Jump to content
Manx Forums - A Discussion Board & Classifieds for the Isle of Man

Biometric Fingerprinting - Pag Talk

Charles Flynn

By Charles Flynn
in Local News

Recommended Posts

ai_Droid Newbie

ai_Droid

Posted
Posted
The fact that the number is stored and that the same number will be recreated with each time it is used, as this is the point.......

 

Why must you be continually corrected on this simple point, it's been repeated over and over? The same number wont be created, it's a hash of a propriatory recognition algorythm. This isn't data you can cross reference or extract.

 

If I have a thumbprint that I want to trace back to a person, I could scan it into the database and it would give me the details stored on that person. The issue is with the data storage being compromised in the future, whether by accident or not. No system is foolproof!

 

That's true of any database. If you had a library card, you could do exactly the same thing, yet you don't complain about a school computerising it's library system. It's only the biometrics that got your tin hat sparking.

 

 

The issue with the school is that if you use a certain product then you become used to it and accept it, therefore later on in life it would be minor to have it included on a passport/id card etc.

 

Glad to see the use of links to verify information :D

 

Where's yours?

 

This is conjecture. There's no research to back up this assumption, there's no evidence that this is true based on such systems being rolled out in other areas. You've basically made this up.

Link to comment
Share on other sites
  • Replies 277
  • Created
  • Last Reply
Cambon Mentor

Cambon

Posted
Posted
Thank you for finally admitting the data is stored.

 

Yes the hash is stored not the fingerprint.

 

So here's the MD5 hash for 'knobjockey'

 

21761f4a9fd7d9689aaaeca16229692b

 

this is what's stored to match it against:

 

21761f4a9fd7d9689aaaeca16229692b

 

now without knowing you are knobjockey you are going to have a hard time working out what 21761f4a9fd7d9689aaaeca16229692b means.

 

 

Slinky and Droidy - MD5 is only a calculation that gives the same result. Someone has the source (more than likely several hundred or thousand people). if you have the source you have the calculation. Which means you can write code to reverse the calculation. I'll bet the team who wrote it did write a reverse code if only to test the MD5 hash was consistant. It is not that difficult.

 

 

 

Droid - The whole point of chip and pin was to protect the banks. It was one of the best marketing cons the banks have come up with in recent years. I agree with you on the two way approach, even if the other method is simply checking the signature.

Link to comment
Share on other sites
ai_Droid Newbie

ai_Droid

Posted
Posted
Slinky and Droidy - MD5 is only a calculation that gives the same result. Someone has the source (more than likely several hundred or thousand people). if you have the source you have the calculation. Which means you can write code to reverse the calculation. I'll bet the team who wrote it did write a reverse code if only to test the MD5 hash was consistant. It is not that difficult.

 

Oh come on, you can't be this stupid. You check it's consistant by re applying the hash to the same data and checking the result. That's actually the point.

 

'someone has the source', it's open source. Everyone has the source.

 

 

Droid - The whole point of chip and pin was to protect the banks. It was one of the best marketing cons the banks have come up with in recent years. I agree with you on the two way approach, even if the other method is simply checking the signature.

 

Given it's worked in reducing poing of sale fraud significantly at no cost to the consumer, I wouldn't call it a con. It just doesn't go as far as I'd like it to go.

 

Your signature is a biometric, I thought you were against such things?

Link to comment
Share on other sites
Dodger Newbie

Dodger

Posted
Posted
The fact that the number is stored and that the same number will be recreated with each time it is used, as this is the point.......

 

Why must you be continually corrected on this simple point, it's been repeated over and over? The same number wont be created, it's a hash of a propriatory recognition algorythm. This isn't data you can cross reference or extract.

 

A algorythm/number that is in the database and the one you get each and every time you scan your thumbprint identifys you, otherwise it wouldn't work!

 

If I have a thumbprint that I want to trace back to a person, I could scan it into the database and it would give me the details stored on that person. The issue is with the data storage being compromised in the future, whether by accident or not. No system is foolproof!

 

That's true of any database. If you had a library card, you could do exactly the same thing, yet you don't complain about a school computerising it's library system. It's only the biometrics that got your tin hat sparking.

 

Computerising the library wouldn't mean my childrens details are linked, it is about putting the books onto a system! You didn't comment though on data storage being compromised!

 

 

The issue with the school is that if you use a certain product then you become used to it and accept it, therefore later on in life it would be minor to have it included on a passport/id card etc.

 

Glad to see the use of links to verify information :D

 

Where's yours?

