Re: [opensuse] Adding biometric security to a computer [getting OT]
On Sun, 2007-03-25 at 16:52 +0200, Carlos E. R. wrote: By the way... I know of at least one e-commerce institution that does not accept credit card payment from Internet. It has to be bank transfer, or postal payment on arrival (which is more expensive). I wonder why. Either better laws protecting their interest of the cards vig is too much. Local donut shops charge extra fees to use ATM and try with the credit cards, though the latter is illegal. -- ___ _ _ _ _ _ _ || | | [__ | | | |___ |_|_| ___] | \/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
An African charity my church works does micro loans to help really small businesses. These are not cash but small bank accounts secured with cards, passwords and fingerprint readers which also check for a pulse. This last eliminating the cut finger risk and well publicized to save the customers from both kinds of loss. I do not know if they use OS2 for the bank computer or Linux likely the former due to obscurity. -- ___ _ _ _ _ _ _ || | | [__ | | | |___ |_|_| ___] | \/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Monday 26 March 2007, David Brodbeck wrote: It's not just snatch/grab thugs you have to worry about. Identity theft has gotten pretty sophisticated. Agreed. Sophisticated enough not to have to steal your lap top to get what they want. Unless combined with full disc encryption finger print readers are likely just as secure as pins for the purpose of securing your laptop. Lets make at least a minimal attempt to keep this thread on track. It has nothing at all to do with identity theft. It is concerned with biometric security on a computer, laptop or otherwise. Pins, passwords and readers are first line defenses only. Once they have your laptop you are screwed. Until you cough up the money for full disk encryption it makes no sense to get all hot and bothered about finger print readers. http://www.seagate.com/www/en-us/products/laptops/momentus/momentus_5400_fde.2/ -- _ John Andersen -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Monday 2007-03-26 at 21:27 -0700, David Brodbeck wrote: Well, this gang manufactured so good devices that they did an extra business out of selling the devices... This is not SciFi, it is happening. My father was stolen 1200 eur this way. And it is a sophisticated method. That's apparently happened more than once in the U.S. It's happening a lot here in Spain (dunno about the rest of Europe). Just that the case I told about the making was specially sophisticated. In another scam, the perpetrator went so far as to set up an entire fake ATM in a mall. It skimmed card data and PIN numbers, which he'd then come back and download to a laptop later, in the guise of doing maintenance on the machine. He was eventually caught when someone complained to the mall management about the ATM that always seemed to be out of cash. How daring! X-) - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGCOWbtTMYHG2NR9URApe6AJ46tRgekn3uV/gqZN3O+OQAH4K9mwCghrKN 1Ryh94YdOBO+ttHUI0quBgs= =oZ6B -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer [getting OT]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Monday 2007-03-26 at 23:42 -0400, Mike McMullin wrote: Well, this gang manufactured so good devices that they did an extra business out of selling the devices... This is not SciFi, it is happening. My father was stolen 1200 eur this way. And it is a sophisticated method. As seen on CSI. I suffered it first hand before seeing it on CSI - which in fact, I haven't. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGCOYHtTMYHG2NR9URAhL8AJ0TtCwCA/H1vLQtAaoj6BTQjBzQ8gCfZLrn LcS8xwO4eBCYqi9eAlDUIws= =+ag2 -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Tuesday 2007-03-27 at 00:47 -0800, John Andersen wrote: Unless combined with full disc encryption finger print readers are likely just as secure as pins for the purpose of securing your laptop. Absolutely. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGCOhttTMYHG2NR9URAnkvAJ9bH/q+CdPWi+gu/ng1d8vzTjU7awCgkKgZ mDGJOPjYSLjuvfeYcSSapDk= =Wfwl -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Tue, 2007-03-27 at 11:48 +0200, Carlos E. R. wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Tuesday 2007-03-27 at 00:47 -0800, John Andersen wrote: Unless combined with full disc encryption finger print readers are likely just as secure as pins for the purpose of securing your laptop. Absolutely. I wonder whether the British bank that lost a laptop last week with 13000 customer records on it has even thought of any of this? It also begs the question why the hell this information was even on a laptop in a car? -- Dave Cotton [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Tuesday 27 March 2007, Dave Cotton wrote: On Tue, 2007-03-27 at 11:48 +0200, Carlos E. R. wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Tuesday 2007-03-27 at 00:47 -0800, John Andersen wrote: Unless combined with full disc encryption finger print readers are likely just as secure as pins for the purpose of securing your laptop. Absolutely. I wonder whether the British bank that lost a laptop last week with 13000 customer records on it has even thought of any of this? It also begs the question why the hell this information was even on a laptop in a car? Well, Full Drive Encryption (built into the drive hardware) is brand spanking new. There has been ways to do this after market, but these drives make it easy because your OS never realizes the drive is encrypted. Its all taken care of in hardware. I presume there is some boot time password requested, but I've never seen one of these yet. -- _ John Andersen -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
Dave Cotton wrote: It also begs the question why the hell this information was even on a laptop in a car? Outsourcing? Outside audits? The company I work for is publicly traded and we're required to have an outside company audit our books. They arrive en masse with...you guessed it...laptops, which they proceed to enter our information into... -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Sunday 25 March 2007, David Brodbeck wrote: John Andersen wrote: The replication of the finger print is a bit beyond the skills of the ordinary snatch-n-run artist. Some one has been watching too much CSI: Miami. You can dismiss it if you want, but it's been demonstrated using fairly crude materials and methods. For example: http://www.dansdata.com/uareu.htm I will in fact dismiss it. Until my lap top goes missing. At which time I will immediately provide the police with a list of ALL the people who I allowed to take a putty mold of my fingers. Come on David!!! -- _ John Andersen -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer [getting OT]
