Finger Prints Are Not Passwords
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@thecreativeone91 said:
@scottalanmiller said:
@thecreativeone91 said:
@scottalanmiller said:
@thecreativeone91 said:
@scottalanmiller said:
Now read that again but replace the word "password" for fingerprint and guess what - the same security vulnerability
Passwords can be changed. No big deal.
Same deal. You can disable the use of biometrics if you know that they are compromised. The issue here is being able to shim inside the system. Once you can do that, the security game is over. Biometrics, passwords, whatever. Doesn't matter.
Yeah you go ahead and cut off your fingers, you can't change your finger prints. Disabling biometerics doesn't fix the stolen/compromised information.
How exactly does it not? If you have my fingerprints, how will you access my systems unless you have a shim already between the sensor and the security system that has to trust said sensor?
Give me an ACTUAL vulnerability here. I don't see one. I see a fear of identity being stolen, but the actual fear is in people trusting ID when there is no trustworthy sensor.
Again, you are assuming the only place these will be used is on a sensor.
No, I'm assuming your prints are public. I want an example of what you are concerned about. If you have my prints, you can't use them to access anything, anywhere. Sure, you could, in theory, set up new accounts somewhere and claim to be me, but since my fingerprints don't give you access to anything of mine, you are no different than if we had a password collision. Doesn't impact me in any way.
If I have your fingerprints I can't get into your iPhone? then I guess you're not using the sensor on your iPhone, good for you (I'm serious, good for you).
If you had my fingerprints AND you had my iPhone AND I used fingerprints for iPhone access.... how would you get into my iPhone? Are you planning to use a really intense 3D printer to print copies of my finger?
While theoretically possible, is this practically possible? There are probably far easier ways to break into my iPhone if you had physical access to it like that. Like pulling the storage out of it and brute forcing the encryption. You are talking about a pretty major security effort here, one that breaches the key rule of security - it is harder to crack than the value of the data is. Nothing is impenetrable, that's never the point. The point is to make things practically useless to break into and I think that this clearly qualifies.
When the fingerprint technology came to iPhone some group (I forget who now) showed that a print could be lifted (granted this was the toughest part - obtaining a good print) and a fake created pretty easily. The process they showed was much easier than trying to bruteforce the encryption in the phone.
Now I'll give you that the effort would probably not be worth it in most cases as the data on said phone would not be worth this effort of less than one day to achieve, but showed that it was clearly possible. The reader in the case of the iPhone makes no attempt to ensure the print is coming from a living being.
Now this makes far more sense, but I have to point out is completely unlike what the OP article is about, which is a digital shim method. Yes, absolutely, we can lift physical prints and sensors that don't do any verification are going to allow you to fake the biometrics pretty easily. This is a dramatically more "real" fear. Especially as lifting the print FROM the iPhone is unnecessary. Get it from a glass, door handle, police database, etc.
This is a much more real fear and one that exists with or without the iPhone. The only risk on an iPhone (or Android or whatever) is that someone wants to get into the device so much that they would do this. If that is the case, you need to rethink what you are using your iPhone for
All the fear of how people might use fingerprints beyond your device itself exists with or without the use of fingerprints as an unlocking mechanism.
This is also why the fingerprint is a DEVICE level unlock. You can have some pretty serious security on individual apps if you need it. Like Good Mail provides.
-
@scottalanmiller said:
All the fear of how people might use fingerprints beyond your device itself exists with or without the use of fingerprints as an unlocking mechanism.
This was my whole point, but you're right I became disconnected from the OP.
Fingerprints are to easy to fake and really provide no level of verification without at least one additional factor.
-
@Dashrender said:
Fingerprints are to easy to fake and really provide no level of verification without at least one additional factor.
