"Ephemeral" Biometrics
Cathal Garvey
cathalgarvey at cathalgarvey.me
Mon Jun 9 06:10:54 PDT 2014
Also, many (perhaps most) biometrics can be trivially forged. Facial
pictures are laughable without depth, but a 3D printed mask can probably
fool them even then. DNA is trivial to copy using the same methods
forensics depend on to ID it (and there are even companies that will
produce artificial DNA fingerprints to-order, now). Fingerprints can be
cloned using toner, and even enhancements like temperature/humidity..
observe CCC's defeat of the iPhone fingerprint scanner within days of
release.
On 09/06/14 14:02, Tomas -Overdrive- Petru wrote:
> I do not like biometric idea at all, because we can change password, but how can I change biometric measurements in the moment, something goes wrong? E.g. digital copy of biometrics is stolen [and that will happen for sure].
>
> Biometic is useless for me.
>
> ˜ Tomas
>
>
> On 06 Jun 2014, at 20:17, Gregory Foster <gfoster at entersection.org> wrote:
>
>> Signed PGP part
>> Federal Business Opportunities (Jun 4) - "Ephemeral Biometrics: An
>> Alternative to Traditional, Event-based Authentication" by Sandia
>> National Laboratories:
>> https://www.fbo.gov/index?s=opportunity&mode=form&id=06e9abca57bdd9dac64902e39f039c4f&tab=core&_cview=0
>>
>>> Sandia National Laboratories is engaged in ongoing research and
>>> development into transformational upgrades in the area of cyber
>>> identity management as well as Insider Threat Monitoring by using
>>> Ephemeral Biometrics (EB). EB is unique because individual
>>> identities are tied to living biometric data that is active and
>>> continuous. The purpose of the research is to derive convenient
>>> authentication techniques (e.g., alternatives to passwords) that
>>> are both active and continuous while at the same time significantly
>>> improving authenticity and integrity of cyber identities.
>>
>> "Ephemeral Biometrics: What are they and what do they solve?" by Sung
>> Choi and David Zage of Sandia National Laboratories (2013):
>> https://www.cs.purdue.edu/homes/zagedj/docs/iccst2013.pdf
>>
>> I'm not really sure what's ephemeral about redefining authentication
>> to mean continuous monitoring.
>>
>> This work directly targets insider threat concerns raised
>> post-Snowden, and provides further evidence that entities obsessed
>> with secrecy will destroy their own effectiveness in pursuit of an
>> improbable if not impossible definition of "security" which attempts
>> to hermetically seal systems that include human beings.
>>
>> Good luck with that!
>> gf
>>
>> --
>> Gregory Foster || gfoster at entersection.org
>> @gregoryfoster <> http://entersection.com/
>>
>
>
--
T: @onetruecathal, @IndieBBDNA
P: +353876363185
W: http://indiebiotech.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x988B9099.asc
Type: application/pgp-keys
Size: 6176 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140609/b021a5c3/attachment-0002.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140609/b021a5c3/attachment-0002.sig>
More information about the cypherpunks
mailing list