Hey, You're Not My User!
from the get-yer-stinkin'-hands-off-my-keyboard dept
Roland Piquepaille writes “Do you need a password? Not anymore, if a software developed at the Technion-Israel Institute of Technology becomes mainstream. Researchers have developed a software able “to identify computer users — with high accuracy — by their individual, distinct typing styles.” This “behaviometric” technology may one day be part of security systems to prevent unauthorized users from gaining access to computers and sensitive data. The researchers claim that the system can distinguish the user from potential intruders with around 90 percent accuracy. Now, they plan to check the system?s reliability by introducing some “noise” changing the typing signature, like a finger injury. Will they break the fingers of their testers? The story doesn’t go that far. My blog contains more excerpts and references.” It seems like every week we hear about some such solution. Didn’t we just post something about logging into your computer by your “laugh” print? Besides, 90 percent accuracy doesn’t seem particularly good. If 1/10 of the time you try to log in and your computer insists you are not you, you’re not going to be very happy.
Comments on “Hey, You're Not My User!”
what they don't tell you is...
…security is relative and that keystroke identification is vulnerable to play back (any given input stream can be made compliant by the insertion of pauses/speedups/errors) and frustrated by things like network latency for non-local keyboard hardware.
New? No chance!
I know someone who wrote code to identify people on systems by their typing style in the 1960s. Big deal.