data encryption + Biometric security

Harald Welte laforge at openmoko.org
Sat Feb 3 15:01:06 CET 2007


On Thu, Feb 01, 2007 at 10:11:41AM -0700, Ben Burdette wrote:
> Here are a couple of items for the phone wish list:  data encryption and 
> biometric security.  

data encryption will not be that much of a problem.  There will not
[yet] be a easy-to-use user interface, but we will have dm-crypt modules
in our kernel, and make sure all user data is stored in one specific
location.  So once you mount a crypto volume there, you have it
basically working.

As for 'biometric security':  In my 'life before OpenMoko', I've been
working as an IT security expert.  I've been doing a lot of research on
RFID security and biometrics, too.

Believe me, there is no single fingerprint scanner that I've ever seen
which could not be tricked one way or the other.  In most cases, it is
_EXTREMELY_ easy (see e.g. http://www.ccc.de/biometrie/fingerabdruck_kopieren)

Also, what is the end result, if there is some really important stuff
protected by a fingerprint scanner?  Malicious people will cut off your
finger.  Don't laugh, it has happened before.  There are proven cases,
e.g. where a carjacker cut off the finger of his victim in order to be
able to steal the car.

Thus, I don't think that fingerprint recognition is by any means a
contribution to security.

-- 
- Harald Welte <laforge at openmoko.org>          	        http://openmoko.org/
============================================================================
Software for the world's first truly open Free Software mobile phone




More information about the community mailing list