Yes, fingerprints are easy to fake IF you don't trust the sensor. If you can trust the sensor (meaning that you know a human is really being tested, there isn't something fake being used, it's a real person, etc.) then they are extremely hard to fake. While possible, I'm not aware of any technology to bypass a trusted sensor. Only a blind one that doesn't fully verify what is being used. The iPhone sensor, or even pulling prints from a crime scene, is untrusted - there is no verification or attempt at verification that a real person was there or that a finger was used to make the prints, it is just a verification that you know the print in question, not that it is yours.
Although, to be fair, that's all that a passcode is too, for the most part. Now one is "public" and part of an ID and one is not, but in many cases the result is the same. When a passcode is just a four digit number, it is almost trivial to capture and replay. And there is no concept of verification making it that much more dangerous.
-
Very true, and most commercial sensors today are untrusted.
I know MS is working on technology for logging into computers (they claim that it will be part of Windows 10) that will verify that you're a real person, etc - though from what I've heard about the connectx technology - two different people walk into the room.. the XBOX think they are the same person - I'm not sure how much I trust at this point either.
-
@Dashrender I'm not sure how much I want a cached digital "signature" of my person to be floating around either (voice, face, etc)
-
@Dashrender said:
Very true, and most commercial sensors today are untrusted.
I know MS is working on technology for logging into computers (they claim that it will be part of Windows 10) that will verify that you're a real person, etc - though from what I've heard about the connectx technology - two different people walk into the room.. the XBOX think they are the same person - I'm not sure how much I trust at this point either.
Granted. No one seems to care about verifying anything about the reality of what is being read. But if we cared, fingerprints aren't perfect but pretty reliable.
-
@MattSpeller said:
@Dashrender I'm not sure how much I want a cached digital "signature" of my person to be floating around either (voice, face, etc)
And now Apple has started using your heartbeat to bio-recognize you too!
-
@scottalanmiller Fortunately my defences against that are hardened. I have a deep allergic reaction to fruity brands.
-
@MattSpeller said:
@scottalanmiller Fortunately my defences against that are hardened. I have a deep allergic reaction to fruity brands.
LOL - I follow this allergy too..
-
@scottalanmiller said:
@MattSpeller said:
@Dashrender I'm not sure how much I want a cached digital "signature" of my person to be floating around either (voice, face, etc)
And now Apple has started using your heartbeat to bio-recognize you too!
Again this is something that can be public information. I guess the reality is that we can't have any authentication tech that uses something about our being that can't be faked with enough time and advanced computers.
Passwords, public/private crypto, etc are the only things that can keep us some what secure from these hacks.
-
@MattSpeller said:
@scottalanmiller Fortunately my defences against that are hardened. I have a deep allergic reaction to fruity brands.
So here is the question, though, would you rather have no security at all (the Google watch approach) or have simple biometrics to at least keep casual people from grabbing your device when you aren't looking at the bus station? Is some security not better than no security?
And honestly, just because someone CAN hack in is no different than any security system. Having fingerprint or fingerprint + passcode on the phone AND heartbeat on the watch is a lot of security. Enough to thwart nearly any real world threat for real people.
-
@Dashrender said:
Passwords, public/private crypto, etc are the only things that can keep us some what secure from these hacks.
What does "keeps us secure" mean to you? Passwords are often easier to break than biometrics. Not always, but often. A lot of "it depends" that goes on, but for normal people, biometrics are way more secure even without trusted sensors. While biometrics are far from perfect, they aren't as bad as they are being made out to be here.
And don't forget, passwords are a form of biometrics.
-
@scottalanmiller said:
So here is the question, though, would you rather have no security at all (the Google watch approach) or have simple biometrics to at least keep casual people from grabbing your device when you aren't looking at the bus station? Is some security not better than no security?
And honestly, just because someone CAN hack in is no different than any security system. Having fingerprint or fingerprint + passcode on the phone AND heartbeat on the watch is a lot of security. Enough to thwart nearly any real world threat for real people.
Call me one of the tin foil hatters if you must, but I don't trust any company with my bio-metrics. Worse yet, they all have two of the most key ones already (voice and photo).
