Two issues: biometrics scans have a pretty high false negative rate -- that is to say, they frequently will return different measures for the same person. This is fine for authenticating someone for access whereby their biometric info is in the database, because a failed match simply means try again. But when doing the opposite, trying to make sure that someone ISN'T in the list, it's almost useless. If the method averages 2 attempts to yield an imprint that matches an imprint of record, a screening on that data will fail 50% of the time. You might use it to authenticate that an individual matches their creddentials (passport) which may contain a biometric imprint, but that simply screens out those that don't have the resources for a forgery (and, presumably, those that are a threat have those resources; after all, the issuer of the passport has the resources).
Worse: it screens for people and not threats. That is to say, any individual may be a threat, and only a fraction of those that are a threat will be recognized as a threat - until they do something (by which time it's too late). For those that might suspect that they are labelled as threatening, they can take a pleasure trip somewhere and instantly know if they are being watched. Assuming a negative on the screening process, they know with certainty that they are not being watched.
Where's the security? I understand this sort of thing is great tool for authoritarian regimes, but if we assume that we haven't come to that quite yet, where's the logic?
Two issues: biometrics scans have a pretty high false negative rate -- that is to say, they frequently will return different measures for the same person. This is fine for authenticating someone for access whereby their biometric info is in the database, because a failed match simply means try again. But when doing the opposite, trying to make sure that someone ISN'T in the list, it's almost useless. If the method averages 2 attempts to yield an imprint that matches an imprint of record, a screening on that data will fail 50% of the time. You might use it to authenticate that an individual matches their creddentials (passport) which may contain a biometric imprint, but that simply screens out those that don't have the resources for a forgery (and, presumably, those that are a threat have those resources; after all, the issuer of the passport has the resources).
Worse: it screens for people and not threats. That is to say, any individual may be a threat, and only a fraction of those that are a threat will be recognized as a threat - until they do something (by which time it's too late). For those that might suspect that they are labelled as threatening, they can take a pleasure trip somewhere and instantly know if they are being watched. Assuming a negative on the screening process, they know with certainty that they are not being watched.
Where's the security? I understand this sort of thing is great tool for authoritarian regimes, but if we assume that we haven't come to that quite yet, where's the logic?
Web giant is spending $120 million to beef up its Mountain View, Calif., headquarters, according to filings with the city reviewed by the San Jose Mercury News.
The Samsung Galaxy Mini 2 S6500 could make its debut at the Mobile World Congress in Barcelona later this month, according to a leaked promotional image.
MIT creates a simulation to celebrate the 50th anniversary of Spacewar. A relic of the early days of minicomputers, it was one of the first computer video games and set the stage for many others, including Asteroids.
Photos: Biometric systems stand guard
false negative rate -- that is to say, they
frequently will return different measures for
the same person. This is fine for authenticating
someone for access whereby their biometric info
is in the database, because a failed match
simply means try again. But when doing the
opposite, trying to make sure that someone ISN'T
in the list, it's almost useless. If the method
averages 2 attempts to yield an imprint that
matches an imprint of record, a screening on
that data will fail 50% of the time. You might
use it to authenticate that an individual
matches their creddentials (passport) which may
contain a biometric imprint, but that simply
screens out those that don't have the resources
for a forgery (and, presumably, those that are a
threat have those resources; after all, the
issuer of the passport has the resources).
Worse: it screens for people and not threats.
That is to say, any individual may be a threat,
and only a fraction of those that are a threat
will be recognized as a threat - until they do
something (by which time it's too late). For
those that might suspect that they are labelled
as threatening, they can take a pleasure trip
somewhere and instantly know if they are being
watched. Assuming a negative on the screening
process, they know with certainty that they are
not being watched.
Where's the security? I understand this sort of
thing is great tool for authoritarian regimes,
but if we assume that we haven't come to that
quite yet, where's the logic?
false negative rate -- that is to say, they
frequently will return different measures for
the same person. This is fine for authenticating
someone for access whereby their biometric info
is in the database, because a failed match
simply means try again. But when doing the
opposite, trying to make sure that someone ISN'T
in the list, it's almost useless. If the method
averages 2 attempts to yield an imprint that
matches an imprint of record, a screening on
that data will fail 50% of the time. You might
use it to authenticate that an individual
matches their creddentials (passport) which may
contain a biometric imprint, but that simply
screens out those that don't have the resources
for a forgery (and, presumably, those that are a
threat have those resources; after all, the
issuer of the passport has the resources).
Worse: it screens for people and not threats.
That is to say, any individual may be a threat,
and only a fraction of those that are a threat
will be recognized as a threat - until they do
something (by which time it's too late). For
those that might suspect that they are labelled
as threatening, they can take a pleasure trip
somewhere and instantly know if they are being
watched. Assuming a negative on the screening
process, they know with certainty that they are
not being watched.
Where's the security? I understand this sort of
thing is great tool for authoritarian regimes,
but if we assume that we haven't come to that
quite yet, where's the logic?