Carlos E. R. wrote: The Sunday 2007-03-25 at 13:19 +0100, Anders Johansson wrote: No, you throw them away when you see a hold up comming, so that they can't force you to give up the pin. For instance :-) The problem with that is that many times, all you need to buy with a credit card is the number, name of the holder, and expiration date, and all those can be found on the card Insane, I know Yep. Unless the owner has time the same day to denounce the card loss to the company. By the way... I know of at least one e-commerce institution that does not accept credit card payment from Internet. It has to be bank transfer, or postal payment on arrival (which is more expensive). I wonder why. Probably means that they do not have, or unable to get a credit card trader account, which apparently can be expensive to set up and maintain. begin:vcard fn:Graham T. Smith n:Smith;Graham T. adr:Barton upon Humber;;90 Bowmandale;;North Lincs.;DN18 5EA;UK email;internet:[EMAIL PROTECTED] tel;cell:07876793607 version:2.1 end:vcard
Re: [opensuse] Adding biometric security to a computer
ka1ifq wrote: On Saturday 24 March 2007 13:34, David Brodbeck wrote: Rajko M. wrote: 2) Is there any bank that is asking for such identification for credit cards? There will be no so much problems with stolen identities if they would. Fingerprint readers are not foolproof. I remember reading an article not long ago where some researchers took impressions of people's fingers and made fake fingerprints out of gelatin. They fooled several popular fingerprint reading devices. This worries me because fingerprint technology effectively relies on a secret password that cannot be changed. If someone finds out your PIN, you can always change it. If someone steals your fingerprints, you're stuck. Over-reliance on biometrics may create more problems than it solves. This was done on a popular show Mythbusters. They are not accomplished crooks but figured out how to do it in a short period of time. They did not reveal the information on how they managed to defeat the reader, but the manufacturer did claim it was foolproof, guess not. One way or another information on new technology gets leaked and it gets busted.. As I understand it all you need is super glue, a bit of plastic and a glass with the targets dabs to get an impression. Transferring the impression to a an object is a little more tricky. For more sophisticated readers the object may need to heated to blood temperature. Foolproof security is a bit like like the myth of the unsinkable ship. Once human ingenuity (or incompetence) enters the equation anything can happen (and often does). :-) Mike begin:vcard fn:Graham T. Smith n:Smith;Graham T. adr:Barton upon Humber;;90 Bowmandale;;North Lincs.;DN18 5EA;UK email;internet:[EMAIL PROTECTED] tel;cell:07876793607 version:2.1 end:vcard
Re: [opensuse] Adding biometric security to a computer [getting OT]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Monday 2007-03-26 at 08:59 +0100, G.T.Smith wrote: By the way... I know of at least one e-commerce institution that does not accept credit card payment from Internet. It has to be bank transfer, or postal payment on arrival (which is more expensive). I wonder why. Probably means that they do not have, or unable to get a credit card trader account, which apparently can be expensive to set up and maintain. No, not that. The accept credit card for business accounts they know previously, but never from private people. Ie, they do it on purpose. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGB598tTMYHG2NR9URAq1aAJ0dFkt8VfFDZsCDN35qZrWwJ3ggywCffbcK jdnrjCtSXVlat/GMM0CY6tw= =bkCD -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer [getting OT]
On Mon 26 Mar 2007 07:59, G.T.Smith wrote: Probably means that they do not have, or unable to get a credit card trader account, which apparently can be expensive to set up and maintain. - I do not understand the trader account machinery . . . maybe using PayPal can work good? .. friendly greetings -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer [getting OT]
[EMAIL PROTECTED] wrote: On Mon 26 Mar 2007 07:59, G.T.Smith wrote: Probably means that they do not have, or unable to get a credit card trader account, which apparently can be expensive to set up and maintain. - I do not understand the trader account machinery . . . maybe using PayPal can work good? To clarify, a credit card trader account is a credit account which allows you to accept payments from other credit cards or in some cases debit bank accounts (you need to hire or purchase equipment to process transactions). As banking practices and regulations differ in different parts of the world, exactly what you get and what it is called will vary. Then there are third parties that will process such transactions and transfer any proceeds to a bank account of your choice. These are different to a credit card trader accounts. Both effectively take a slice of the transaction, and may involve a standing charge. While paypal does perform the latter to some extent; it is limited, a bit dodgy on security, and personally negative thoughts involving 'touching with long barge poles' come to mind. .. friendly greetings begin:vcard fn:Graham T. Smith n:Smith;Graham T. adr:Barton upon Humber;;90 Bowmandale;;North Lincs.;DN18 5EA;UK email;internet:[EMAIL PROTECTED] tel;cell:07876793607 version:2.1 end:vcard
Re: [opensuse] Adding biometric security to a computer [getting OT]
Carlos E. R. wrote: The Monday 2007-03-26 at 08:59 +0100, G.T.Smith wrote: By the way... I know of at least one e-commerce institution that does not accept credit card payment from Internet. It has to be bank transfer, or postal payment on arrival (which is more expensive). I wonder why. Probably means that they do not have, or unable to get a credit card trader account, which apparently can be expensive to set up and maintain. No, not that. The accept credit card for business accounts they know previously, but never from private people. As credit card transactions usually incur a charge (either directly or indirectly) for the recipient, which is why in the UK some smaller shops shops and businesses set a minimum transaction limit, below which they either decline the transaction, or apply a processing charge. Suspect the same applies elsewhere... It makes sense for a business to keep the regular customers happy. Ie, they do it on purpose. begin:vcard fn:Graham T. Smith n:Smith;Graham T. adr:Barton upon Humber;;90 Bowmandale;;North Lincs.;DN18 5EA;UK email;internet:[EMAIL PROTECTED] tel;cell:07876793607 version:2.1 end:vcard
Re: [opensuse] Adding biometric security to a computer
