Comments on: One Second Iris Scanning Webcam Closer To Market http://www.ohgizmo.com/2006/05/21/one-second-iris-scanning-webcam-closer-to-market/ Deliciously Geeky... Sun, 22 Nov 2009 16:25:03 -0600 http://wordpress.org/?v=2.8.4 hourly 1 By: AJ http://www.ohgizmo.com/2006/05/21/one-second-iris-scanning-webcam-closer-to-market/comment-page-1/#comment-355577 AJ Thu, 27 Dec 2007 15:37:06 +0000 http://www.ohgizmo.com/2006/05/21/one-second-iris-scanning-webcam-closer-to-market/#comment-355577 Do we even need a 'special biometric camera'? Cant it be only software dependant? Do we even need a ’special biometric camera’? Cant it be only software dependant?

]]> By: Matt H. http://www.ohgizmo.com/2006/05/21/one-second-iris-scanning-webcam-closer-to-market/comment-page-1/#comment-14802 Matt H. Wed, 24 May 2006 00:28:48 +0000 http://www.ohgizmo.com/2006/05/21/one-second-iris-scanning-webcam-closer-to-market/#comment-14802 Iris scanners can sometimes be fooled by a picture of the eye, depending on the technology. Also... if you really, really want to break one of these things, there's a possibility that the protocol from the reader to the laptop is insecure. So... make sure that no one's using a "usb sniffer" when you enroll your iris-print. Also, someone might want to do a 3rd party review to ensure that the protocol isn't so simple that the iris print is stored in the camera and the camera sends a "yup, that's the right eyeball" message when it sees an enrolled iris. Breaking something like that would be relatively trivial. Also... insert all the standard disclaimers about biometrics. Somewhere in the system is a copy of your biometric, please make sure it's secure. If the biometric is on the laptop's hard drive, and I steal your hard drive, I can probably dig around until I figure out how to reverse engineer the scanner's control software to get it to think that a teddy bear is the key. Admittedly, I'm probably not going to do this if the only thing on the protected laptop is your mother's gespacho recipe. But I hope you're not using this to protect the nuclear launch codes. That would be bad. Iris scanners can sometimes be fooled by a picture of the eye, depending on the technology. Also… if you really, really want to break one of these things, there’s a possibility that the protocol from the reader to the laptop is insecure. So… make sure that no one’s using a “usb sniffer” when you enroll your iris-print. Also, someone might want to do a 3rd party review to ensure that the protocol isn’t so simple that the iris print is stored in the camera and the camera sends a “yup, that’s the right eyeball” message when it sees an enrolled iris. Breaking something like that would be relatively trivial.

Also… insert all the standard disclaimers about biometrics. Somewhere in the system is a copy of your biometric, please make sure it’s secure. If the biometric is on the laptop’s hard drive, and I steal your hard drive, I can probably dig around until I figure out how to reverse engineer the scanner’s control software to get it to think that a teddy bear is the key.

Admittedly, I’m probably not going to do this if the only thing on the protected laptop is your mother’s gespacho recipe. But I hope you’re not using this to protect the nuclear launch codes. That would be bad.

]]> By: Micah http://www.ohgizmo.com/2006/05/21/one-second-iris-scanning-webcam-closer-to-market/comment-page-1/#comment-14576 Micah Mon, 22 May 2006 21:11:19 +0000 http://www.ohgizmo.com/2006/05/21/one-second-iris-scanning-webcam-closer-to-market/#comment-14576 Iris scanning DOES add one major thing to the mix that fingerprint scanning doesn't. Iris scanners cannot be faked by use of a gummy bear. If someone uses a fingerprint scanner, someone later can get the print with a gummy bear and use it to scan in successfully. Iris scanning DOES add one major thing to the mix that fingerprint scanning doesn’t. Iris scanners cannot be faked by use of a gummy bear. If someone uses a fingerprint scanner, someone later can get the print with a gummy bear and use it to scan in successfully.

]]>