The overall lesson I get from this is that one needs to do a true
cost-benefit analysis of every authentication scheme. Don't just take the "it is
more secure" mantra and apply it indiscriminately. We all agreed that the value
of the owner's finger is greater than the value of the Mercedes, so a security
technology that can cost the finger while protecting the Merc is not a valid
cost-benefit trade-off. This seems obvious in hindsight, but it probably was not
considered in creation of the biometric authentication device for the Mercedes.
This is one problem with nearly all biometric devices. Since they depend on
biological characteristics for providing the authenticity check, they are
bypassed/breached by subverting those processes. But subversion of a biologic
process can have far more catastrophic consequences than bypass of other
processes such as binary processes.
This also gets back to the meaning of security. Although some have used the
Confidentiality, Integrity, Availability triad as a definition, a better
definition would be that an asset is secure when it is protected so the expected
value of the disclosure, corruption, or loss of that asset (in statistical, risk
sense) is significantly less than the value of that asset. In this case, the
biometric secured one asset, but exposed another (the finger) to a much greater
security exposure.

-----Original Message-----
[] On Behalf Of Paul D.
Sent: Thursday, April 14, 2005 11:32 AM
To: Mark Boltz
Subject: Re: [fw-wiz] Re: Biometrics

The whole point (and why I think it's important to continue this thread a
bit past its due date) is that in the case of biometric authentication,
the authenticator is *probably* more important to the user than the thing
being protected- especially when the attack is a denial-of-service attack
(be it as a precursor to a new attack, or malice because the attacker
decides that if it won't work for them, it won't work for you either.).

firewall-wizards mailing list