John Andersen wrote: On Sunday 25 March 2007, David Brodbeck wrote: You can dismiss it if you want, but it's been demonstrated using fairly crude materials and methods. For example: http://www.dansdata.com/uareu.htm I will in fact dismiss it. Until my lap top goes missing. At which time I will immediately provide the police with a list of ALL the people who I allowed to take a putty mold of my fingers. What you're missing is that the same technique has been successfully done using only a latent print lifted from an object. So you don't need to let someone take a putty mold of your finger -- they can lift your prints off any object you've handled. This does not take NSA-level skills or materials. The method is detailed in some of the articles linked from that page. Now, it's quite likely that this level of security is plenty high enough to protect data on your laptop, but I submit it's a bad idea to use something like this instead of a PIN to authenticate banking transactions, as was suggested earlier in the thread. And yet, I know of at least one check cashing service that's using the same thumbprint reader mentioned in the article as proof of ID. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Monday 26 March 2007, David Brodbeck wrote: What you're missing is that the same technique has been successfully done using only a latent print lifted from an object. Not according to that article. That article described a method any Jr High school student could master. Lifting a print and then embedding that print into a putty mold takes significantly more skill and training than the average snatch/grab artist is likely to muster. -- _ John Andersen -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer [getting OT]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Monday 2007-03-26 at 19:09 +0100, G.T.Smith wrote: No, not that. The accept credit card for business accounts they know previously, but never from private people. As credit card transactions usually incur a charge (either directly or indirectly) for the recipient, which is why in the UK some smaller shops shops and businesses set a minimum transaction limit, below which they either decline the transaction, or apply a processing charge. Suspect the same applies elsewhere... No, that would be directly illegal in Spain. They can't apply extra charges nor different prices, nor reject the transaction once the have the sign credit cards accepted on the door. And if that were the reason, they would accept cards for larger purchases. My guess is that they have been bitten and don't trust the system. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGCHGQtTMYHG2NR9URAo4RAJ9hU5uy1wiKi/PDZzTJsZrvsEd3ZwCdE8qN u/kTRI4VIREftn48tIgcaOQ= =/Ede -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
John Andersen wrote: Lifting a print and then embedding that print into a putty mold takes significantly more skill and training than the average snatch/grab artist is likely to muster. I think the method involved using the latent print to etch a PC board, then taking the mold off that. This is sophisticated, true, but it doesn't involve any materials that an average person can't get their hands on or any skills an average person can't master. It's not just snatch/grab thugs you have to worry about. Identity theft has gotten pretty sophisticated. Once your fingerprints are compromised you can't change them, and the assumption is going to be that you authorized whatever the crook did...after all, the reader read your fingerprint, right? By contrast, a PIN can easily be changed if it's compromised. I fear that if biometrics become widespread we'll have the same problems with them that we currently have with SSNs. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Monday 2007-03-26 at 18:25 -0700, David Brodbeck wrote: John Andersen wrote: Lifting a print and then embedding that print into a putty mold takes significantly more skill and training than the average snatch/grab artist is likely to muster. I think the method involved using the latent print to etch a PC board, then taking the mold off that. This is sophisticated, true, but it doesn't involve any materials that an average person can't get their hands on or any skills an average person can't master. About a month or so ago the police arrested a gang that made a sophisticated device to put on top of bank on the wall holes or however you call them. You know, you push your car into a slot, you type your pin, and you get your money. Well, the trick is to put a fake reader on top of the legitimate reader so well designed that you don't notice. Plus, they place a miniature web camera pointing at the keyboard to read your pin. Later, they remove both and retrieve the data, or they already got the data through a radio link. Later, they use the data to duplicate the credit cards, and finally, they separate you from your money. Well, this gang manufactured so good devices that they did an extra business out of selling the devices... This is not SciFi, it is happening. My father was stolen 1200 eur this way. And it is a sophisticated method. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGCHjLtTMYHG2NR9URAk4bAJ4jbUE8dTGFGPWCyy6hUfdYwxGKdwCffe89 Gd1NKaBOYUBgY6SLvKlwrMk= =LKV5 -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Monday 26 March 2007 03:14, G.T.Smith wrote: Foolproof security is a bit like like the myth of the unsinkable ship. Exactly. The point of security measures is to limit the number of those that can sink the ship or have economic interest to do that. -- Regards, Rajko. http://en.opensuse.org/Portal -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Tue, 2007-03-27 at 03:52 +0200, Carlos E. R. wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Monday 2007-03-26 at 18:25 -0700, David Brodbeck wrote: John Andersen wrote: Lifting a print and then embedding that print into a putty mold takes significantly more skill and training than the average snatch/grab artist is likely to muster. I think the method involved using the latent print to etch a PC board, then taking the mold off that. This is sophisticated, true, but it doesn't involve any materials that an average person can't get their hands on or any skills an average person can't master. About a month or so ago the police arrested a gang that made a sophisticated device to put on top of bank on the wall holes or however you call them. You know, you push your car into a slot, you type your pin, and you get your money. Well, the trick is to put a fake reader on top of the legitimate reader so well designed that you don't notice. Plus, they place a miniature web camera pointing at the keyboard to read your pin. Later, they remove both and retrieve the data, or they already got the data through a radio link. Later, they use the data to duplicate the credit cards, and finally, they separate you from your money. Well, this gang manufactured so good devices that they did an extra business out of selling the devices... This is not SciFi, it is happening. My father was stolen 1200 eur this way. And it is a sophisticated method. As seen on CSI. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