 

This is conjecture. There's no research to back up this assumption, there's no evidence that this is true based on such systems being rolled out in other areas. You've basically made this up.

 

The passports and ID cards are looking to store biometrics and they have kept the types open! When Computers came along people accepted the advancement, little did they see the possible uses in the future, how do we know what uses our biometrics are going to be used for and how secure the systems are that store the masters for verification. If anyone knew the future.................You can't just assume that everything will be OK! Safeguards need to be put in place and if there isn't a clear need for a thumbprint identification system then it shouldn't be used.

 

I wouldn't like the hospital to use thumbprints for access to the pharmacy, which would be a potentially good use of a biometric identification system! The idea of a two tier system would be better, but, how easy would it be to overcome? I still feel it is unnecessary for primary schools to do this, mainly because they were not data protection compliant and needed to have a positive opt in not an assumption.

 

I have provided plenty of links, but was advised I should provide my own ideas. Check the previous links.....

Link to comment
Share on other sites
Cambon Mentor

Cambon

Posted
Posted
The passports and ID cards are looking to store biometrics and they have kept the types open! When Computers came along people accepted the advancement, little did they see the possible uses in the future, how do we know what uses our biometrics are going to be used for and how secure the systems are that store the masters for verification. If anyone knew the future.................You can't just assume that everything will be OK! Safeguards need to be put in place and if there isn't a clear need for a thumbprint identification system then it shouldn't be used.

 

I wouldn't like the hospital to use thumbprints for access to the pharmacy, which would be a potentially good use of a biometric identification system! The idea of a two tier system would be better, but, how easy would it be to overcome? I still feel it is unnecessary for primary schools to do this, mainly because they were not data protection compliant and needed to have a positive opt in not an assumption.

 

I have provided plenty of links, but was advised I should provide my own ideas. Check the previous links.....

 

Dodger, You have already been told, alright. Your links are all rubbish and your are scaremongering. The Government and IT professionals know exactly what they are doing, and of course the government would never lie or do anything stupid (although 25,000,000 households - basically 3/4 of the entire population of the UK) may disagree. That specific cock-up is probably the best thing that could have happened to that country and I hope the media keep it in the public eye for as long as possible because it shows how very exposed the government and IT professionals have made us. I hope it makes everyone of us actually consider what they are doing when they give away information "willy nilly", because it can so easily come back to byte (pun intended) them in the ass!

 

I am tired of this technology for technology's sake attitude. Lets get some common sense back.

Link to comment
Share on other sites
Dodger Newbie

Dodger

Posted
Posted
The passports and ID cards are looking to store biometrics and they have kept the types open! When Computers came along people accepted the advancement, little did they see the possible uses in the future, how do we know what uses our biometrics are going to be used for and how secure the systems are that store the masters for verification. If anyone knew the future.................You can't just assume that everything will be OK! Safeguards need to be put in place and if there isn't a clear need for a thumbprint identification system then it shouldn't be used.

 

I wouldn't like the hospital to use thumbprints for access to the pharmacy, which would be a potentially good use of a biometric identification system! The idea of a two tier system would be better, but, how easy would it be to overcome? I still feel it is unnecessary for primary schools to do this, mainly because they were not data protection compliant and needed to have a positive opt in not an assumption.

 

I have provided plenty of links, but was advised I should provide my own ideas. Check the previous links.....

 

Dodger, You have already been told, alright. Your links are all rubbish and your are scaremongering. The Government and IT professionals know exactly what they are doing, and of course the government would never lie or do anything stupid (although 25,000,000 households - basically 3/4 of the entire population of the UK) may disagree. That specific cock-up is probably the best thing that could have happened to that country and I hope the media keep it in the public eye for as long as possible because it shows how very exposed the government and IT professionals have made us. I hope it makes everyone of us actually consider what they are doing when they give away information "willy nilly", because it can so easily come back to byte (pun intended) them in the ass!

 

I am tired of this technology for technology's sake attitude. Lets get some common sense back.

 

Here here! :D

Link to comment
Share on other sites
Cronky Newbie

Cronky

Posted
Posted

Quoted in a letter to the Examier the Data Protection Supervisor stated:

 

'It is correct that these systems do not store thumbprints but it is possible to obtain a thumbprint from another source for example a crime scene and then by scanning that thumbprint on the system find a matching entry which would identify the individual. (If you could not do this then the system would not work as it could not identify a thumbprint). It is also true that these systems are being standardised and therefore the number stored in one system is likely to be the number stored in another.'

