Tag Archives: internet

The Strength and Weaknesses of Biometrics

We seem to take for granted how our devices identify us for authentication.  What started from passwords and pin numbers has now turned into fingerprints and advanced face mapping technology that makes unlocking your smartphone almost magical.

Until recently, biometrics were an item of science fiction. Today, significant advances in the technology have now made it truly a viable and secure alternative to traditional forms of security. Biometric authentication uses a person’s individual biological traits to verify their identity. This data is almost impossible to guess and is completely unique to a single person. This make biometric systems extremely hard to compromise, unlike Personal Identification Numbers (PIN) and passwords.

But like all passwords and forms of authentication, each have their limit.  Biometric authentication is also extremely new and not very cost effective enough for widespread adoption, but we can expect to see more and more of it in the near future. So, let’s look at some of the current biometric methods and their strengths and weaknesses.

The Passwords on Your Fingertips

The most frequently used and established form of authentication is your fingerprint. What can be more secure and unique than a series of pattern on the tips of your fingers that not one other human shares?

The main issue with fingerprint scanning is that we leave those passwords (our fingerprints) everywhere. You wouldn’t just write your pin down on a napkin and give it to your waiter, but you will hand over your glass, which is basically the same concept.  Fingerprints also present the challenge that we only have as many passwords as we do fingers.

However, despite the weakness fingerprints still remain much harder to guess than a password and their low-cost and high convenience makes them one of the most common authentication methods.

From fingerprint scanning evolved finger vein or hand vein scanning.  This method scans the vascular patterns beneath the skin’s surface, that are not left on the things we touch. However, this technology is very pricey and not commonly used.

Its All In The Eyes

Eye scanning has also seen an uprising in adoption. The security of iris scanners are very reliable, with a very low chance of false positives because of the high detail they need in order to work.

Despite this reliability, the concern of iris scanning is that of hygiene and convenience. If scanning equipment is shared and requires people to place their eye on surfaces used by others, we could quickly see the hygiene issue. To sterilize the equipment, it would have to be done with substances like alcohol which would cause the eye irritation.  We could also see issues where if the eye scanner is static, it may be difficult for people of different heights to use it.

Say the Magic Words

Voice recognition is one option that is widespread and relatively cheap from a technology stand point. The downside to voice is that it is getting beaten out by the other forms of authentication because it is the easiest biometric method to mimic. A recording on a good microphone could defeat a system, which makes this highly insecure for highly confidential items.

Look In the Mirror to Find the Answer

Facial recognition is somewhat the baby to the biometric authentication world.  The biggest launch on the market is Apple’s Face ID system which maps out the structure and movement of the face to prevent someone with a picture to access it. This technology has seen some false positives so there is likely to be more advancement required in facial recognition. However, if the technology becomes more established it may sweep the market from the other alternatives.

What started from the science fiction movies, has now ended up being real life. Biometric passwords have come a long way and there is still much more advancement required before we can say these methods are truly unique and secure. As of today, two factor authentication is still the best way to go. Combining a biometric factor with a strong password is the safest way to protect your online information when each password can rely on each other as a failsafe form of verifying you.

Shut Off Your Bluetooth When You’re Not Using It!

Privacy and security seems to always be on everyone’s mind today. Intuitively we are always making sure our homes are locked before we leave and that our cars when left aren’t vulnerable to any intruders. Just like our homes and cars, we keep our technological devices secure and locked with some sort of authentication, but they too have a variety of different entrances for an intruder to sneak their way in.

The most popular digital entrance into a electronic device today is through its Wifi. We have all heard of the horror stories of connecting to a wrong network in a public place and having your personal information stolen. But few people think about how their Bluetooth can be effected. Minimizing your Bluetooth usage minimizes your exposure to the vulnerabilities. Most recently, an attack called BlueBorne allows for any affected device with Bluetooth turned on to be attacked through a series of vulnerabilities. These vulnerabilities don’t stem from the Bluetooth itself but the implementation in all the of the software including Windows, Andriod, Linux and iOS. This potentially puts millions at risk.