Carlos E. R. wrote: About a month or so ago the police arrested a gang that made a sophisticated device to put on top of bank on the wall holes or however you call them. You know, you push your car into a slot, you type your pin, and you get your money. Well, the trick is to put a fake reader on top of the legitimate reader so well designed that you don't notice. Plus, they place a miniature web camera pointing at the keyboard to read your pin. Later, they remove both and retrieve the data, or they already got the data through a radio link. Later, they use the data to duplicate the credit cards, and finally, they separate you from your money. Well, this gang manufactured so good devices that they did an extra business out of selling the devices... This is not SciFi, it is happening. My father was stolen 1200 eur this way. And it is a sophisticated method. That's apparently happened more than once in the U.S. In another scam, the perpetrator went so far as to set up an entire fake ATM in a mall. It skimmed card data and PIN numbers, which he'd then come back and download to a laptop later, in the guise of doing maintenance on the machine. He was eventually caught when someone complained to the mall management about the ATM that always seemed to be out of cash. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Saturday 2007-03-24 at 18:04 -0800, John Andersen wrote: And in other parts of the world, no own would think of throwing away a credit card, even an expired one without cutting it up and disposing of the pieces in different places. I guess that just shows how different things can be. No, you throw them away when you see a hold up comming, so that they can't force you to give up the pin. For instance :-) - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBlSjtTMYHG2NR9URAuJqAKCDH7+LiVtZvQL0PUiKZ8l2YkZ5zACfUkuA azjHmlQHFcAiDvOzIVDVw/c= =8Pmg -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Sunday 25 March 2007 12:53, Carlos E. R. wrote: The Saturday 2007-03-24 at 18:04 -0800, John Andersen wrote: And in other parts of the world, no own would think of throwing away a credit card, even an expired one without cutting it up and disposing of the pieces in different places. I guess that just shows how different things can be. No, you throw them away when you see a hold up comming, so that they can't force you to give up the pin. For instance :-) The problem with that is that many times, all you need to buy with a credit card is the number, name of the holder, and expiration date, and all those can be found on the card Insane, I know -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer [getting OT]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Sunday 2007-03-25 at 13:19 +0100, Anders Johansson wrote: No, you throw them away when you see a hold up comming, so that they can't force you to give up the pin. For instance :-) The problem with that is that many times, all you need to buy with a credit card is the number, name of the holder, and expiration date, and all those can be found on the card Insane, I know Yep. Unless the owner has time the same day to denounce the card loss to the company. By the way... I know of at least one e-commerce institution that does not accept credit card payment from Internet. It has to be bank transfer, or postal payment on arrival (which is more expensive). I wonder why. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBoy7tTMYHG2NR9URAspBAJ9lavttRJsaqcF9z5BDQijS2SX+xwCeNQmF eGnnz46f4Go1oEmLYOG1D+c= =UeQk -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Saturday 24 March 2007 13:34, David Brodbeck wrote: Rajko M. wrote: 2) Is there any bank that is asking for such identification for credit cards? There will be no so much problems with stolen identities if they would. Fingerprint readers are not foolproof. I remember reading an article not long ago where some researchers took impressions of people's fingers and made fake fingerprints out of gelatin. They fooled several popular fingerprint reading devices. This worries me because fingerprint technology effectively relies on a secret password that cannot be changed. If someone finds out your PIN, you can always change it. If someone steals your fingerprints, you're stuck. Over-reliance on biometrics may create more problems than it solves. This was done on a popular show Mythbusters. They are not accomplished crooks but figured out how to do it in a short period of time. They did not reveal the information on how they managed to defeat the reader, but the manufacturer did claim it was foolproof, guess not. One way or another information on new technology gets leaked and it gets busted.. Mike -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Sat, 2007-03-24 at 17:19 -0800, John Andersen wrote: On Saturday 24 March 2007, Carlos E. R. wrote: The Saturday 2007-03-24 at 19:52 -0500, Rajko M. wrote: I know... but it was a bank manager who told me the photo is dangerous. I would change the bank, promptly. He is not my bank manager, but happens to be my friend, so I trust him. Then he would not be offended if you asked him to explain himself in more detail. Its odd that all banks offer this and encourage it and this bank manager seems to know of some undisclosed danger It may well be easy to fake this form of document. In which case forcing one to present a hard to impossible to fake ID is better, IMO. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Sunday 25 March 2007 10:25, Mike McMullin wrote: It may well be easy to fake this form of document. In which case forcing one to present a hard to impossible to fake ID is better, IMO. Something hard to impossible to copy, can turn as a problem. Who can check with bare eye and little experience all the lines, seals, images and secret marks, as well as signs that someone tempered with real document? Only very few experts can do that. That is the point where hard to impossible to temper with becomes weak point in real life. The image on the credit card serves only one purpose, to make card lesser attractive for many thieves. -- Regards, Rajko. http://en.opensuse.org/Portal -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Sun, 2007-03-25 at 17:39 -0500, Rajko M. wrote: On Sunday 25 March 2007 10:25, Mike McMullin wrote: It may well be easy to fake this form of document. In which case forcing one to present a hard to impossible to fake ID is better, IMO. Something hard to impossible to copy, can turn as a problem. Who can check with bare eye and little experience all the lines, seals, images and secret marks, as well as signs that someone tempered with real document? Only very few experts can do that. That is the point where hard to impossible to temper with becomes weak point in real life. The image on the credit card serves only one purpose, to make card lesser attractive for many thieves. Current Canadian Birth Certificates have built in anti-forgery images, such that they become invalid when laminated. Of course you're talking to someone who blacked out his signature line on his credit cards so that the transaction has to be challenged by a valid g'ment photo ID card. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
