.
When you apply for many types jobs, you get your fingerprints taken. Big deal. They are not taking a picture of your privates nor asking for proof that you don't like buttsex or what-not. Your fingerprints are not private. They are valid ways for identification for any reasons, be it job-related or for criminal investigations. Same with universal ids (which many democracies have, but the US seem allergic to it as if it were a spawn of the Devil.)
For several jobs I've given my fingerprints. I've given my fingerprints in two countries, and I didn't feel any less assaulted or denigrated. It's just a process. And at no point I conjured Manchurian-candidate scenarios when I did so. There was no evidence, however remote from which one could draw a logical conclusion of their likelihood. Occam's razor for Christ' sake!
One time I also got finger scanned for a gym membership. Neat system and the most convenient thing, not having to carry little barcode cards to get in. That was like, 10 years ago. Many jobs do that just for clocking. It's not like this is something coming out of the blue for the first time.
Imagining Orwellian schemes of a Machiavellian system bent on finding ways to magically tele-transport a homing device up your ass just because some job asks you to provide a fingertip, painting the whole thing as an assault on humanity, that says a lot more about the paranoid, self-aggrandizing ones than the job asking the fingerprint in the first place.
Whatever people think, we are not even close to be in a police state, much less a dictatorial, all-encompassing one. Those who think so and get their panties all curled up for such procedural minutia while crying "peeple don't no think of the ramificationalizations!!1011" have a distopic, miopic sense of self, masturbating too much while reading "1984" ... kinda like the distopic cousins of those who get severely depressed after watching "Avatar".
This is a normal procedure in US federal government work. If your parents ever took you to get your fingerprints taken at wal-mart by cops when you were a kid, the govenment already has them.
haven't had a job before eh? seriously, welcome to the work force. employers can require you to do all sorts of things. it's perfectly legal because you are not required to work for them. there are some restrictions to that of course but fingerprinting, drug tests, background checks, etc are all well within the limits.
so yeah, mcdonalds is hiring, and they don't require fingerprinting. there is almost certainly a local branch in your town. that, or suck it up and enjoy your federally funded student do-nothing-and-get-paid job.
Your saying your doing work for a federal-work study program. Are you doing anything with anything that is considered sensitive information? If so I think there is a justified need for it, if not, seems alittle overkill though. Have you asked why this requirement is being made? From the way you worded the question it seems like you have been doing this for a bit and this new directive just came down. Did anything change in the nature of what your doing?
letting an idiot know they are an idiot is not a game... it's a responsibility. - by Kristopeit, M. D. (1892582)
I went to the US last year on a work and travel program...I worked at an indoor theme park on a famous resort, and I had to have my index finger scanned plus type in my password...to get punched in and out...now...if I had to do that for a theme park...what's wrong with you doing that for tech-related work?
You have to supply your fingerprints for all federal jobs. Your choice is to get a non-federal work-study job.
I dont think that you need to worry about fingerprinting, they are probably just being used for verification purposes and thats all.
TekGoblin
At a previous job, we switched our time tracking software over from physical time clocks to fingerprint timeclock software we developed in house. We employed a lot of young people in positions that didn't have a lot of supervision so we had problems with people clocking their friends in early and out late. As someone previously stated, the software doesn't store images of your prints, it just stores a digital equivalent. As I understand it, the actual data that's stored is akin to an md5 hash of your fingerprint such that when you put your finger on the scanner, the software can tell whether your fingerprint matches the signature on file, but you cannot recreate a copy of your fingerprint from the stored signature. Once people understood that, they became much more receptive to the idea of us using their fingerprints in this way.
Which device they are using/plan to use?
Some access card readers with biometric capabilities read the fingerprint template (previously stored as enrollment process) from your card , so there is no privacy problems with all biometric systems.