Slashdot Mirror

← Back to Stories (view on slashdot.org)

Doctors Bypass Biometric Scanners With Fake Fingers

Posted by Soulskill on from the no-technology-can-trump-laziness dept.

jfruh writes "At a Brazilian hospital, doctors were required to check in with a fingerprint scanner to show that they've showed up for work. Naturally, they developed a system to bypass this requirement, creating fake fingers so that they could cover for one another when they took unauthorized time off. Another good example of how supposedly foolproof security tech can in fact be fooled pretty easily."

5 of 139 comments (clear)

  1. Biometrics are not secrets. by Anonymous Coward · · Score: 5, Insightful

    All the security experts who think that biometrics are the end-all-be-all of security are mistaken. Biometrics are not secrets, so once one knows your biometric id, they can impersonate you and you can't change your password!

    1. Re:Biometrics are not secrets. by TWX · · Score: 5, Funny

      A decade ago, a friend of mine suggested that if they *really* wanted foolproof biometrics, to use "colon terrain mapping".

      I told him that I wasn't sure that I could be his friend anymore...

      --
      Do not look into laser with remaining eye.
    2. Re:Biometrics are not secrets. by houghi · · Score: 5, Funny

      I hope he does not have a job selling hardware to the TSA.

      --
      Don't fight for your country, if your country does not fight for you.
    3. Re:Biometrics are not secrets. by Anonymous Coward · · Score: 5, Insightful

      So how would using a password-based system prevent the doctors from sharing their passwords with each other and continue slacking off?

      That's a social problem. There is no technological solution. I repeat, technology cannot solve every problem. How do you solve this problem? Check once and a while. The guys daughter was listed as being there every day for three years and never worked a single day. The people who just trusted a glorified punch card machine instead of once verifying it in person should be fired too.

  2. Re:"supposedly foolproof security tech" by Let's+All+Be+Chinese · · Score: 5, Interesting

    You'd have to be a right fool to be unable to fool these things. As in the link, as here, the application has very little to do with security. It's a people problem, and you can't fix those solely with technology.

    Worse, treating it as a technical problem and attacking it with security kit gives a strong signal to your own {doctors,pupils,*} that they're all criminals and need to be treated as such. This in turn creates a powerful incentive to game the system.

    What we have here is an incompetent administration trying to fix their mess through shitting on their underlings some more, using technology. Underlings know and dislike this.

    And so gaming the system is what they'll do. This quite apart from biometrics being inappropriate everywhere but in criminal forensics. Be careful what you ask for and all that.