John Andersen wrote: The replication of the finger print is a bit beyond the skills of the ordinary snatch-n-run artist. Some one has been watching too much CSI: Miami. You can dismiss it if you want, but it's been demonstrated using fairly crude materials and methods. For example: http://www.dansdata.com/uareu.htm -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Friday 23 March 2007 19:59, Carlos E. R. wrote: Credit cards. I heard some thugs already cut fingers to activate some stolen cards. Might be an urban legend, tough. 1) It is the case where credit card owner will not complain about stolen card, and wouldn't care for finger. I can imagine only one case where this is possible and in that case avoiding fingerprint technology would not change anything, because mischief already did what he intended and taking finger instead of forcing person to use it is the only way. 2) Is there any bank that is asking for such identification for credit cards? There will be no so much problems with stolen identities if they would. 3) The only case where banks are asking for fingerprint is when you cash paycheck in a employers brank, not yours. Other will refuse to cash it anyway. So how to use finger in the middle of the bank? What is amusing are not creators of urban legend, but people that believe in. Telling stories is what makes our lives not so boring, but believing each story ... BTW, this one is invented by folk that would have more problems to steal accounts if access would be protected with easy to apply and hard to guess technology, instead of passwords. -- Regards, Rajko. http://en.opensuse.org/Portal -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Friday 23 March 2007 19:54, Carlos E. R. wrote: The Saturday 2007-03-24 at 00:35 +0100, Michael Skiba wrote: Am Samstag, 24. März 2007 00:23 schrieb rich3800@: What about eye iris scans? Someone can cut your fingers off but cutting your eyes off? I imagine that the gelatinous nature of eye matter would make it very hard if not impossible to remove the eye to hold it in front of a scanner for an accurate reading. Well in the movie they always cut off the whole head then.. (dunno if it's working or not, anyway I'd prefer to stay with my head ;D ). Yah... The problem is not only using some body part that will not work if removed, but making sure that the bad guys knows it will not work. You see, they may remove for eye or your head, only to find out it doesn't give them access - but you are none the better! Thus, I'm against biometric security. You bought the story? For one that is ready to kill, would be easier to force someone to give the money using a threat than to go long way to cut off body part and find the way to buypass security? The stories like this are useful for guys that would like to have money by stealing easy to guess passwords, and biometric will make their lives harder. It is easy apply and many of present customers will all of the sudden have strong authentication that is not easy to guess. -- Regards, Rajko. http://en.opensuse.org/Portal -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Saturday 2007-03-24 at 09:00 -0500, Rajko M. wrote: 2) Is there any bank that is asking for such identification for credit cards? There will be no so much problems with stolen identities if they would. I read somewhere that there are, yes; as an experiment, I think. Perhaps I read about it on the ieee Spectrum. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBUcTtTMYHG2NR9URAqY/AJwNKzvRr4NSP3AQcBV0JBL3F/SMcQCeJZo6 aJQ+bjwm6S9eHpnU0TTOeZc= =wHDF -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer [getting OT]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Saturday 2007-03-24 at 08:54 -0700, Randall R Schulz wrote: Over here Visa is running TV advertisements about how joyous and wonderful your life will be if when you use their fingerprint readers to confirm your Visa card purchases. It's also brings the joyful spending of money by everyone around you to a screeching, grinding halt if you pay with cash. I have stopped using credit cards. Some one duplicated my late father credit card and stole us 1200 Eur in two days, the maximum for the card. The bank refused to return the money back and we had to fight for it for months, and we only got about 60% back (we did not want to go to court). They used some kind of reader piggybacked on the bank hole on the wall. Agreed, biometric data would stop that kind of theft, probably (so would a smart chip, instead of a magnetic strip; but as they are more expensive banks don't use them). But I don't trust it. I trust the bad guys less, they will invent something else to part us from our money. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBU4OtTMYHG2NR9URAsItAJ9vC+MEU2IQ1c6DkjU/5DWanDoL/wCcDWqe FsCnrjfqK/jMl20i5TYTm5k= =SMZT -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Saturday 2007-03-24 at 09:19 -0500, Rajko M. wrote: Thus, I'm against biometric security. You bought the story? I'm seriously worried. For one that is ready to kill, would be easier to force someone to give the money using a threat than to go long way to cut off body part and find the way to buypass security? The stories like this are useful for guys that would like to have money by stealing easy to guess passwords, and biometric will make their lives harder. It is easy apply and many of present customers will all of the sudden have strong authentication that is not easy to guess. Perhaps. It is similar to people not wanting their photo on their credit cards. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBUe9tTMYHG2NR9URAmWDAJ91TN0B+cqZp5fxl/UlXmwe02pWYgCfW64G 6f5vsg4n6Bx4IyUrTdhcnCo= =KfXV -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Saturday 24 March 2007 08:43, Carlos E. R. wrote: The Saturday 2007-03-24 at 09:00 -0500, Rajko M. wrote: 2) Is there any bank that is asking for such identification for credit cards? There will be no so much problems with stolen identities if they would. I read somewhere that there are, yes; as an experiment, I think. Perhaps I read about it on the ieee Spectrum. Over here Visa is running TV advertisements about how joyous and wonderful your life will be if when you use their fingerprint readers to confirm your Visa card purchases. It's also brings the joyful spending of money by everyone around you to a screeching, grinding halt if you pay with cash. It makes me gag... -- Cheers, Carlos E. R. Randall Schulz -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Saturday 24 March 2007 10:46, Carlos E. R. wrote: It is similar to people not wanting their photo on their credit cards. Is there reason not to have? -- Regards, Rajko. http://en.opensuse.org/Portal -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
