Biometrics Win Support From the Lazy 124
judgecorp writes "We're used to discussions about privacy and security, but amongst users, the real issue is ease of use, according to a survey by Unisys. It's not a huge sample, but ten percent of the users in Asia were happy to be chipped and have done with it." From the article: "Frost & Sullivan security analyst James Turner said while speed of identity verification may be driving people's acceptance of biometrics, the key issue is that biometrics can be a security block, rather than an enabler. Turner added that what is more important in the smartcard debate is ratifying exactly where the identification data is stored. "
Man I hate having to type in my /. password. (Score:4, Funny)
Re:Man I hate having to type in my /. password. (Score:3, Insightful)
Attach it written on a postit note to every cup of coffee you touch.
I'll bet that you (or some random stranger being 'you') will get that first post soon enough.
Re:Man I hate having to type in my /. password. (Score:2, Insightful)
We have to educate people about what it means to provide information to a corporation that can be used as a key into other databases.
Mark, of teh BEAST (Score:1)
Re:Man I hate having to type in my /. password. (Score:2)
While I've never used it, I have heard a few interesting things about it.
Try FingerFox [google.com]: an extension for Firefox that supports Microsoft's fingerprint reader. (Google translated from French)
Re:Man I hate having to type in my /. password. (Score:1)
Where the chip is best stored... (Score:3, Funny)
Re:Where the chip is best stored... (Score:2)
1) Bluetooth-enabled RFID-implant-based bioauthentication system.
2) ???
3) PROFIT!
Are you suggesting that the missing link is "Chair"?
The problem being... (Score:5, Insightful)
This brings around the point that you would still need a second means of authentication anyways. meaning either a password/code to enter that you knew, or possibly some biometrics like fingerprints/retina scans. I don't trust facial geometry scanning because it also is dupable easier than stealing a retina.
Re:The problem being... (Score:1)
It seems that this all more and more a headache in the securtiy department.
Re:The problem being... (Score:1)
Re:The problem being... (Score:1)
Re:The problem being... (Score:1)
Re:The problem being... (Score:1)
Passive tags will lie under your skin dormant until something sends a message to it to ask a question. Then it will answer.
Active tags will do more than just send out a responce. It will have to authenticate the query, then send information instead of just handing it out to any old request.
Re:The problem being... (Score:2)
Re:The problem being... (Score:2)
So is it really worthwhile in real world security situations or is it all just about monitoring employee/sheep movements 24/7.
Re:The problem being... (Score:4, Insightful)
And you just know someone will keep a copy of all the generated keypairs, and a whole bunch of them will be stolen.
All these are resolveable, technical issues. But they're the kind of thing that gets resolved by academics dedicated to perfecting the theory, not the kind of thing that gets resolved by a company dedicated to getting the per-chip cost down to a fraction of a penny.
the real issue is ease of use... (Score:5, Insightful)
< grrr / >
Re: the real issue is ease of use... (Score:2)
I, for one, don't have a problem with that.
Turn it off? (Score:5, Insightful)
(But carrying around a device for turning it off kind of circumvent the whole idea... Then i could just carry an ID card with an off switch instead)
Re:Turn it off? (Score:3, Funny)
Re:Turn it off? (Score:2, Funny)
Trendy, just like Michael Ja... oh, wait.
Re:Turn it off? (Score:2)
Re:Turn it off? (Score:2)
The jewelry {if it uses enough metal} will effectively block the RFID tag from receiveing and broadcasting signals, as well it won't be highly noticable that you are attempting to block random readers.
Personally I'm not all that impressed with currently embedded chips. MRI machines are not supposed to be used on an unconcious chip embedded person, because of potential problems like
Re:Turn it off? (Score:2)
Re:Turn it off? (Score:3, Interesting)
Well how about an implant that (is hopefully not nearly as disgusting) which allows a chip to be slid in place or out of place? The implant could be a tiny flap of sorts which allows a film to be pl
Re:Turn it off? (Score:2)
Re:Turn it off? (Score:2)
Re:Turn it off? (Score:2)
I'm not arguing for it. It's creepy to me. I'm just throwing an alternative into the air because no one
Re:Turn it off? (Score:1)
The day it is a requirement for me to come to work naked, I'll finally quit.
