Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : Novell (NOVL) dirt cheap, good buy? -- Ignore unavailable to you. Want to Upgrade?

To: David who wrote (27957)	8/30/1999 9:48:00 PM
From: ToySoldier	Read Replies (2) \| Respond to of 42771

David, Biometric systems would raise the bar further toward the utopia in authentication, but, here is a bit of a problem. Biometric systems like finger-print ID do not necessarily ensure non-repudiation. Y? Because, unless EACH end-to-end transaction asks for the client to re-authenticate, there is still an exposure to breaking non-repudiation. For example, the valid customer uses her finger-print to perform a transaction and then steps away from the computer for a moment leaving the system open for an invalid "hacker" to step in and perform a transaction. Also, biometric systems only ensure you are who you say you are at the source (i.e. authentication). It does not - by itself - ensure non-repudiation unless encryption is performed from the scan of your print to the ultimate destination. Non-repudiation all the way to the ultimate source and destination of the the e-commerce transaction is more than just biometric systems. In fact, biometric systems do more toward further ensuring authentication, not as much non-repudiation. If a VPN-like technology can somehow be extended past the server's & client's computer and into human's desires, thoughts, or secured human signals to agreed action, and if the end-to-end transfer of these desires, thoughts, or signals from the source to destimation can be highly encrypted, THEN ultimate non-repudiation can be ensured. That future technology would be an example of a "Fully Normalized" e-commerce transaction, but, since this technology is not yet possible, we must denormalize this e-commerce transaction to a point that ensures an acceptable level of security without actually crippling the transaction itself. VPN and Biometric verification are good steps toward the fully normalized e-commerce transaction. Now, to add some light-hearted thinking behind this issue of using biometric authentication. If you think that biometric systems like Thumb-Prints can avoid "Password hacking", you might be scared to think of the new type of hacking that might be now encouraged if thumb-print authentication becomes a hot and popular concept. HOW BOUT --- "Thumb Hacking"? Take it literally! HOW BOUT --- "Thumb Jacking"? Sounds wild and crazy ehh? But if the only thing between a desperate robber and access to your ATM machine is your thumb, how much imagination will it take for the desperate crimanal to consider hacking or jacking your thumb - with or without your active participaction? EWWWWW! But plausible! Toy