USB "thumbdrives" with fingerprint detection

Benjamin Scott dragonhawk at iname.com
Sun May 8 21:49:01 EDT 2005


On May 8 at 6:39pm, Bruce Dawson wrote:
> Does anyone know if Linux supports these?

   While I haven't looked into these, I've come across the occasional review, 
store display, etc.  They've all appeared to be nothing more then a standard 
USB combo device, with the sub-devices being a standard flash drive and a 
finger-print reader.  The drive comes pre-loaded with an installer for some 
Windoze software which, presumably/hopefully, does something with the 
finger-print reader to protect data on the drive.

> Also, does anyone know what mechanism is used? I can think of 2:
>
>      * Fingerprint is used to encrypt/decrypt data on the drive.
>      * Fingerprint is used to allow access to the drive (and nothing on
>        the drive is encrypted).

   And a third: Fingerprint is used to cipher a key stored on the drive, and 
that key is then used to cipher the data.  This would really be the preferred 
method, as it allows the option of multiple fingers/people using the same 
drive.  I would hate to loose my data just because I scarred my finger tip.

> Obviously, the former is desired, but I can think of lots of Trade 
> Restrictions it would interfere with.

   More importantly, as Bruce Schneider aptly observed, it is a lot easier and 
cheaper to just sell snake oil that claims to be secure then it is to actually 
make something secure; at the same time, "apparently secure" and "secure" are 
generally indistinguishable without a detailed investigation.

-- 
Ben <dragonhawk at iname.com>



More information about the gnhlug-discuss mailing list