{"id":30,"date":"2007-10-26T07:22:34","date_gmt":"2007-10-26T07:22:34","guid":{"rendered":"http:\/\/leirdal.net\/blog\/?p=30"},"modified":"2012-08-23T08:00:25","modified_gmt":"2012-08-23T07:00:25","slug":"fingerprints-as-identification","status":"publish","type":"post","link":"https:\/\/www.leirdal.net\/blog\/archives\/30-fingerprints-as-identification.html","title":{"rendered":"Fingerprints as identification"},"content":{"rendered":"<p>Bruce Schneier had a blog <a title=\"Bruce Schneier\" href=\"http:\/\/www.schneier.com\/blog\/archives\/2007\/10\/partial_fingerp.html\" target=\"_blank\">entry<\/a> about the security of partial fingerprints yesterday. His main point is that there has been a ruling in an US court recently that partial fingerprints cannot be used in a murder case. He links among else to the news-article (update: link removed, not longer available) describing this ruling.<\/p>\n<p>Now this seems to me to be an effect due to sampling frequency. Research has shown that the fingerprints of two different individuals are different. The problem is that law agencies don&#8217;t seem to check the whole fingerprint. They check only a few different spots of the fingerprint. In other words they have a sampling frequency algorithm when they enumerate a fingerprint. Now, I am no expert on fingerprints, but I do know the weaknesses of a sampling frequency. If it is too loose you might get wrong data. To different objects can be identified with the same sampled key. (You might call it the same hashing key if you like.)<\/p>\n<p>The article references among else two other cases where the fingerprint have been wrongly identified, and the judge &#8220;criticized the common method of fingerprint as overly subjective and lacking in standards&#8221;. Now the reason I am blogging about this is that we are now seeing the utilizing of fingerprint readers in a lot of devices. From laptops to airline check-in points.<\/p>\n<p>As everybody that has seen the Mythbusters episode where they are trying to hack fingerprint readers know, such technology is not 100% secure. They only have to be secure enough. I have been alerted to wrongly identified airline passengers due to electronic fingerprint readers (in Norway). I would like to know if this was caused by software or hardware malfunction, or if the product did not use a &#8220;sampling frequency&#8221; capable of handling enough different passengers.<\/p>\n<p>Anyway, we have to be aware of the weaknesses of a technology we are using and if there are problems we have to address them accordingly.<\/p>\n<p>Link to entry on Digg<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Bruce Schneier had a blog entry about the security of partial fingerprints yesterday. His main point is that there has been a ruling in an US court recently that partial fingerprints cannot be used in a murder case. He links among else to the news-article (update: link removed, not longer available) describing this ruling. Now [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[5,13,11],"tags":[35,36,513,517,515],"class_list":["post-30","post","type-post","status-publish","format-standard","category-internet","category-security","category-technology","tag-bruce-schneier","tag-fingerprint","tag-internet","tag-security","tag-technology","czr-hentry"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p1xqPf-u","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":92,"url":"https:\/\/www.leirdal.net\/blog\/archives\/92-bruce-schneier-how-to-sell-security.html","url_meta":{"origin":30,"position":0},"title":"Bruce Schneier: How to sell security","author":"leirdal","date":"2008-05-29","format":false,"excerpt":"I guess most readers of this blog also check out Bruce Schneier once in a while. One of his latest entries discusses the different aspects of how to sell security. What is worst, the risk for a big loss, or the certainty of a small one? Read his blog post\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/security"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":58,"url":"https:\/\/www.leirdal.net\/blog\/archives\/58-bruce-schneier-security-in-ten-years.html","url_meta":{"origin":30,"position":1},"title":"Bruce Schneier: Security in ten years","author":"leirdal","date":"2007-12-04","format":false,"excerpt":"Bruce Schneier have this little gem available on his site today. Bruce and Marcus Ranum are discussing security issues and trying to guess where the field will be in ten years time. I've got to say that they are painting a somewhat bleak picture, and I sincerely hope that they\u2026","rel":"","context":"In &quot;Internet&quot;","block_context":{"text":"Internet","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/internet"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":79,"url":"https:\/\/www.leirdal.net\/blog\/archives\/79-schneier-on-security-for-a-safe-nights-sleep.html","url_meta":{"origin":30,"position":2},"title":"Schneier on Security: For a Safe Night&#8217;s Sleep","author":"leirdal","date":"2008-04-02","format":false,"excerpt":"This is just fantastic. Bruce Schneier has a blog-entry called For a Safe Night's Sleep that covers a product named Quantum Sleeper. I just can't shake the feeling this is published due to April first, but anyway. For a laugh check out some of the specs. Whether it's a joke\u2026","rel":"","context":"In &quot;Life&quot;","block_context":{"text":"Life","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/life"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":38,"url":"https:\/\/www.leirdal.net\/blog\/archives\/38-denial-of-service-attacks-with-a-new-twist.html","url_meta":{"origin":30,"position":3},"title":"Denial of Service attacks with a new twist?","author":"leirdal","date":"2007-11-07","format":false,"excerpt":"BBC recently gave us a nice little story about electronic car keys. Bruce Schneier has covered the story as well. The gist of the story is that a lot of people had trouble opening and starting their cars in one particular parking lot. People started checking different causes for this\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/security"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":52,"url":"https:\/\/www.leirdal.net\/blog\/archives\/52-encryption-and-security.html","url_meta":{"origin":30,"position":4},"title":"Encryption and security","author":"leirdal","date":"2007-11-19","format":false,"excerpt":"Maybe it's not as secure as you think. According it this article and the following post on Slashdot, Hushmail has been caught red-handed in backstabbing their own marketing. \"The only way to decrypt or unscramble Hush messages is by using your passphrase when you open up your Hushmail account. Carnivore\u2026","rel":"","context":"In &quot;Internet&quot;","block_context":{"text":"Internet","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/internet"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":846,"url":"https:\/\/www.leirdal.net\/blog\/archives\/846-a-wish-for-corporate-social-software.html","url_meta":{"origin":30,"position":5},"title":"A wish for corporate social software","author":"leirdal","date":"2012-01-12","format":false,"excerpt":"I attended an IXDA meetup yesterday discussing among else \"Collaborating in the stream\". Pete Lacey from Podio showed us some of their ideas regarding different communication types in different activity streams or different applications. The catch though, everything runs on their server; in the cloud. Now personally I use the\u2026","rel":"","context":"In &quot;Internet&quot;","block_context":{"text":"Internet","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/internet"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/posts\/30","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/comments?post=30"}],"version-history":[{"count":3,"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/posts\/30\/revisions"}],"predecessor-version":[{"id":1117,"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/posts\/30\/revisions\/1117"}],"wp:attachment":[{"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/media?parent=30"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/categories?post=30"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/tags?post=30"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}