replacing compromised biometric authenticators
Alain Hebert
ahebert at pubnix.net
Fri Oct 13 11:03:30 UTC 2017
Odd,
1. captcha(?)
In my millennia of experience I never saw a captcha used as a mean
for DC access control. Just as a programmatic way to reduce brute force
for some website functions.
On my network janitor keychain I have (in order of hackability from
easiest to hardest)
1. keycard only
2. keycard + fingerprints
3. keycard + face (2d)
4a. keycard + eye
4b. keycard + top of hand mapping
But all the DCs, I deal with, have highrez cameras and tailgating
controls... Biometrics are just a part of a wider system.
-----
Alain Hebert ahebert at pubnix.net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770 Beaconsfield, Quebec H9W 6G7
Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443
On 10/12/17 16:58, Rich Kulawiec wrote:
> On Wed, Oct 11, 2017 at 05:04:08PM -0400, Ken Chase wrote:
>> If the current best operating practice is to avoid biometrics, why are they
>> still in use out here?
> (1) for the same reason some idiots still use captchas
> (2) new hotness > old and busted, regardless of merits
> (3) because they facilitate coerced risk transference away from the
> people who are actually responsible (and are paid to be so) to the
> people who shouldn't be responsible (and aren't paid to be)
>
> ---rsk
>
>
More information about the NANOG
mailing list