The Latest Trick in Biometrics: Finger Vein Authentication
When I say biometrics, most people think of fingerprints, face recognition, eye scanning and other cool but rather common tricks we’ve seen in movies and run across in real life. I might add a ear scan from some Batman movie, but that’s it.
Sony has come up with a new idea, recently covered by The Register in its Hardware section. It’s a camera-based system that analyses veins in people’s fingers. This new technology also comes with it’s own name: Mofiria.
How does the new biometric tech work?
Here’s the explanation given by the Register:
The user first lays one side of their index finger down on a small pad, after which a series of LEDs shine infrared light onto it. A CMOS sensor sat on the other side of the finger then picks up light scattered off of the veins inside the user’s finger.
Why is this better than other technologies in the biometrics field?
I found the answer to this question in Sony’s official press release. I’m still waiting for some comparative reviews and tests. If you happen to run across one, feel free to share it in the comment box.
Compared to the other biometric authentication techniques, vein authentication technology achieves higher accuracy on personal identification and forgery resistance because it uses the veins inside the human body. Finger vein patterns differ from person to person, each finger to finger, and it is said that they do not change over the years.
I am looking forward to an action movie depicting a breach of this new technology 
NetBooks and the surprises they come with
Portable storage device applications and endpoint security solution provider CoSoSys has just risen the red flag regarding Netbooks. As they explain, although treandy gift and excellent PC replacement for all offices, netbooks embed serious threats to corporate and individual security. While their seamless connectivity and increasingly large solid state disks (SSD) or traditional HDD capacities can help everyone of us increase productivity while considerably decreasing the weight we carry around, they are also the perfect means for both intentional and unintentional data breaches.
“Corporate IT departments needs to consider Netbooks as a serious issue when it comes to Endpoint Security and they are advised to take control over them as they enter their networks rather than waiting for the first data breaches to happen. Enforcing Endpoint Security policies with Endpoint Protector allows IT administrators to fully control all ports and data transfers from endpoints, including Netbooks, to any other portable device such as USB Flash Drives or External HDDs to prevent data loss” said Roman Foeckl, CoSoSys CEO.
While the CD or DVD drive is no longer a threat, netbooks come with almost immediate access to any data through wireless networks, USB Ports, SD Card readers and other ports, making it extremely easy for confidential details to be transferred in and out of unsecured networks. And if you run a search through our blog to see how many laptops have been lost, stolen and misplaced in the past, we have to also wonder about how much easier it is to steal or lose a much smaller version.
So take this warning seriously and stay trendy and safe at the same time!
US Army bans USB devices to stop worm from spreading
The US Army has temporarily banned the use of USB devices, along with floppy discs, CDs, external drives, flash media cards and all other removable media devices, to prevent a worm from spreading through its networks. According to the Register, the worm that caused this extreme measure is Agent-BTZ, a variant of the SillyFDC worm.
While the ban itself is bound to cause some distress, as it would in any other organization, the work flow will be more extensively affected in the US Army because for some offices email or online file transfers are not allowed either.
The measure is a bit drastic, but at least something was done. I personally would have expected a safer endpoint security system and protected USB drives, given the Army’s impressive history with lost hardware and data breaches (see some examples here, here and here). Who knows, maybe this time they will learn
New Flaws in Wireless Security Exposed
The Wi-Fi Protected Access or WPA is aone of the most popular forms of security used by wireless networks. Yet the potential risk and ease of breaching it might trigger some alarms for a lot of poeple especially if they were at PacSec 2008 confefence in Tokyo.
A week before the conference, the Register announced two German researchers, Martin Beck and Erik Tews, were going to expose a vulnerability exposing WPA protected networds to an attack that could compromise certain communications in less than 15 minutes. If anyone reding our blog attended the conference, we’d love to hear how it all went.
But this is far from being the first vunlerability to go public.
In 2001, three researchers found a way to reliably break the previous wireless security protocol, known as Wired Equivalent Privacy (WEP), in less than two hours. By 2007, the latest refinement in attacks against WEP – found by Tews and two other researchers – reduced the time to recover a WEP key to less than a minute of calculations.
While those discovering how to tear security systems apart, those actually depending on them seem to be learning one thing: you’re never really safe! So if any extra security is at hand, apply it asap!
Self-encrypting laptop from Dell
One of the most common causes of security breaches is stolen hardware. And I’m sure you’ve all heard of the thousands and thousands of laptops stolen in airports, from parking lots and other public places. And as most companies fail to implement a comprehensive endpoint security solution, a stolen laptop means trouble. For the end users, a laptop sometimes stores most of their documents, personal and business, memories from trips and other important events and everything that is private and dear to them. Picturing everything lost to a stranger’s hand is hard to cope it.
Dell states there’s a new way to prevent such bad things from happening: a self-encrypting laptop. Your data is still lost, but at least no one can acess it. The drives with self-encryption features are produced by Seagate and embedded in the new Dell product. And apparently, the Seagate hardware will soon be shipped by IBM and LSI as well. Let’s hope no one breaks the encryption system!