Re:Turn it off? (Score:2)
The big problem with having any open hole in the skin is infection. For some problems (e.g. kidney dialysis) the risk is worth it, but for everyday use with healthy people, the drawbacks are bigger than the benefits. You might be able to graft the skin into a pocket, like a kangaroo pouch, but that'd be a lot more expensive (and painful) than the 5 minutes it takes to insert a simple subcutaneous implant.
Regardless, what's so bad about carrying around a wireless fob on one's keychain that one needs subc
Re:Turn it off? (Score:2)
Bull hockey. It ain't nothing a shot of tequila, lether belt, and an exacto knife can't fix.
Morbidity (Score:5, Insightful)
Mind you... if all they need is a fingerprint and/or data from your RFID implant, a crook wouldn't even need you alive. The RFID chip would supposedly keep working for a while and fingerprints don't depend on you being alive. Retinas would be a different story, since they require a constant blood flow, though I'm not sure what the decay rate is for retinal tissue when you die.
Food for thought.
Re:Morbidity (Score:2)
Re:Morbidity (Score:1)
Re:Morbidity (Score:2)
Seriously, this and skin conductivity also stop someone from having different fingerprints printed onto their fingers with latex.
Re:Morbidity (Score:2)
Re:Morbidity (Score:2)
Re:Morbidity (Score:2, Interesting)
There are also technologies out that address this specifically with blood vessel patterns in your fingers as well. Although I'd have to think that these would be less accurate than retinas.. You'd think that there more capillaries in your eye than your fingers (although you certai
Re:Morbidity (Score:1)
Re:Morbidity (Score:1)
That is why biometrics are best considered as an ADDITIONAL level of security beyond passwords.
Three things can establish trust:
1) what you are - biometric
2) something you carry - card ( ref id?)
3) something you know - password or pin
the most secure system
Re:Morbidity (Score:2)
Three things can establish trust:
1) what you are - biometric
2) something you carry - card ( ref id?)
3) something you know - password or pin
Getting back to the laziness aspect, this is exactly what most people would prefer to avoid. While they carry fingerprints or retinas everywhere, carrying a card means the potential for losing it and having a PIN/password means having to remember it. Most people want a one-shot identification to take place, preferably without them having to lift a finger (I know
Re:Morbidity (Score:1)
When laziness is your primary concern in building security you build windows 98.
If biometric adoption is being helped by the laziness factor it is because the biometrics systems being build are less secure then password based systems they replace. biometrics can only offer additional security if they are use in combination with some other techniques. Otherwise they offer poorer security because they can't be changed if they are comprised.
Giving someone a smart
decay rate (Score:1)
Re:Morbidity (Score:2)
And how this is any different from a guy putting a gun to your head, forcing you to write down your password or PIN, and then shooting you anyways?
There are countless roberies every year were victims are forced at gun point to withdraw monies from ATMs.
Seriously, a thief doesn't want to murder you (most of the time) if he can avoid it. Unless you put up resistance, they just want your money
Wait a minute... (Score:4, Insightful)
Is being "chipped" biometrics at all? Or am I being a semantics Nazi?
Re:Wait a minute... (Score:1)
You know, I had the same thought. Maybe it is more inclusive than how it is defined in my head.
> I am not left-handed, either!
Crap, I am. Does this mean we've got the bases covered for biometrics, chips, and handedness? heh
-bw
Re:Wait a minute... (Score:1)
Repeat the Story Enough (Score:4, Insightful)
Unisys has the most to gain by selling this story. They do these kinds of projects on a regular basis.
I'd be interested to hear how many of their smart card projects actually worked as promised.
is it who the chip says it is? (Score:1)
Re:is it who the chip says it is? (Score:3, Funny)
Why implants? (Score:4, Interesting)
Re:Why implants? (Score:1)
Unless of course, you do it from the other end and once you find it's missing you remove the device ID from the system it works on, therefore makint it null and void. So if it is stolen, then someone can try to use it but it won't work because the ID it sends to authenticate won't exhist any more.
Who needs RFID? (Score:4, Insightful)
Excuse me? Lazy? (Score:5, Insightful)
I don't think the users are sick of having to type -- they're sick of the situation created by lazy-ass admins who think that you create security by having 30 different accounts, each with >8 characters, with mandatory uppercase, lowercase, numerics and punctuation. Oh, and they all have to be rotated at 60 day intervals and it's easy because you just make up a little story about each of your convoluted passwords, remember all 30 of them and make up a new one and forget the old one every time you change the password!
