Lax security aboard Starships?

[Belz...]

Timo, please put the name of the people you quote in the quote.

Faking voices is a lot easier than faking one's capillary pattern at the back of one's eyes

On what do you base this claim?

Reason. One is more complex than the other. Data can do one and not the other, etc.

Faking a voice is utterly impossible for a human being today

You will notice that Star Trek uses aliens and androids and computers and stuff. Starfleet should and would take that into consideration. Hell, they even have shapeshifters, though I doubt they would see well enough their target to replicate that.

 

[Belz...]

If the ship had retinal scans, Data would have had a way to fake a retinal scan.

Wait, how ?

 

[Retu]

If the ship had retinal scans, Data would have had a way to fake a retinal scan.

Wait, how ?

Digging someone's eye out comes to mind.

 

[Belz...]

That would've probably caught the attention of the bridge crew.

 

[Shawnster]

It may be a good idea to review how voice print analysis works: http://www.owlinvestigations.com/article1.html

 

[JirinPanthosa]

If the ship had retinal scans, Data would have had a way to fake a retinal scan.

Wait, how ?

By the writers saying so.

 

[Timo]

A retina pattern is a simplistic and static thing - the very reason it was chosen as a candidate for an ID technology once. The unfortunate consequence is that it's fairly easy to forge, too. You can't teach a retina any tricks; just taking a photograph and showing that to the ID machine will work nicely, as the machine has no means of further "interrogating" the retina.

In contrast, a voiceprint at least can be subjected to interrogation. Say, anybody could record Picard saying "I am Captain Jean-Luc Picard" and then play that recording to the ID machine. This is indeed how the "Maquis" (in reality, Cardassian) operative in "Tribunal" fools a door lock aboard DS9. But it's statistically highly unlikely that Picard would ever utter the phrase "Picard, Jean-Luc, Tango Cedar Alpha Twenty", so such a phrase works admirably as a means of identification. There is no need for the phrase to pass muster as a "password", in terms of complexity; there isn't even any need to change the phrase at regular or irregular intervals. It just suffices that this phrase never arise in normal conversation.

You will notice that Star Trek uses aliens and androids and computers and stuff. Starfleet should and would take that into consideration.

Indeed - which is why retina scans and the like are a bad idea, and something more complex and trustworthy, such as a voiceprint, should be preferred. Any stupid machine can photograph a retina, even from a distance (unless the heroes routinely wear shades or something equally idiotic). Goading Picard to utter a code phrase and recording that is a far more complex feat.

It also won't do to make the ID procedure overtly complex. People need to get their IDs confirmed in a hurry; it can't be a six-step process. You pick your best ID technique and stick to that.

Cardassians have it right, though, in using the superb 24th century technology for implementing an ID scan that works at a distance, without the target even knowing he's being scrutinized. Scanning for DNA at a distance solves most security problems: it's unique enough (yes, in TNG, you can alter your DNA, but supposedly you then cease to be you in most respects that count), it's all over you (so wearing a false thumbprint or a false retina doesn't help), and you can easily use the technique to unobtrusively collect a library of IDs (which current fingerprinting techniques don't allow for).

Timo Saloniemi

 

[Edit_XYZ]

The voice can be faked today (including creating words that are not on record already).
The retina scan can be faked, but it's far more difficult. You need more than a laptop with an installed program, a recording of a person's voice and a microphone.

That Data took complete control of a federation capital ship in minutes is a testament to the incompetence of starfleet security.
And, of course, this incompetence shines in many other episodes: apparently, the romulans find out about starfleet top secret information in real time (tin man, the pegasus); a visiting klingon can steal the complete schematics of the warp core; a romulan spy impersonated a federation ambassador for years, creating a gigantic security breach; anyone can completely hack the enterprise's computers (conundrum, for example); and we also have rascals, etc.

PATHETIC. Starfleet security is a bad joke.

 

[Timo]

The voice can be faked today (including creating words that are not on record already).

This is not the issue. Of course voices can be faked in that sense - I can do a pretty good Mickey Mouse, say. The point is whether the fakery can be exposed. And that boils down to a rat race between forgery and analysis, with analysis in TNG enjoying a considerable advantage from "realtime updating". That is, the computer has been listening to Picard for years, in various situations, and should be able to easily tell whether Picard is saying the code phrase with his "today voice" or with a recorded "Stardate 45212 voice" that no longer is valid...

The only other variable here is how strict the computer wants to be. Overriding personal replicator safeguards to produce Stilton is probably not worth a detailed analysis - but OTOH trying to blow up the ship may be such an inherently urgent issue that it should not be delayed by a detailed analysis, either.

The retina scan can be faked, but it's far more difficult. You need more than a laptop with an installed program, a recording of a person's voice and a microphone.

Yes - you need a camera attached to the laptop. Which is fairly standard today already.

Timo Saloniemi

 

[Edit_XYZ]

Timo
There's a LARGE difference between a laptop camera and a high-performance retinal scanner or an iris scanner.
A LARGE difference between the difficulty of obtaining a good enough recording of one's voice (used daily) and a good enough recording of one's retina or iris (which requires a rather intrusive aka noticeable scan).

And one's voice can be easily faked - and quite well. Very soon (arguably, even today), the fake will be indistinguishable from the real thing - regardless of the thoroughness of your analysis. You see, your voice varies too; you will never speak the same word in exactly the same manner twice.
The same can be said of retinal/iris scans, though.

Of course, biometric scanners should not be used as the only safeguards for a capital ship; biometric markers can most definitely be faked - especially when the stake is a capital ship.


More importantly, all the above are details relating to only one instance of catastrophic starfleet security failure. One of many instances (some of which I mentioned in my previous post), proving starfleet to have laughable security.

 

[Belz...]

If the ship had retinal scans, Data would have had a way to fake a retinal scan.

Wait, how ?

By the writers saying so.

I'm pretty sure I had that part down already.

 

[TheRoyalFamily]

And I figure Trek tech retinal scanners would be more than just 2D visible-spectrum cameras. They would probably use the typical super-science stuff in tricorders, at a minimum, to take 3D images, heart rate (make sure those blood vessels are real and functional), scan to see that it's an actual eye, maybe to make sure the eye is having the correct reactions to the scan (make sure the person is alive and conscious), chemical atmosphere analysis (where applicable) to make sure the person is the right species (correct pheromones, sweat chemistry, etc), and the like. Which would be trivially easy for Trek tech, but hard (not impossible) to fake.

Though the spoken pass-phrase is probably still best. Very hard to brute-force in the way Data might with his robot fingers - one would actually have to both be able to fake the voice (easy) and know the pass-phrase (much harder, as supposedly only the computer and the proper person would know it). I would guess that every time the code is used, it would have to be changed, in case the crisis is averted.