Originally posted by vetran
View Post
Suppose I wanted to get your fingerprint: that would be very difficult, because (as far as I know) we've never met.
However, suppose that you have a husband trying to break into his wife's laptop, when she spends several hours each day unconscious in the same room with him (i.e. asleep). It's far more plausible that he could put her finger on the reader without waking her up. Obviously that will depend on the person (i.e. how soundly they sleep), and it would be a massive breach of trust, but I think it's realistic.
I think that illustrates a wider point about security: it's all about "what problem are you trying to solve?" rather than a "one size fits all" approach. Start with a risk assessment, then go from there.
Leave a comment: