Authentication? or a mirror?

I was doing some reading on authentication methods for one of my classes and realized there seems to be an almost infinite amount of ways to authenticate someones identity. Which means that of those infinite ways there are comparatively very few we that show promise in the real world. Take for example when logging into your computer most of use some form of password. We assume this method is secure since no one can read your mind. This is a false assumption, at least for the layman. The secure aspect I mean, not the mind reading or do I?

Often we, you the reader and I, think of ways to find people that have similar interests to us. That way we have someone to talk to and share jokes. How we do this socially is very similar to authorization requests used on the devices, and networks used everyday! For example, through shared experience with a group of people you can gain trust by having an inside joke that only you and the group would know so you gain access to their friendship. The Transfer Control Protocol is very similar in that way, with its three-way handshake. First you ask the server if its ready by sending a synchronization packet. Then the server responds with a Synchronization-Acknowledge packet confirming that it understood the question and proceeds to ask if you do as well. Finally you too respond saying "yep I'm ready too we should start being friends" and allow the connection. Basic authentication is so neat.

There are of course other ways to authenticate someone, like biometrics which we use in the real world quite often if you interact with someone. Though, it does have quite a few flaws depending on how its used. Like say your face gets burned off and now no one recognizes you as Harvey so you go by Two-Face now. I can only imagine how using Windows Hello went. That's only one facet of it. Have you ever used a fingerprint scanner and annoyingly it asks you to adjust your finger so it scans the sides, the top, the back, and even the nail? Well, its because fingerprints do not necessarily change its hard to get a perfect read every time. Many systems opt to use more variance when recognizing fingerprints to allow easier and faster scan/authentication, but because the process is not very precise you can bypass it relatively easily. Assuming the target device has multiple fingerprints installed, internally it allows a more diverse fingerprint set with much much greater variance leading to just about anyone being able to unlock the device. Which is why when using simple devices like phones or laptops without some kind of huge database to back it up you should save as few as you can.

Today's article seems like a mess to me too. I'm not sure why I cannot focus as well today, anyhow cheers.

<< Previous | Next >>`