|
Posted by Ari on August 1, 2007, 12:42 pm
If you were Registered and logged in, you could reply and use other advanced thread options
On Wed, 01 Aug 2007 02:13:24 -0700, ric wrote:
>> On Tue, 31 Jul 2007 02:48:40 -0700, ric wrote:
>>> Don't even *think* about voice or video recognition, this is such a
>>> dumb idea.
>>
>> Why?
>> --
> Where do I start?
> Consider why neither of these options are in widespread use.
That means nothing. Btw, they are in widespread use non-civilian.
> Some points to start you off:
> 1) you'd need to securely rewrite MSGINA on windows to allow logon via
> either option.
Linux.
> How do you expect your video or audio recognition to
> work before logon?
On all the time. Logon is by recognition.
> Are you proposing to do it in hardware? If so,
> which hardware did you have in mind? What is the cost of that
> hardware?
No but if I was, firmware.
> Is your solution going to be able to be remotely
> administered so when a worker forgets their glasses or has a headcold
> they can still login? Will it hook into AD, etc?
Look, you can throw a 1,000 questions at *any* authentication
methodology, none of these are unique to A/VR.
> 2) there are much simpler methods that demonstrably work. If you
> can't deal with individual usernames/passwords then rely on a simple
> physical token and password - e.g. a smartcard. these are easy to
> integrate into your infrastructure.
???? You still have passwords.
> 3) why over complicate things? no-one is going to congratulate the OP
> on their expensive, overly elaborate and fragile implementation of
> something just because it's "cool".
It's only complicated to you.
> 4) In a burger-flipping environment, something that relies on voice
> login in a noisy environment is a dumb idea.
There are no controlled audio environments? When did you become a
burger-flipper construction expert?
> Logging in via a video
> image in an environment where people regularly wear hair nets etc is
> similarly dumb.
Take them off.
> 5) Whilst adding significant cost and complexity, both video and voice
> login would have lower security: unless you can somehow avoid being
> able to login with a recording of someone or a photograph.
You're just ranting withut a clue.
> I could go on, but this is such an obviously bad idea I don't think I
> need to.
>
> Ric
No, you don't need to, that's for sure.
--
"You can't trust code that you did not totally create yourself"
Ken Thompson "Reflections on Trusting Trust"
http://www.acm.org/classics/sep95/
| 
XML site map