Also, if your dealing with a shop that has to be PCI-DSS or as part of a PA-DSS application, the PCI folks want to see at least 256bit AES encryption. The 128-bit solution isn't enough. So far the closest we've found is Logmein and we only support clients on Windows or OSX.
So, let me get this straight. 128-bit AES in a popular, trusted , open source, "point to point" application isn't good enough. However Logmein, originally developed in Eastern Europe (and probably now supported from India or China) which is a closed box controlled by servers you have no idea what they're doing is fine because they somewhere have the magical text "256bit AES". Right.
Hey, buzzword compliance is what standards are all about!
They could do even better than that, they could take relative position information you described and then hash it. Hashes are one way, no one can recover the respresentation once it is hashed.
even with a "secure" hash, if the recorded data has low entropy, you can still guess it in an offline dictionary attack. If you believe otherwise, please post your
But seriously, it's besides the point whether they store hashes or high-res pictures of your fingers. Whoever gets their hand on the database can still identify the prints you leave everywhere. High-res pictures just make it easier for them to impersonate you to other fingerprint scanners.
One thing that I'm certain would be a part of future "wishes and plans" to censor (if not already part of the proposed filter) would be Nazi paraphernalia.
This is already being done [German], at least in the state NRW. They starting blocking in 2002, and a court determined it's legal in 2005.
To provide some perspective for US readers, here's a NY Times article on how unique the First Amendment is.
"One lawyer can steal more than a hundred men with guns." -- The Godfather