Rajko M. wrote: 2) Is there any bank that is asking for such identification for credit cards? There will be no so much problems with stolen identities if they would. Fingerprint readers are not foolproof. I remember reading an article not long ago where some researchers took impressions of people's fingers and made fake fingerprints out of gelatin. They fooled several popular fingerprint reading devices. This worries me because fingerprint technology effectively relies on a secret password that cannot be changed. If someone finds out your PIN, you can always change it. If someone steals your fingerprints, you're stuck. Over-reliance on biometrics may create more problems than it solves. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Saturday 2007-03-24 at 11:26 -0500, Rajko M. wrote: On Saturday 24 March 2007 10:46, Carlos E. R. wrote: It is similar to people not wanting their photo on their credit cards. Is there reason not to have? Yep. In my country, we have official ID cards, so the photo is not necessary. Plus, in a pinch, you can discard the card: the tugs can not find the owner and force him/her to give away the pin. For hold-ups. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBXKjtTMYHG2NR9URApozAKCILBdiOO+ephkFiSpRkYdpBs2g8ACeOsA9 OzLQfnP9yEYQI3dwxWIq60c= =C0GD -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Saturday 24 March 2007, Carlos E. R. wrote: The Saturday 2007-03-24 at 11:26 -0500, Rajko M. wrote: On Saturday 24 March 2007 10:46, Carlos E. R. wrote: It is similar to people not wanting their photo on their credit cards. Is there reason not to have? Yep. In my country, we have official ID cards, so the photo is not necessary. Plus, in a pinch, you can discard the card: the tugs can not find the owner and force him/her to give away the pin. For hold-ups. Awe come on Carlos, how many times do they ask you to whip out your Official ID to prove you are Carlos when you stop in for a quick bite to eat of gas up the car? You can bet they would if the photo on the card didn't match your smiling visage. As for Finding you and forcing you, would it not be easier to just grab any Carlos, Juan, or Carlota off the street and force them to hand over their card AND their pin? After they force you, one call by you to the issuing company and the card and the pin is useless. This reason seems bogus to me. -- _ John Andersen -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Saturday 24 March 2007, David Brodbeck wrote: If someone steals your fingerprints, you're stuck. Over-reliance on biometrics may create more problems than it solves. Not as long as I have one more finger. I can always start using a different finger for the reader. The replication of the finger print is a bit beyond the skills of the ordinary snatch-n-run artist. Some one has been watching too much CSI: Miami. But for those one-in-a-million thiefs that used to work for the CIA or the KGB and who passed their finger print replication class, I would have to concede that when they ripped off my laptop they also got a complete set of my prints thrown in for free. -- _ John Andersen pgpx5Pw0o7hjj.pgp Description: PGP signature
Re: [opensuse] Adding biometric security to a computer [getting OT]
On Saturday 24 March 2007, Carlos E. R. wrote: I have stopped using credit cards. Some one duplicated my late father credit card and stole us 1200 Eur in two days, the maximum for the card. The bank refused to return the money back and we had to fight for it for months, and we only got about 60% back (we did not want to go to court). Well we had a similar incident this very week. But to show you the difference between banks and card companies, the first person to spot fraudulent use of our card was the credit card company. They called us, can informed us the card number was used fraudulently in different places, and they had canceled the card and we would have a new one by express delivery the next day. We were stuck with no charges at all. Their computers detected unusual buying practices, and kicked it out for review by humans. Scarry to some I suppose. The particular Fraudster scam that was done goes something like this... Somehow get the card number and name/address and three digit code, probably by breaking into some on-line web site where a legitimate purchase was made... Visit a Best-Buy web site, and order a bunch of stuff, then check the box saying you will pick it up at so-and-such branch. So-and-such branch do not check that carefully, and deliver the goods to anyone having the print out of the on-line receipt that matches their computerized order. Best Buy is being heavily leaned on to dis-continue this practice but so far they think its worth it to them to eat the fraud loss. -- _ John Andersen pgpROl7fd1OKy.pgp Description: PGP signature
Re: [opensuse] Adding biometric security to a computer
