The Mentalist and Iris Readers

Eric Cole he told a story of an engagement where a security bigwig was showing off on a tour of their facility. The bigwig was very proud of his biometric iris readers that protected access to the data center. That is until Eric put his eye up to the reader and was provided access. It seems the Iris readers had a troubleshooting mode where any eye was accepted. In their implementation, no one had ever verified that the Iris reader correctly denied access. If they had they would have investigated this problem and turned off the troubleshooting mode.
I was reminded of this story this week as I watched CBS’ The Mentalist. A bored Jane put his eye in front of the reader and suddently the door that shouldn’t be opened was opened.
I blogged about Eric’s story once before in a post about a airport security