Forwarded From: phreakmoi <hackerelite@deathsdoor.com>
http://www.infoseek.com/Content?arn=a2236reuff-19981118&qt=%2Bhacker&sv=IS&lk=noframes&col=NX&kt=A&ak=news1486
More than passwords needed for Internet privacy
02:40 p.m Dec 10, 1998 Eastern
By Andrea Orr
LAS VEGAS (Reuters) - High-tech companies that once dismissed concerns
about online privacy are increasingly concurring with the critics.
If the Internet is ever to become a truly secure way to shop and exchange
sensitive data, they say, it will take more than just secret passwords to
protect private information.
Passwords are already passe, judging from the exhibit floor at the huge
Comdex computer trade show here, where several companies pushed so-called
biometrics as the next wave of network security.
Using small computer attachments to read eyes, fingerprints, voices or
other personal features, biometrics offers secure ways to access
information that cannot be stolen, shared or forgotten.
The biometrics industry is small but is rapidly gaining attention in
high-tech circles. In his keynote address in Las Vegas earlier this week,
Microsoft Corp. Chairman Bill Gates cited online privacy problems as a key
pitfall of a wired world, and said biometrics offered a promising
solution.
Earlier this year, a group of biometrics companies, including Iriscan Inc.
of Marlton, N.J., and Identicator Inc. of San Bruno, Calif. formed a
Washington-based trade group to represent them in the public policy debate
over Internet security.
Some of these companies have been around for decades but have only served
specialized high-security markets like prisons. They hope the growing
attention to security in everyday transactions will pave the way for
things like fingerprint readers or iris-scanning software to be installed
in millions of home and office computers.
Currently a $25 million-a-year industry, biometrics will by some estimates
expand to $1 billion by the year 2000. Some predict the rush to install
biometric security systems will replace the Year 2000 computer crisis as
the most pressing high-technology project after the millennium.
Visionics Corp. of Jersey City, N.J., makes face recognition technology,
and two Florida companies, Saflink Corp. and TrueTouch Technologies Inc.,
make a range of products to recognize users by various features, including
voices. Another company, Cyber-Sign Inc. of San Jose, Calif., advocates
signature verification.
All these companies are promoting their products in the same way, as
security systems that cannot be stolen, forgotten, shared, or intercepted
by hackers -- problems they say make password-based security system
somewhat flimsy.
While millions of electronic commerce transactions are completed without
incident every day, experts fear inadequate security on the Internet
leaves lots of sensitive information vulnerable.
In one recent example of the limits of passwords, a group of hackers from
Europe broke into the e-mail system at Stanford University in Palo Alto,
Calif., stole thousands of student and staff passwords and went undetected
for three weeks.
Another problem is that computer users have become too trusting, using the
same password to enter both secure and insecure Web sites, from where they
are more easily stolen.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Fri Dec 11 08:26:09 1998