Well first of all thanks to NETGEAR. I'm back. This
time it should be for good. But tell me this; why can't I get a
router that will take some moderate load on a hot Sydney day and not
explode?!?! Even my new (expensive!) Netgear hardware runs hot
(50oC+) under *no* load. I'm gonna have to casemod this sucker to
add a fan if it's gonna last me until Feb '06.
Anyway, authentication. It's not the first time
Crypto-Gram
has been mentioned on my blog. This time it relates to a post
therein about the kind of fingerprint readers that have become popular
in Keyboards/mice or as USB peripherals, and how with some skill and
the right tools and circumstance you can foil them in about the same
time it takes to make a sandwitch.
What it comes down to is this (I am drawing from many sources here). Authentication comes in three factors:
- Things you know - passwords/passphrases*, PINs, mothers maiden name (how many web sites will ask this!) and so on...
- Things you are - your retina, your fingerprint^, etc
- Things you have - Smartcards, USB dongles, key cards, your passport yadda yadda...
If you require 2 forms of authentication and draw from only one pool, then you have only one factor!
(I have a secret about
OfficeWorks SAP system, remind me to tell you about it some time...)
Anyway, that's enough for tonight :)
* Jesper on Passphrases
here (1/3),
here (2/3) and
here (3/3)
^
Wikipedia,
The Register