undefined | Better HN

0 pointsmejari11y ago0 comments

>You're assuming all recognition algorithms of the same biometric produce the same raw template. That if I get one I can gain access on another.

Well, is that an unreasonable assumption? With passwords knowing what one person's password used to be or even knowing one hash of their current password tells you nothing about a different hash of their current password. With biometric data points presumably if they get accurate and detailed enough (which you already admit they would have to do to be a valid authentication mechanism) you can extrapolate. Faces are known quantities. Knowing how 999 points of your face are arranged does give you data about how other points on your face are likely to be arranged. We already have modelling software capable of this, so it doesn't seem unreasonable that such methods may be improved if facial recognition gains traction. At the very least it brings down the solution space to a much smaller size the more data points are used, which is the opposite of what happens when more data points (characters) are used in alpha-numeric passwords.

>It's often frustrating to discuss things with those who clearly know little about the topic and yet declare their opinion as fact.

I would agree. Especially opinions like how others "clearly know little about the topic".

But is it as frustrating as someone explaining their reasoning for their statement and then you ignoring that reasoning to discuss their closing statement as the entire argument?

0 comments

therobot2411y ago

> Well, is that an unreasonable assumption? With passwords knowing what one person's password used to be or even knowing one hash of their current password tells you nothing about a different hash of their current password.

Yea it is, this is very different from a password, even though it's being used in a similar way. Lets take fingerprints as an example - algorithm A uses minutiae points, and algorithm B does a simple normalized cross correlation between the two images. While this is a toy example, you can see there is a clear difference in what is being stored or even hashed.

> At the very least it brings down the solution space to a much smaller size the more data points are used, which is the opposite of what happens when more data points (characters) are used in alpha-numeric passwords.

No, it doesn't. You'd have better luck using a facebook profile picture printed on an old inkjet than you would trying to use a specific template as the 'solution space' of what other templates may be.

> But is it as frustrating as someone explaining their reasoning for their statement and then you ignoring that reasoning to discuss their closing statement as the entire argument?

I admit that it wasn't the classiest way to respond, and i apologize for it (i'm not going to delete it though, i wrote it and i won't run from it), but the same arguments keep coming up over and over again, and it's very clear that the users making these statements not reading any previous replies so i wasn't going to waste my time going over all the points again and again.

j / k navigate · click thread line to collapse