I just had to change and lengthen my purchasing account password because, y'know, there's a huge problem with h4x0rs ordering office supplies in my name. I'll tell you where I'd like to implant an RFID chip...
Re:Excuse me? Lazy? (Score:2)
The problem lies with corporations who are too lazy to set up some kind of integrated security...unfortunately microshaft has one of the most friendly setups, with Active Directory, but it doesn't play well with others, and it has all the problems associated with all the other microsoft products.
So you end up with every application having its own security, and then corporate decides that all pas
These lazy people should watch "Charlie Jade" firs (Score:2)
http://www.charliejade.com/ [charliejade.com]
In the show, in the Alphaverse ( a parallel universe with more advanced technology than use) everybody has a chip in their wrist. They use is as a debit card. The corporations/governments use it as population control. If you don't have a chip, you don't exist and anybody can kill you.
BTW: Yes, it's a good show but the pace is slower than lets say BSG.
Hello, Mr. Fragmentate, Welcome to Wal-Mart (Score:4, Insightful)
I already don't like when they read my credit card and say, "thank you Mr. Fragmentate." Actually, I don't really want them talking to me in a personal manner at all.
You just know that eventually they'll always just know where you are. "Shame on you Mr. Fragmentate... an NC-7 movie? Tsk." I find it hilarious that a good portion of the people recently surveyed by my company about the "evils of browser cookies" were willing to have an implant in their body, but absolutely would not allow cookies.
I don't get it. A harmless text string implanted on your hard-drive that can track you quite anonymously (the net only knows what you tell it) and that you have direct access to; versus a device implanted in your body that you have absolutely no understanding of, or control over.
It's not THAT hard to whip out the driver's license or state-issued ID. I know they're not "secure" but this article isn't talking about security -- it's talking about convenience.
Re:Hello, Mr. Fragmentate, Welcome to Wal-Mart (Score:1)
Re:Hello, Mr. Fragmentate, Welcome to Wal-Mart (Score:2)
Scientologists eat placentas. EVERYBODY knows that.
Well of COURSE they don't care.... (Score:2, Funny)
Famous quotation (Score:5, Funny)
Re:Famous quotation (Score:2)
Could be rewritten/interpreted as "They that would trade essential liberty for a little convenience deserve neither."
That's the problem with people these days -- they don't want to put any effort into anything and so they're more than willing to give away their rights and their privacy if it means they get through the line quicker at Wal*Mart.
*sigh*
OT: fun assassination story (Score:2)
This late president's last words were "Oh dear, I think I have a headache".
Friend thinks for a second, then says "Hope it wasn't Kennedy..."
What?
Too soon?
After reading the demo in Wired 14.05... (Score:3, Informative)
Communism (Score:2, Insightful)
Re:Communism (Score:2)
On the contrary. For people who lived in totalitarian societies freedom means turning a blind eye to the indiscretions of others, hiding your own from strangers, and generally doing everything you can to make bureaucracy ineffective a
Re:Communism (Score:1)
Grant it I don't agree with every politician in our government here in the USA but if the majority of the public here doesn't like what they've done, out they go!
Re:Communism (Score:2)
People will learn to deal with the government they have to live with. Most of the world population is more suspicious of government than the US, and therefore less likely to like this technology. Americans do have much more influence on whether it is used. Not just because of the reason you stated but also because the US is the number one superpower and tells a lot of its allies what identification technology to use to monitor its citizens b
How come we can't get past "maybe?" (Score:2)
I'm lazy (Score:5, Funny)
I would have voted against biometrics, but never quite got around to it.
Chiped off!!! (Score:2, Interesting)
Easy to hack (Score:1)
Re:you joke is too subtle (Score:1)
Stalone says (something like):
ergo: RFID circumvention would be "easy to hack"
You're correct though, original post is too subtle.
Security without Usability = Insecurity (Score:3, Interesting)
If you implement theoretically secure designs, but they suffer from usability problems, you'll end up with a system which is neither secure nor usable.
If, on the other hand, you design your security/authentication mechanisms with usability as a key concern, you'll end up with usable, secure systems.
Easy means wrong application. (Score:2, Insightful)
Imagine if I were using a retina or fingerprint scanner instead of a credit card. Replacing my retina/fingerprints isn't nearly as easy.
