[ltp] Fingerprint reader and the Bios

Richard Neill linux-thinkpad@linux-thinkpad.org
Thu, 26 Jan 2006 15:23:42 +0000


Aaron Mulder wrote:

> When I reported the fingerprint module to SuSE, the response I got was
> that integrating the driver was out of the question because it was
> proprietary code that required root privs and thus was inherently
> insecure.

SuSE's response isn't actually related to the issue of whether the 
fingerprint reader is any good (which it probably isn't: 
http://www.schneier.com/crypto-gram-0205.html#5 )
It's because you should never trust code for which you don't have the 
source.

However, I think that distros would be ill-advised to adopt the 
fingerprint reader: it encourages a false sense of security.

My personal recommendation is a password containing 
mixed-numbers,punctuation and letters, and being at least 12 characters 
long. It's very hard (without a video-camera) for someone to recognise 
that. Personally, I don't put upper-case in passwords, because this 
makes them much harder to type, especially if you are trying to do so 
rapidly to avoid observation.

Lastly, if the laptop can be booted with knoppix, any password-mechanism 
may be trivially defeated. You need encryption of /home to be secure.

Richard