On Sat, 2007-03-24 at 11:26 -0500, Rajko M. wrote: On Saturday 24 March 2007 10:46, Carlos E. R. wrote: It is similar to people not wanting their photo on their credit cards. Is there reason not to have? Oddly enough, the customers wishes work as adequate reason. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Saturday 2007-03-24 at 12:47 -0800, John Andersen wrote: In my country, we have official ID cards, so the photo is not necessary. Plus, in a pinch, you can discard the card: the tugs can not find the owner and force him/her to give away the pin. For hold-ups. Awe come on Carlos, how many times do they ask you to whip out your Official ID to prove you are Carlos when you stop in for a quick bite to eat of gas up the car? Depends... some places have that policy, specially supermarkets. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBa9ntTMYHG2NR9URAmHHAJ9cj++LiXL77Fuf5PeaPdDm0OekWACgk1Ge qY/Yf+4GIx3J7mGWgQDRXPU= =tQ4j -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Saturday 24 March 2007, Carlos E. R. wrote: The Saturday 2007-03-24 at 12:47 -0800, John Andersen wrote: In my country, we have official ID cards, so the photo is not necessary. Plus, in a pinch, you can discard the card: the tugs can not find the owner and force him/her to give away the pin. For hold-ups. Awe come on Carlos, how many times do they ask you to whip out your Official ID to prove you are Carlos when you stop in for a quick bite to eat of gas up the car? Depends... some places have that policy, specially supermarkets. Would they do that if your picture WAS on the card? It seems you like to make trouble for yourself.. ;-) -- _ John Andersen -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Saturday 2007-03-24 at 15:12 -0800, John Andersen wrote: Would they do that if your picture WAS on the card? It seems you like to make trouble for yourself.. ;-) I know... but it was a bank manager who told me the photo is dangerous. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBbQOtTMYHG2NR9URAl7FAJ9uwAYvjZiF2vP3pJiityqkDMg6gQCgmJ9O +v7FiYEjbryElkeyQpSLpL0= =nHok -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Saturday 2007-03-24 11:43, Carlos E. R. wrote: The Saturday 2007-03-24 at 09:00 -0500, Rajko M. wrote: 2) Is there any bank that is asking for such identification for credit cards? There will be no so much problems with stolen identities if they would. I read somewhere that there are, yes; as an experiment, I think. Perhaps I read about it on the ieee Spectrum. I know of a few universities that have moved to fingerprint identification for students. The reader network is established in the libraries, cafeterias, snack bars book stores, and a growing number of establishments off campus. The students don't need their ID cards to check out books, get fed on campus, and they don't need to carry cash for purchases. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Saturday 24 March 2007 18:28, Carlos E. R. wrote: The Saturday 2007-03-24 at 15:12 -0800, John Andersen wrote: Would they do that if your picture WAS on the card? It seems you like to make trouble for yourself.. ;-) I know... but it was a bank manager who told me the photo is dangerous. I would change the bank, promptly. -- Regards, Rajko. http://en.opensuse.org/Portal -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Saturday 24 March 2007 19:40, Ken Jennings wrote: On Saturday 2007-03-24 11:43, Carlos E. R. wrote: The Saturday 2007-03-24 at 09:00 -0500, Rajko M. wrote: 2) Is there any bank that is asking for such identification for credit cards? There will be no so much problems with stolen identities if they would. I read somewhere that there are, yes; as an experiment, I think. Perhaps I read about it on the ieee Spectrum. I know of a few universities that have moved to fingerprint identification for students. The reader network is established in the libraries, cafeterias, snack bars book stores, and a growing number of establishments off campus. The students don't need their ID cards to check out books, get fed on campus, and they don't need to carry cash for purchases. And who will try to pull out someones finger in the middle of cafeteria ;-) -- Regards, Rajko. http://en.opensuse.org/Portal -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Saturday 2007-03-24 at 19:52 -0500, Rajko M. wrote: I know... but it was a bank manager who told me the photo is dangerous. I would change the bank, promptly. He is not my bank manager, but happens to be my friend, so I trust him. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBc13tTMYHG2NR9URAjrJAJ0ZG+oHc/xiGK50ASvZjVg85uIeSQCfUCFH 84w3u0rOzjwJOu7JVszjMj0= =XmHw -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Saturday 24 March 2007, Carlos E. R. wrote: The Saturday 2007-03-24 at 19:52 -0500, Rajko M. wrote: I know... but it was a bank manager who told me the photo is dangerous. I would change the bank, promptly. He is not my bank manager, but happens to be my friend, so I trust him. Then he would not be offended if you asked him to explain himself in more detail. Its odd that all banks offer this and encourage it and this bank manager seems to know of some undisclosed danger -- _ John Andersen pgpu7PT4twrHL.pgp Description: PGP signature
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Saturday 2007-03-24 at 17:19 -0800, John Andersen wrote: I would change the bank, promptly. He is not my bank manager, but happens to be my friend, so I trust him. Then he would not be offended if you asked him to explain himself in more detail. Its odd that all banks offer this and encourage it and this bank manager seems to know of some undisclosed danger He explained it to me and I was convinced. But my memory doesn't remember the details, just the conclusion. There are advantages in having the photo there, but you have to remember that in my particular country we don't use credit cards as IDs, because we already have mandatory ID cards, so we use both together if necessary. On the other hand, his main point was that a tug can not identify the owner of a thrown away card just by looking at the printed photo. The fact is they are not very popular here. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBdfgtTMYHG2NR9URAie4AJ93KGmr6hw/IVLH6JWzc51Yb1d5AQCeMghN Fd4CGKTG781shdG94zD/qF0= =3h24 -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Saturday 24 March 2007, Carlos E. R. wrote: On the other hand, his main point was that a tug can not identify the owner of a thrown away card just by looking at the printed photo. And in other parts of the world, no own would think of throwing away a credit card, even an expired one without cutting it up and disposing of the pieces in different places. I guess that just shows how different things can be. -- _ John Andersen pgpdDMMRSvgFP.pgp Description: PGP signature
Re: [opensuse] Adding biometric security to a computer