Biometrics mean you have once chance to keep your identity safe. Afterwards you're screwed for the rest of your life. For this
Re:Easy means wrong application. (Score:1)
Re:Easy means wrong application. (Score:1)
Religious Issues with Chip? (Score:3, Interesting)
Seems to me, using fingerprints, or retina scans, or some other "god given" form of ID would be more socially acceptable to Christians... and not really any more difficult to implement than an implate. And it would be harder to fake a retina or fingerprint than a chip.
Re:Religious Issues with Chip? (Score:1)
Re:Religious Issues with Chip? (Score:3, Interesting)
And when it comes to the death penalty, you can look at the story in the Gospel of John
Re:Religious Issues with Chip? (Score:1)
I'm not hear to flame or to otherwise support Christianity (of which I'm a card carrying believer), I'm just here to point out that Muslims, Jews, and other religions suffer from the same hypocrisy... Don't just single out the Christians in this endeavor. I'm sure the oth
Re:Religious Issues with Chip? (Score:3, Interesting)
Re:Religious Issues with Chip? (Score:1)
First off, I am a Christian and I have my own faith that is what it is. I do not, however, consider myself part of any sect, congreation, or denomination. Basically, as a child I saw through the hypocracy and lies and opted out of the popularity contests and such.
So with that in mind; If the typical christain were like myself, then no, they wo
The hair on the back of my neck is standing up (Score:2)
Given the US Governments current plans to consolidate all the data they hold about you into ginormous centralized multi-agency databases-
http://www.whitehouse.gov/omb/egov/c-6-9-ioi.html [whitehouse.gov]
They then intend to secure this data with biometric-containing RFID equipped tokens-
http://www.whitehouse.gov/omb/egov/b-1-information
But they intend to use Microsoft MIIS as the security engine-
http://www.microsoft.com/technet/technetm [microsoft.com]
Ah, yes rf (Score:1)
Re:Ah, yes rf (Score:1)
Re:Ah, yes rf (Score:1)
Oh dear (Score:1, Offtopic)
This is a people challenge with a people solution. (Score:2, Insightful)
It's NOT ease of use (Score:3, Interesting)
Why? Users don't really care - even for bank account logins. Passwords work well enough. Also, everyone 'says' they'd LOVE biometrics, but when you get down to capturing their electronic fingerprint, they start to get nervous.
It's rather like smartcards. While they're superior to credit cards, the credit card system in the US is mature, ubiquitious, integrated, and simple enough that most consumers wouldn't really get a huge benefit. I don't think most identity theft comes from stolen passwords.
Same with biometrics - the technology has been around for 10 years and it's made some headway into niche applications, but it's not going to explode anytime soon unless WalMart or banks requires everyone to use it.
Where, where, where is Waldo? (Score:3, Insightful)
You have your basic triage of information:
1. Consumer/User/
2. Merchant/Provider
3. Arbitrator/Mediator/Authenticator
Each MUST be able to revoke one of the other two for such a successful system. Right now, the biggest problem in today's computing world is the consumer/user cannot revoke.
Without user revokation, the system is ineffectual against abuse (i.e., identity thefts, innocent arrest records, stuck with a Social Security Number)
What is needed is a 3-way public key exchange algorithm (can't even find that in Google).
I was angry (Score:1)
Sigs instead of IDs (Score:2)
The problem is that no one should store any ID information. The chip needs to provide a digital signature, and the private key needs to exist only in the chip. This completely eliminates spoofing by "listening" to a device or pinging it for ID. I suppose each device should also have an ID, but that should not be used as authentication - just a suggestion as to which public key ca
But you know... (Score:3, Insightful)
This is the same reason that beers with twist-off caps is so popular too.
Being "chipped" is NOT Biometrics (Score:2)
Title is misleading (Score:1)
Existance is futile. (Score:2)
You'll still be officially alive
Don't be pissed.
You'll still be voting in 9595
All your base
are belong to us.
Decompose, at a slow pace.
Don't make a stinking fuss.
Biometrics != Chipping (Score:3, Insightful)
Chipping is no more than a fancy way of carrying an access card, a poor substitute for biometrics (really NOT a substitute). And even if it were a perfect substitute, biometrics is not a good method under some circumstances (like remote logging: was that someone speaking his passphrase on a microphone, or just a recording?).
Decision makers should leave the mothod of authentication to the experts (sane ones, excessive paranoia is detrimental too).
Chip Jewelry or Clothing, sure. Implants, never. (Score:1)