* Andrew Shadura <and...@shadura.me> [160507 17:27]: > Fingerprint readers are insecure, and that's something that can't be > fixed. I'd prefer to see fewer fingerprint-related software packages > in Debian rather than more.
I cringe when I see blanket statements like this from security advocates. Instead of saying "get rid of fingerprint readers", your efforts would be more beneficial if they were directed towards education of both the downsides of a particular technology and how to determine if the security problems associated with it outweigh the benefits. Your statement is analogous to saying that deadbolts are not going to stop an experienced burglar who has cased your house, so all hardware stores should stop selling deadbolts and only sell bank-vault-style door locks. I know of at least one fast food chain that uses fingerprint readers to allow their employees to clock in and out. Can an employee take advantage of the insecurity of fingerprint readers to get a coworker to clock him in early? Probably. If he does it regularly, will he get caught? Probably. Do the risks to the fast food chain outweigh the convenience of the technology? I seriously doubt it. I would like to see security advocates espousing use-case-based security, rather than just saying "it isn't secure, so don't use it." ...Marvin