-
@MattSpeller said:
Call me one of the tin foil hatters if you must, but I don't trust any company with my bio-metrics. Worse yet, they all have two of the most key ones already (voice and photo).
Yup, gotta call tin foil hat. I totally understand not wanting companies to have your biometrics. But here is reality - they have them. Now, it is your choice to either leverage them and make them useful to you too, or you can let them only be useful to others.
They have more biometrics than you think. They have heartbeat, typing patterns, word patterns, cadence and much, much more. Biometrics are everywhere. They are in when you wake up, when you sleep, how you sleep, when you post, how your eyes move, passwords over time, purchasing history, etc. Everywhere.
Biometrics are what allow other humans to recognize you and read your body language.
-
I got a security talk at a high school once over a decade ago (OMG!!) At the school there was real concern about letting the kids be "online" because the Internet was this scary place and the moment you were online you were at risk. Very tin foil hat.
So I gave a talk where I took a kid from the school (someone I knew had never used a computer, never been online, was 18 and knew his parents) and demonstrated that doing a search online for the name of the high school that in 180 seconds I went from school name, to a photograph of the kid, his full name, his hobbies and activities, his home address, aerial photos of his house, a map and directions to get to his house and a list of recommended places to eat along the way.
In fact, never being online himself he had made himself more of a target because he wasn't being aware and wasn't controlling anything about his online presence. And nothing that I produced was because of the Internet, it just allowed me to do it in under three minutes.
This, I feel, is the same here. We all know that avoiding the Internet doesn't keep us safe. Avoiding biometrics for your own use does not protect you either.
-
@scottalanmiller So we should just blindly give out all our info? Trust no harm will be done? I'll pass on that and continue to be exceptionally careful about what new data of mine I introduce to the giant vacuum cleaner that is the interwebs.
-
@MattSpeller said:
@scottalanmiller So we should just blindly give out all our info? Trust no harm will be done? I'll pass on that and continue to be exceptionally careful about what new data of mine I introduce to the giant vacuum cleaner that is the interwebs.
See, that's the response that makes me feel you aren't seriously considering what all this means. Why would you blindly give out your info? And what exactly do you mean? Are you not using passwords with these same vendors? Why do you trust them "blindly" with one form of biometrics that they can trivially exploit and not another that they have no useful means of exploiting and can get whether you hand it out or not?
The thing you are reacting to, is exactly the thing that I feel like you are doing. Biometrics, like a fingerprint on my phone, means I am handing out LESS data, not more.
-
@MattSpeller said:
@scottalanmiller So we should just blindly give out all our info? Trust no harm will be done? I'll pass on that and continue to be exceptionally careful about what new data of mine I introduce to the giant vacuum cleaner that is the interwebs.
The point you are missing is that the information is mostly already in the public domain. The internet just makes it easier to search for it. You do not have to physically go to 100 different offices and look up information.
-
And thinking of "the Internet" as a big scary entity just doesn't help. It's just a network. It is still individual companies storing data. And the big ones, like the government, are the ones that are least secure in most cases (especially in the US.) There is no security worse than imagined security, that's when dangerous things happen.
You just need to be realistic. Data about you is being mined. There is data that is highly useful to someone (like passwords) and data that is effectively useless (like your fingerprint.) Sure, if you are insane you can come up with ways to expose your data in ways that would make it easy to harm you. But that's not the cases we are discussing. Using your fingerprint on your phone to log in puts you at no additional risk. If you fear that Google is stealing that data - guess what, they can steal it whether you leverage it or not.
It's not about you sharing or not sharing, it's about you benefiting or not.
-
@scottalanmiller said:
It is still individual companies storing data. And the big ones, like the government, are the ones that are least secure in most cases (especially in the US.) There is no security.
Where's Your data to back that up? Most of the Municipalities Networks are very secure. It's things like the NSA that think they are IT themselves and manage their own network as hackers (and miss lots of wide open doors) that are really at risk.