 

As I read this:

 

1. Plod scans thumbprint onto computer.

 

2. Computer turns thumbprint into a number.

 

3. Plod then gets hold of fingerprint scanner, extracts numbers and identifies owner of thumb print.

Link to comment
Share on other sites
Slim Newbie

Slim

Posted
Posted
1. Plod scans thumbprint onto computer.

2. Computer turns thumbprint into a number.

3. Plod then gets hold of fingerprint scanner, extracts numbers and identifies owner of thumb print.

 

There are millions of thumbprint scanners in use in the world today. Can you show me a single documented case of the above scenario happening?

Link to comment
Share on other sites
Cronky Newbie

Cronky

Posted
Posted
Can you show me a single documented case of the above scenario happening?

 

Sadly I don't have access to police records in countries accross the world.

 

However . . . Consider that the EU wants the ten digits of everyone over six years of age scanned into a database .

 

The Data Protection Supervisor suggests the number stored in different systems will be standardised with a common algorithm. Assuming data from fingerprint scanners is held centrally then it should be possible to get a number from a print.

 

I.e. you leave your print at the scene of a crime. This is lifted and converted back to your unique number. The database is searched for the number which then comes up with your details.

Link to comment
Share on other sites
Slim Newbie

Slim

Posted
Posted
Sadly I don't have access to police records in countries accross the world.

 

You don't need access to police records. Criminal prosecutions are in public courts. If such a thing happened, it would be on record. You don't have anything to back up what is basically something you've made up.

 

However . . . Consider that the EU wants the ten digits of everyone over six years of age scanned into a database .

 

Where's your source for that claim?

 

The Data Protection Supervisor suggests the number stored in different systems will be standardised with a common algorithm. Assuming data from fingerprint scanners is held centrally then it should be possible to get a number from a print.

 

I.e. you leave your print at the scene of a crime. This is lifted and converted back to your unique number. The database is searched for the number which then comes up with your details.

 

Why do you keep repeating the same point? It's wrong, it's unproven, it's never happened. There is no standard algorithm, there is no trivial way of reproducing a thumprint from a dusting to fool a thumbprint scanner, there is no central thumbprint scanner data. Nothing you, or The Data Protection Supervisor have said is demonstratable as true. In other words, it's uninformed scaremongering and until you can come up with some sort of proof to support the claim, it remains fantasy.

Link to comment
Share on other sites
oldmanxfella Newbie

oldmanxfella

Posted
Posted

After reading all the arguments put forward by the IT bods who believe blindly that all these systems and databases they are building are benign and will never be used incorrectly, I think that if society ever breaks down we've just identified the camp commanders of the future.

 

"Look boss all I have to do is merge these databases and bingo we've got the address of every Jew / Gypsy / Muslim in the UK. If I merge another two I can get all their banking details and biometrics too"

 

Rest assured they'll only be following orders and it won't be their fault that the technology was there in the first place.

Link to comment
Share on other sites
Albert Tatlock Grand Master

Albert Tatlock

Posted
Posted
After reading all the arguments put forward by the IT bods who believe blindly that all these systems and databases they are building are benign and will never be used incorrectly, I think that if society ever breaks down we've just identified the camp commanders of the future.

 

"Look boss all I have to do is merge these databases and bingo we've got the address of every Jew / Gypsy / Muslim in the UK. If I merge another two I can get all their banking details and biometrics too"

 

Rest assured they'll only be following orders and it won't be their fault that the technology was there in the first place.

That about sums it up - very well.

Link to comment
Share on other sites
ai_Droid Newbie

ai_Droid

Posted
Posted
After reading all the arguments put forward by the IT bods who believe blindly that all these systems and databases they are building are benign and will never be used incorrectly, I think that if society ever breaks down we've just identified the camp commanders of the future.

 

"Look boss all I have to do is merge these databases and bingo we've got the address of every Jew / Gypsy / Muslim in the UK. If I merge another two I can get all their banking details and biometrics too"

 

Rest assured they'll only be following orders and it won't be their fault that the technology was there in the first place.

 

Woot, 2nd invocation of Godwin's Law in this thread. Keep it up lads, and soon the paranoia and misinformation will have everyone as twitchy as you!

Link to comment
Share on other sites
Albert Tatlock Grand Master

Albert Tatlock

Posted
Posted
Woot, 2nd invocation of Godwin's Law in this thread. Keep it up lads, and soon the paranoia and misinformation will have everyone as twitchy as you!

So you don't think it's possible that the latest missing information has ended up in the wrong hands and could get sold on eventually to anyone from card skimmers to the BNP? Or do you think all criminals are like Terry Thomas.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...