Security, openness and biometrics

Ben Goldacre has an interesting take on the dangers of Brtain’s proposed ID card scheme. This comes in the wake of the Inland Revenue losing 25m records in the post. Goldacre challenges one of the massive assumptions our government seems to make about security.

…security systems which rely on secret methods are less secure than open systems because the greater the number of people who know about the system the more people there are to spot holes in it, and it is important that there are no holes.

He raises serious doubts about the government’s faith in biometric security, suggesting fingerprints are easy enough to fake.

every time you touch something, if your security systems rely on biometric ID, then you’re essentially leaving your pin number on a post-it note… And once your fingerprints are stolen, they are harder to replace than your pin number.

2 thoughts on “Security, openness and biometrics

  1. Earl Mardle

    Two points about this.

    The problem is that control freaks (read governments and the people who want to RUN them) think that control comes from other people not knowing what you know. They are constitutionally incapable of dealing with the cognitive dissonance they experience in trying to put together the idea that security comes from openness. I think it comes from the infantile thing that says you can be safe if you hide. Extrapolate.

    The other is that I caught one of those CIS Wherever episode, or an NCIS one maybe, that showed how you can take a fingerprint, crate a negative, etch the neg and use the result to create a latex positive of the print that you can use to incriminate someone else.

    I think it was also used in Bond movie.

    Next stop, an online shop that sells custom prints off the shelf and pretty soon every crime is being committed by some celebrity or George Bush, or a combination of 5 different people for those wanting to really waste forensic time.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.