<a href="http://www.linuxdevices.com/articles/AT7145548309.html">http://www.linuxdevices.com/articles/AT7145548309.html</a><br /><br />IBM and Consumer Direct Link have teamed up to produce a new Linux-based PDA, the Paron MPC. The new device combines typical PDA functionality with a Bluetooth chip, GSM/GPRS and biometric fingerprint recognition.<br /><br /><img src="http://www.pocketpcthoughts.com/images/adrian/cdl-paron.gif" /><br /><br />Of course, we're all familiar with the concept of using a fingerprint scanner in order to control access to a device or notebook PC. However, the developers of the Paron MPC foresee using the built-in scanner in a different way:<br /><br />"One expected application for the Paron is in authenticating employee access to offices, government facilities, manufacturing sites, or warehouses. Instead of swiping a badge through a reader, the employee would place his/her thumb on the Paron's small fingerprint recognition screen, and a wirelessly connected server would read the fingerprint, identify the person, and grant access if a match is found between the person making the request and the data in the server."<br /><br />Okay, that's an interesting idea; you simply use your PDA instead of a scanner that's bolted onto the wall next to a security door. But, am I the only one who sees a tremendous flaw in this setup? Why use a wireless technology that in itself introduces a security risk as a means to enhance security?<br /><br />The PDA's <a href="http://www.linuxdevices.com/articles/AT7145548309.html">specs </a> are interesting enough, and I think there may even be a market for devices that incorporate fingerprint scanners as a means to control access to the device's contents. But it seems like some of the technologies are a bit mismatched on this one.

"One expected application for the Paron is in authenticating employee access to offices, government facilities, manufacturing sites, or warehouses. Instead of swiping a badge through a reader, the employee would place his/her thumb on the Paron's small fingerprint recognition screen, and a wirelessly connected server would read the fingerprint, identify the person, and grant access if a match is found between the person making the request and the data in the server."

Okay, that's an interesting idea; you simply use your PDA instead of a scanner that's bolted onto the wall next to a security door. But, am I the only one who sees a tremendous flaw in this setup? Why use a wireless technology that in itself introduces a security risk as a means to enhance security?

Yes, if they're stupid and just broadcast the fingerprint data, someone could record that and resend it later. Even encrypting the data wouldn't help.

However, if they encrypt the date and time with the fingerprint data, it would be much more secure. If you have the timestamp, fingerprint data and a password encrypted, that seems like it would be fairly secure.

Steve

I have a feeling that they'll do more to secure it if it's used in government work :P

But, where's the benefit? You're not saving any money, because you still have to install access points. It's still be more secure and cheaper to just use a standard scanner.

I'm not really down on the device. It seems to me that this may just be some marketer's attempt to hype potential uses without thinking through the realities.

This being a Linux device, I suppose much like anything else it would not take long to hack the code so that you could still get all the benefits of all the onboard toys without the the whole finger scan, authenticate song and dance. The concept is interesting, less the brick sized - design.

This thing, brick-like though it may be, does pack a LOT of features in, some of which even the iPaq 5000 series do not (and some of which they do).

The hardware based encryption, including IPSec and VPN over BlueTooth are pretty impressive - I don't believe any PPC offers encryption in HW (meaning it's FAST).

It has dual band GSM/GPRS built-in, so you can get high-speed wireless (well, GPRS is pretty fast), AND probably use it like a phone (I'm guessing, but since it has a phone built-in, it's a reasonable guess).

Also, it has the biometric scanner like the iPaq, and built-in bluetooth, and since it runs Linux, there are literally thousands of apps that can be ported (or just recompiled) for it.

It's hard to get a good idea of the size, and without putting it next to something, we're left guessing from the screen.... So, all in all, I could see this having Vertical Market applications where there's a lot of secure data exchange, using the BlueTooth and GPRS.

Probably not much doubt that this is not a mass-market-success device here, but... interesting anyway!

i started to think that this device is adding extra complexity in the process, not eliminating it!

But, where's the benefit? You're not saving any money, because you still have to install access points. It's still be more secure and cheaper to just use a standard scanner.

I'm not really down on the device. It seems to me that this may just be some marketer's attempt to hype potential uses without thinking through the realities.

I have to agree. This sounds like a solution looking for a problem. Just because it's bleeding-edge doesn't make it a good idea.

As for the device itself, I've got nothing against Linux OS. I imagine it's probably more stable and more efficient, requiring less CPU overhead. As stated, it could be very useful for specific vertical markets.

From a consumer standpoint though, here would be my concerns about this device:

1) Even though Linux apps can be theretically ported to this device, there aren't a large number of consumer-class Linux apps available PERIOD, let alone those that would be beneficial on a handheld.

2) Fingerprint scanner INSTEAD of cursor pad? I suppose you can argue the value-add of a fingerprint scanner, but to justify providing this scanner and not providing any cursorpad seems hokey. There doesn't even appear to be any jog-dial.

That finger print scanner looks really similar to one a friend of mine developed under a company called Veridicom. They went under but sold the technology to several OEM's and that really looks like their chip design...

But, the interesting thing is that this building authentication and stuff was a large part of what the company was working on but they didn't have the resources to develope the entire system in time...