I believe that the only way you can know which way to go is to look as forward as you can.

Thursday, March 31, 2005

Terri Schiavo: deschidratation death decided by her husband against her parent's will

If you want some resume about the case there is a nice one here What You Need to Know about Terri Schiavo
What is my problem? I think this entire story in simply disgusting. I cannot believe that this really really happened: U.S. Supreme Court rejects latest plea by Terri Schindler (Schiavo)'s parents

Since when and why a husband has priority in front of the parents? Two actors: the unfaithful husband and the parents. If they could agree upon the death then ok… perhaps this decision could be somehow stated by a court. But this it is not the case! The parents waned to take care of her with their own resources and leave the trust fund awarded for Terri’s care to the husband.

The Terri’s mother, Mary Schindler: “Yes, I've received hundreds of letters from people who have, yes - recovered! And some of them, in their letters, were worse than Terri.” In a few words, the parents had resources, there were specialist saying that they can try to cure Terri, but the husband’s “ethical” will is more powerful that anything else on this world! More powerfull than the proof that: Terri Schindler (Schiavo) is Cognitively Able

I hate what THEY dare to call “justice”.

Wednesday, March 16, 2005

How about certification?

What can I say? Certification is now kind of “U must do it”. What for? The employer is sure that you know that thing. Also you make sure yourself that you do know that thing. Further, the client will be sure that the respective product/ service is made well.
Ok, but this is theory. How close are the current certification tests to this? I am in the stage of leaning for my Sun Java Certified Programmer exam. I like the book. I see lot of things I did not know until now… but still I was able to program… some code… I think certification is a personal self- confidence act. And ok, gives confidence in you to everyone.
I think this kind of stuff will become more and more a routine in all possible jobs. It already is… but not exactly in creative or unusual jobs… How would it sound: “Hello I am a certified painter. Trust me your walls will be wonderful decorated”. But things move closer and closer.
To come with a diploma saying that you know to generally tailor, design and sew clothes is one thing and to guarantee that you know everything about gloves is another. Perhaps you need a certificate to prove this ;))
And here I am.
What is the danger? Everyone learns of course standard stuff. Only that I am affraid that gloves will become more and more alike. I am affraind that the glove designers might loose their inspiration. Nothing more. For the rest... well all the gloves will have quality. And guess what? About the same quality. High or low... depends on what was requested to learn to get the certificate.

Wednesday, March 02, 2005

Person authentication

What I see as being the future in person authentication … is... Parameterized Authentication
"Parameterized Authentication moves beyond the traditional approach to security by acknowledging that identity verification cannot always produce perfect results. Our model addresses such inherent imperfections by introducing a metric, the Authentication Parameter, that captures the overall quality of authentication. We define authentication quality in terms of sensor trustworthiness and the accuracy of sensor measurements."

    I shell split things in two directions:
  1. Authentication in a non-computer based system. (ATM, entrances)
    I assume that nobody can imagine that something else then “Biometric readers” will survive over the time. Using only fingerprints, maybe it can fail. Using faces, the same. But doing a combination of face, iris, fingertips and let’s say voice… I think is strong enough. I cannot imagine a way to gather and imitate somehow all this information. Ok: maybe having a clone of the same age. (Oh yes, the voice has a harmonics that can be found beyond how the speaker intonates. Remember the Fourier transform?) Ok, this works perfectly for ATM, for entrances, etc.

    Only when you say biometrics… you say a lot of methods…
    Of course all these can be done in the Parameterized Authentication terms.

  2. Authentication in a computer based system.
    What about the computer authentication? The password can be stolen. Secure connections? Maybe, for a while this will be the way to go.

    Want to go further? Ok, unique identifiers, or perhaps chips will be provided. PIN? Yes of course.
    Password hardening based on keystroke dynamics?

    Why not?

    Or perhaps ... graphical password or… signature written with mouse?
    We can add also some fingerprints recognition embedded in the keyboard... If you want strong authentication I think the answer is combine in a smart way the basic stuff that we have already.

    Oh yes… do again Parameterized Authentication.

    It is clear to me that year by year people get tired of making all kind of accounts and remember all kind of passwords. So, web-sites might give you the possibility to authenticate using some third-party internationally certified methods. This third party can send to the portal some basic information like… a customized username, decided by the user, at the first entrance-time.

    So, if your account can be accessed only using this third party that is doing sophisticated stuff like
    Password hardening based on keystroke dynamics combined with finger prints recognition then you can be sure that nobody ever will be able to still your password…

    As a final conclusion, I can say that the password issue is much solvable than the software cracking issue… Any suggestions?
    If you want to see a non exhaustive list of the main authentication methods you can visit Password Replacements
    article written by…  a gooood friend of mine ;)