| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 Mar 2010 20:51:40 +0000 From: mrx <mrx@...pergander.org.uk> To: full-disclosure@...ts.grok.org.uk Subject: Re: Fingerprinting Paper with Laser -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Consider a production line for printing anything that is used for access control. Now providing there is absolute consistency across every sample of the material printed/magnetised or otherwise marked during a production run, then only one token need be scanned by laser. This single data set can then be used by access points to verify the validity of said token(s) when presented. The token can be a bus ticket, a passport, currency or indeed anything that can be manufactured consistently to the tolerances that this laser scanning system requires. Of course given access to the same scanning equipment a hacker could scan the tokens and obtain the required data for cloning the material that the token is made from. However, how difficult would it be to replicate the production process required to actually clone the material the token is made from? Not to mention any other security mechanisms that may be employed. I think there is a control potential here but only if the manufacturing tech is precise enough. mrx T Biehn wrote: > So your proposition is that the passport manufacturers all use laser > beams on each passport they create and that this whitelist be somehow > distributed to each and every airport and border check-point? > > lol. > > How bout we just let them get PKI right first. > > -Travis > > On Thu, Mar 18, 2010 at 12:03 PM, james o' hare > <jamesohare69@...glemail.com> wrote: >> On Thu, Mar 18, 2010 at 3:36 PM, T Biehn <tbiehn@...il.com> wrote: >>> Ridiculous. >>> Generate some valid, non-far-fetched use-cases to justify this if I'm wrong. >>> >>>> The Mossad going to Dubai and assassinating people >>>> in hotel rooms, then I'm all for it. >>>> >> They used false British passports, and you wonder why we want to have >> these technologies? >> >> Andrew >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > - -- Mankind's systems are white sticks tapping walls. Thanks Roy http://www.propergander.org.uk -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBS6Pj3LIvn8UFHWSmAQI+WQgArwfPjlBMHIxCz5Muag5zO9wAbkQTekk1 LUHjDuV3pXn9TXNWFKoydaYaj6jWafpXFt58BTZLqn8ZgSIcMw+cip2ZNdC7WOQ6 x37ESSboLLfRnRwKVYpPTz7H8yzKNWcEu7nY3fnrO337Tdm8N5hTkgt5KAhq0qRg XM/uOYicd1suk1jEx4gJ4mBXLG59+7baqyT6wnjBRYTfpbeOWdWLpHIKYBmEWoYC CjAphrBvlnWNPEKsQHjS+nFXG7sSaEO6lg88W/Ka4Kt268Hkzl8pYtvwye9U+lFS H7S0GrZR+Vgvrq9+419QwzH3oBbpdEq6tKkvcD74HXlhGB20EJayfA== =KDgR -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists