Author Archives: Tigr

Biometrics is not for authentication, folks!

The capacity of people to persist in their delusions never seizes to amaze me.

A yet another researcher is wondering why biometric authentication does not work: “Ten to twenty per cent of utterances collected by voice biometrics systems are not strong identifiers of the individual that spoke them…”, says Dr. Clive Summerfield.

There is a serious problem with biometrics, and maybe this problem is not voiced sufficiently loud, since we have the same thing again and again. The problem is: biometric characteristics cannot be changed. Everybody knows that, right? The logical consequence of that is: the biometric data can be successfully used to identify a person but cannot be used to authenticate a person. Let me repeat that:

The biometric data can be used to identify but not to authenticate a person.

It works very well as a means of identifying someone and that is how we used it for so many years quite successfully (what do you think your picture in the passport is?) But in order to use it to authenticate a person, to be an authentication token, the person must be able to change it. Must be able to change the biometric data, period. There is no other way. And almost all research in biometrics rotates around this silly subject: how to change the immutable? After twenty years of this circus it should be obvious to everyone and their dog but no-o-o…

Biometric data is successfully used for identification for thousands of years precisely because it is difficult to change. And biometric data could never be used for authentication because it is so hard to change. It is that simple and still we have hundreds of people around the globe deny the obvious.

Here is a simple rule of thumb: if a “security specialist” talks about providing authentication based on biometric data – run for your life!… -->

continue reading →

Where will you get a good TV?

I am looking at the reports for TV sales for the last quarter of the last year comparing it to the previous year. What most analysts are interested in is the amount of shipments and how good LCD compared to other technologies is doing and why there is a little decline in TV shipments and things like that.

I am looking at it and I am feeling very sad. Here is why. The best TV manufacturers are historically Japanese. We may argue about it all day long but you would never call a Sony TV set “bad”, would you? Same goes for Sharp. The best two manufacturers of TVs in history of flat panels. And so I am very sad to see how they keep shrinking away under the pressure of their cheap-junk-TV competition. Sad, sad story. Where will you get your TV in 10 years if all you will have is junk, eh?

-->

continue reading →

xkcd on pickup artists, negging and life

Excellent:

You look like you are going to spend your life having one epiphany after another, always thinking you’ve finally figured out what’s holding you back, and how you can be productive and crerative and turn your life around.
But nothing will ever change. That cycle of mediocrity isn’t due to some obstacle. It’s who you are.
The thing standing in the way of your dreams is that the person having them is you.

-->

continue reading →

Quote of the day

A very suitable quote for today:

“In September last year, Putin and Medvedev announced their plans to swap jobs after Medvedev’s presidential term expires in 2012. Putin said the plans were agreed four years ago when he picked Medvedev as his successor on the presidential post.”

— RIA Novosti, 2 March 2012

Well planned and executed. Duh, the democracy.… -->

continue reading →

Elections

As Forbes joked, “in a country where there is an Old New Year must be an old new president too.”

On the elections:

  • Russia’s Putin faces protests after poll triumph
  • Russia election: Vladimir Putin celebrates victory
  • Vladimir Putin: ‘We have won. Glory to Russia’

On the “democraty”:

  • Selective capitalism and kleptocracy
  • As Russia Claims Democracy, Is It Redefining The Word?
  • Природа (нашей) демократии

The unfortunate thing about the elections in Russia is that they are boring. At least in some other countries the elections are staged so that you have an illusion of a fight for power, you get excited over the process and wait eagerly for results. Russia does not bother. Boring.… -->

continue reading →

FSF: Defend user freedom on tablets and smartphones

In December, Microsoft apparently conceded to public pressure by quietly updating the Windows 8 logo certification requirements with a mandate that a desktop computer user must be able to control (and disable) the Secure Boot feature on any Windows 8 computer that is not based on ARM technology. This looks like a victory for free software users, as it will allow a person to install GNU/Linux or other free software operating system in place of Windows 8.

But, this is no time for celebration, because Microsoft has also added a treacherous mandate for makers of ARM-based computers — such as a tablets, netbooks, and smartphones — requiring them to build their machines with Restricted Boot technology. Such computers are designed to lock a user into only being able to run Windows 8, absolutely preventing her from being able to install a free software operating system on her computer. Since smartphones and tablets are some of the most commonly used computers, it’s vital that we get straightforward and clear information about this threat out to the public.

Already know what this is about? Then take action now:

  • Raise awareness and have fun while putting pressure on Microsoft and computer makers by entering the Restricted Boot Webcomic Contest.
    • Winning submissions will be featured on the front page of fsf.org for a month.
    • Entries must be submitted by March 17th by emailing campaigns@fsf.org.
  • Sign the statement “Stand up for your freedom to install free software.”
    • For individuals
    • For organizations and corporations

If this is the first you’re hearing about this whole Restricted Boot vs. Secure Boot business, read the full story.

You can support this campaign and the rest of the FSF’s work by joining as a member or making a donation today.

Sincerely,

Josh, John, Matt, and Richard
Free Software Foundation

P.S. This is a verbatim copy of the FSF newsletter. I see no need to say it differently.… -->

continue reading →

Quote of the day

Plato says:

Rhetoric, it seems, is a producer of persuasion for belief, not for instruction in the matter of right and wrong … And so the rhetorician’s business is not to instruct a law court or a public meeting in matters of right and wrong, but only to make them believe.
Then the case is the same in all the other arts for the orator and his rhetoric; there is no need to know the truth of the actual matters, but one merely needs to have discovered some device of persuasion which will make one appear to those who do not know to know better than those who know.

How true, how true… The whole point of any public speaking, be it on TV or in a meeting room, is not to bring the enlightenment but merely to convince. And this simple truth takes years to discover. Some may think that reading Plato in the young age may spare us some difficulty and suffering but I disagree. One must become ready through experience to accept such simple truths.

The obvious consequence should not escape our attention: any public speaking should be seen as an attempt to convince you, not to make you better off. Simple, neh?… -->

continue reading →

RSA: 99.8% Security

The folks over at École Polytechnique of Lausanne have published a very interesting paper titled “Ron was wrong, Whit is right“. This is not too mathematical for a cryptanalitical paper and understandable even to someone without crypto background. It is more of an investigation into the properties of the public keys available publically on the internet. The guys explain how by collecting a large number of keys from the internet in very proper and official ways and analyzing them they were able to find collisions that basically allow one person to impersonate another not to mention some basically weak keys that offer no security at all. Fascinating stuff.

A cool comment is all the way at the bottom says:

“The lack of sophistication of our methods and findings make it hard for us to believe that what we have presented is new, in particular to agencies and parties that are known for their curiosity in such matters. It may shed new light on NIST’s 1991 decision to adopt DSA as digital signature standard as opposed to RSA, back then a “public controversy”.

Which is probably true, you know…… -->

continue reading →