Linux And Biometrics (Redux)? 4
An Anonymous Coward asks: "Does anyone out there have current information on the use of biometrics with Linux? There was an article in the Linux Journal, but it was more of an introduction to the topic than a discussion of the state of development. Are there any biometric products that have decent Linux drivers for them? If so, is anyone currently using them to replace password authentication?" We last touched on this subject last May with little commentary on the subject. Has a year made any difference?
No! No! Baad Designer, No Biscuit! (Score:3)
Anytime you make a system that distributes real value (money, information, control) in exchange for authentication (bio or otherwise) you, as a basic safety feature, must ensure that the authenticating method and device can be handed-off to anyone in functioning condition.
To do otherwise is to invite coersion of the authenticating individual. You have to be able to take the smart-card (or whatever) out of the wallet, lay it down on the ground, tell the coercer the codes, and then back away. As funny as it may seem in our movie-plot-soaked society, most criminals (or professionals, depends on who is doing the coercing...) are only interested in your assets, not you personally. Once they have what they came for, the rest is none of their concern. Muggers would rather be whacking your card for cash and moving on than beating you up (there are exceptions).
Don't think that body parts are sacred. "I don't need you, I only need your thumb...", and systems that require a living bioauthenticator are the worst (ugly image of what people will do to somebody else for twenty thou tastefully not inserted here).
This is not to say that biometrics are not useful. I for one would love to view 3-d images made by a computer that measured your pupil distances and adjusted the display accordingly. Or which figured out who I am, so as to route my telephone calls to whichever room I am in.
I partially disagree... (Score:2)
Then there's voiceprint - but only for less secure stuff where there's very little chance of a high quality recording being made covertly.
Yes, for less hi-res scans like thumbs and palms, there's much room for dismemberment...
Re:I partially disagree... (eyeball scanner) (Score:1)
You need the whole individual, in working order. Thus, you must convince him or her to cooperate. Nothing elaborate. Simply threaten family or friends, cause some pain, confuse them sufficiently, use drugs, black bag over the head and show them some high places, keep them awake for three or four days, or use the traditional two big guys and a knife at the throat.
When the question is put to you or yours in this manner, the answer is that nothing you work with or own is worth the price. Don't think it doesn't happen.
Besides, the security folks would rather have you safe, in one piece, and ready to report the damage.
The answer is maybe (Score:1)
processing work on all sorts of systems.
Since I develop under linux, I try make sure linux
is a supported platform for much of my company's software. Therefore, the algorithms that
authenticate users are indeed runnning under linux.
However, we do not have productized linux drivers for our hardware yet (and it's difficult to make
a solid business case to spend the money) but
I'd be willing to provide specs to volunteers who'd like to write one.
For this reason, most of the linux installations are server-based with Windoze clients. There is even
one company experimenting with a Beowulf cluster.