[geeks] Passwords, etc

Charles Shannon Hendrix shannon at widomaker.com
Mon Dec 11 17:02:31 CST 2006


Mon, 11 Dec 2006 @ 14:35 -0600, Bill Bradford said:

> On Mon, Dec 11, 2006 at 02:09:47PM -0500, Charles Shannon Hendrix wrote:
> > If the information is stolen, you can't just get a new "ID". The only
> > way to issue a new biometric ID is if the system uses a salt, and that
> > really only partially solves the problem, and isn't much better than
> > current systems using non-bio ID which can be salted.
> 
> I'm talking about only for an equivalent of my swipe-card at work, not
> anything else (for example, I hate the idea of RFID debit/credit cards,
> ec).

True, but then... it would be a good place for harvesting.

I don't want *ANYONE* to store my biometric data, and if they do, then
the law should have strict guidlines for very short lived storage and
garanteed destruction of said data, *BY THE REQUEST OF THE OWNER*.

It's just far too dangerous.

If biometrics does become common, I think the reaction from the
undergrounds (of various kinds) will be to so badly poison the system
that it really won't be effective, but they'll keep using it anyway.

Either that or it will lead to a huge escalation that no one wins and
the average joe definitely loses.

-- 
shannon "AT" widomaker.com -- ["Meddle not in the affairs of Wizards, for
thou art crunchy, and taste good with ketchup." -- unknown]



More information about the geeks mailing list