The Blueborn attack starts by going through the process by scanning devices with Bluetooth on, it then starts probing them for information such as device type and operating system to see if they have the vulnerabilities it can latch on to. The Blueborn bug can allow hackers to take control of a device and access private information. This attack can also spread from device to device in one motion if other vulnerable Bluetooth enabled targets are nearby.

The best defense against this Bluetooth security flaw is to make sure your device system is always updated with the latest software and firmware. This make sure there are no vulnerabilities in the implementation of Bluetooth within your operating system. Bluetooth does many amazing things that seem almost magical and the benefits outweigh the calculated risk of turning it on. However when not in use it is best to make sure to keep your Bluetooth setting off and use it when you know you are in a safe and secure area.

My Coffee Machine Got Hacked

In today’s world it seems like anything can fall victim to a cyber attack. We all know that a computer, wireless network, server, (etc.) can be compromised. Now imagine that you’re at work and you see a ransomware message on your coffee machine’s screen. That’s right… a COFFEE MACHINE. This may sound ridiculous but it did happen and could happen to any workplace. Bet you didn’t know ransomware is now a part of the new continental breakfast.

A chemical engineer with a degree in computer science posted this instance on Reddit and explained exactly what happened that led to this attack on their workplace coffee machine. It all began when a factory worker encountered a ransomware message on his computer, he then called the help desk to get the issue resolved and stepped out to grab a cup of coffee. The worker then noticed the same message on the coffee machine’s screen. Now, this ransomware did not just shut down the employee coffee supply and hold it for ransom (which, that would be a whole other nightmare),this ransomware spread throughout the factory and shut down factory systems. So how did this all happen?

Coffee machines are supposed to be connected to their own isolated WiFi network, the person who was installing the network made the mistake of connecting it to the internal control room network, when they noticed the coffee machine still wasn’t getting internet they then connected it to the isolated WiFi network. While a hacker was poking around in their systems they noticed that huge security fall and managed to squirm their way into the system and gridlock the entire factory network.

A coffee machine is not the only issue, practically any computer- implemented or computer enabled device can be compromised, this then leads to a wild search for what else is connected to that same network that could also become infected? Network vulnerability is like a screen door. If you do not pay attention and their is the tiniest hole in the screen somehow at least one fly will manage its way through and get into your home.

Being proactive and making sure your systems are always being monitored for any issues is very important. Implementing the right security precautions and making sure your network is sealed tight is the only way to prevent malware from grid locking your network. Finally, please make sure your office coffee machine is installed properly!

What Does your Business IT and Car have in Common?


When we talk about car insurance the dark thoughts and questions begin to arise. What if I get into an accident? What if I’m travelling and left on the side of the road? What if someone hits me without my control? While all of these thoughts are very pessimistic, these things do happen, sadly, more often than we would like them to. This makes driving without some sort of car insurance seem completely ludicrous. So why should your business IT be any different?

Think about your business IT as the “vehicle” that keeps your company running. What if your network “crashes”, what if your employees are working and your computers decides to leave them on the side of the road? Or what if a hacker “hits” your network with ransomware or the many other hundreds/thousands of malicious malware that is out there today?

When talking about business IT “insurance”, we mean something a little bit different. You need to make sure that the technology in your business is secure, protected and keeps your employees as productive as possible in order for your business to stay viable. Like a car, you have to have some sort of disaster protection, or else a whole bunch of time, money and productivity of your business is lost on fixing the issue when it happens. The best “insurance” for your business network is using an outsourced IT service management provider, and here’s why.

When you outsource the management of your important IT resources they help optimize your networks performance, to make it work at the peak efficiency and reliability levels that your business demands. This can allow you to stay focused on running your business and not your network. This security, networking, data protection and user support is handled at a fraction of the cost than if your business decided to take on all of that cost itself. Risk is something your business deals with every day from market competition, to the state of the economy, don’t let your IT be another risk. Businesses have limited resources, and every owner/manager has limited time and attention. Outsourcing can help your business stay focused on your core business and not get distracted by complex IT decisions.

Secure your network today with ECMSI !