On Saturday 2007-03-24 19:08, Carlos E. R. wrote: The Saturday 2007-03-24 at 12:47 -0800, John Andersen wrote: In my country, we have official ID cards, so the photo is not necessary. Plus, in a pinch, you can discard the card: the tugs can not find the owner and force him/her to give away the pin. For hold-ups. Awe come on Carlos, how many times do they ask you to whip out your Official ID to prove you are Carlos when you stop in for a quick bite to eat of gas up the car? Depends... some places have that policy, specially supermarkets. Instead of a signature my credit cards all say PHOTO ID CHECK REQUIRED in the signature block. When I did that a few years ago I was surprised at how many clerks wouldn't ask. Since then, most businesses have changed their practices and now I'm surprised at the few that do not ask. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Donnerstag, 22. März 2007 14:21 schrieb Carlos E. R.: The Thursday 2007-03-22 at 08:42 +0100, Hans Witvliet wrote: Remember however, that biometric is never a replacement for a password! Fingerprints can be forged/copied Dunno about that, but they can be stolen, ie, the finger removed from it's owner... I don't like biometrics unless they can prove the owner is alive an undamaged (and make sure the bad guys know that and don't try to fool the system just in case) :-( -- Cheers, Carlos E. R. Uhm.. we're talking about laptops, right? For private usage, to make it more difficult to get access to the lost files?! We're not talking about a military/scientific/top secret or something similar which is worth beeing killed for, right? For the later thing I guess I'd prefer a gun next to my head make me reveal the password instead of getting my fingers cut, that's true :D Best regardes Michael -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFGBF7DcHwbW/zlOZoRAkRyAKCQKd+7KYeLnZ8cGFhHVkDMI3ulPgCffOk8 6tOxGzdAbYv9CMzcAgfvRvk= =0VyQ -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Samstag, 24. März 2007 00:23 schrieb [EMAIL PROTECTED]: What about eye iris scans? Someone can cut your fingers off but cutting your eyes off? I imagine that the gelatinous nature of eye matter would make it very hard if not impossible to remove the eye to hold it in front of a scanner for an accurate reading. Rich Well in the movie they always cut off the whole head then.. (dunno if it's working or not, anyway I'd prefer to stay with my head ;D ). Nice Weekend Michael -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFGBGRPcHwbW/zlOZoRAgSWAJ0QbaX2RIR4t+UmyGkOAzYevMGZ3ACeNKFl +/glj7tSVEWvZFplaZb/0k4= =Bj0j -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Saturday 2007-03-24 at 00:35 +0100, Michael Skiba wrote: Am Samstag, 24. März 2007 00:23 schrieb rich3800@: What about eye iris scans? Someone can cut your fingers off but cutting your eyes off? I imagine that the gelatinous nature of eye matter would make it very hard if not impossible to remove the eye to hold it in front of a scanner for an accurate reading. Well in the movie they always cut off the whole head then.. (dunno if it's working or not, anyway I'd prefer to stay with my head ;D ). Yah... The problem is not only using some body part that will not work if removed, but making sure that the bad guys knows it will not work. You see, they may remove for eye or your head, only to find out it doesn't give them access - but you are none the better! Thus, I'm against biometric security. - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBHa0tTMYHG2NR9URAhVaAJ99U6aef4Q2RxSizgokYo6rYgnv7wCgk6Zo H5lHRNtTOwlfz5celUnh734= =djhG -END PGP SIGNATURE-
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Saturday 2007-03-24 at 00:12 +0100, Michael Skiba wrote: Dunno about that, but they can be stolen, ie, the finger removed from it's owner... I don't like biometrics unless they can prove the owner is alive an undamaged (and make sure the bad guys know that and don't try to fool the system just in case) :-( Uhm.. we're talking about laptops, right? For private usage, to make it more difficult to get access to the lost files?! Possibly... We're not talking about a military/scientific/top secret or something similar which is worth beeing killed for, right? Credit cards. I heard some thugs already cut fingers to activate some stolen cards. Might be an urban legend, tough. Do you keep bank accounts on your PC? For the later thing I guess I'd prefer a gun next to my head make me reveal the password instead of getting my fingers cut, that's true :D Right! - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGBHfltTMYHG2NR9URAkrkAKCHh8FkAXSQa/NTf4vqBf+uc9ULiwCfT1ju hLdR6nCNOT80t/ihU5lddok= =XOu8 -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Sat, 2007-03-10 at 18:37 -0500, Michael S. Dunsavage wrote: I was wondering if it is poosible to add biometrics security to a laptop or computer somehow via a usb finger scanner or whatever. -- Michael S. Dunsavage AFAIR, there exist even a pam-module (not in the distro) for it... Some laptops (IBM-T43) has a build-in fingerprint reader. HW -- pgp-id: 926EBB12 pgp-fingerprint: BE97 1CBF FAC4 236C 4A73 F76E EDFC D032 926E BB12 Registered linux user: 75761 (http://counter.li.org) -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
On Sat, 2007-03-10 at 18:37 -0500, Michael S. Dunsavage wrote: I was wondering if it is poosible to add biometrics security to a laptop or computer somehow via a usb finger scanner or whatever. -- Michael S. Dunsavage AFAIR, there exist even a pam-module (not in the distro) for it... Some laptops (IBM-T43) has a build-in fingerprint reader. Remember however, that biometric is never a replacement for a password! Fingerprints can be forged/copied It's intended for additional factor for security What you know (password, passphrase, pin, ...) What you have (smartcard, token, ...) What you are (biometric) HW -- pgp-id: 926EBB12 pgp-fingerprint: BE97 1CBF FAC4 236C 4A73 F76E EDFC D032 926E BB12 Registered linux user: 75761 (http://counter.li.org) -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Thursday 2007-03-22 at 08:42 +0100, Hans Witvliet wrote: Remember however, that biometric is never a replacement for a password! Fingerprints can be forged/copied Dunno about that, but they can be stolen, ie, the finger removed from it's owner... I don't like biometrics unless they can prove the owner is alive an undamaged (and make sure the bad guys know that and don't try to fool the system just in case) :-( - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGAoLCtTMYHG2NR9URAgbSAJoDAlSZFaKf7tOWqIJqVXdMzZon7ACgg6Ly njUcC/mzqdXpzkXcKlFoRak= =Of2U -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Adding biometric security to a computer
Michael S. Dunsavage [EMAIL PROTECTED] writes: I was wondering if it is poosible to add biometrics security to a laptop or computer somehow via a usb finger scanner or whatever. Yes, check the libthinkfinger package - it's part of 10.2 ;-) Andreas -- Andreas Jaeger, [EMAIL PROTECTED], http://www.suse.de/~aj/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg) Maxfeldstr. 5, 90409 Nürnberg, Germany GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 pgpPFGR6ZLrnH.pgp Description: PGP signature
[opensuse] Adding biometric security to a computer
I was wondering if it is poosible to add biometrics security to a laptop or computer somehow via a usb finger scanner or whatever. -- Michael S. Dunsavage -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]