Cry To Beat Iris Scanners
Ant writes "The Register has an article on how crying beats iris scanners. An MP who volunteered to take part in the UK ID card trials says the iris scanner used is uncomfortable and made his eyes water... The water in his eyes actually stopped the scanner from working, and it seems long eyelashes and hard contact lenses could fox it too... So we're going to have a system that is derailed by a few tears and fluttering eyelashes?"
Anyway, when I go get my eyes examined, there's this machine taking a picture of my retina and blowing air into it so as to remove water. Oh and they ask me to remove my lens first, imagine!
All of the 9/11 hijackers had valid state IDs. I think about that while I'm showing my ID to the sixth person in the airport. Speaking of those guys, there was big report released last month showing that the federal TSA baggage screeners were just as incompetent as the private employees they replaced. It's all window dressing to make you feel safe enough to go out and spend your money. Meanwhile, our ports are wide open to someone slapping a stamp on a bomb.
-B
How many government trials with political backing don't get implemented?
If it goes bad, Blunkett will just say that there were issues to iron out. I can't imagine for 1 minute that he'll cancel it.
While people may joke about this technology and the whole id verification process/big brother, the fact is that its here to stay and I'd rather that flaws like this one are discovered in the initial test stages than having to spend hours proving who I am at an airport.
Furthermore, even if the biometric identifiers are not reliable enough to be able to distinguish between hundreds of millions of people in centralized databases, governments are also assuming that they can make id cards that are sufficiently forgery-proof to make "just getting a *real* id in a fake name" rather difficult.
A UK reporter was able to obtain a *real* fake ID for just over a grand. Through a network of bribes.. It's not as hard as you think..
Ask yourself this: How much do you recon they pay their staff at the passport issuing office? Now ask yourself how much that passport could be worth to someone! The math does itself.
ID cards are flawed because you can't secure a system that large. Criminals have cash to 'invest' in perverting your system.
Simon
Where I work we use these iris scanners. I wear glasses for my astigmatism and the system reads just fine through my glasses, unless I turn them perpendicular to my face. Other people who work here have to remove their glasses regardless.
Also, people will rely on the DNA database as evidence, and not do the proper police/intelligence work. Fakers will escape the net. I always remember a maths teacher telling us to apply "sanity tests". Like roughly do the maths in your head and then check against the detailed calculations. The problem with systems over humans is that this is often not done (A bit like "why didn't Saddam fire those WMDs if he had them?")
If you do a test run with 1000 individuals,and find that 4% of the subjects are identified as someone else, then you really have a problem.
If you then scale up to 1 million people, you will find that a MUCH larger percentage of people will be misidentified: There is a much larger database of people who might have an iris that to the computer looks almost the same. That's when the shit hits the fan.
The pain with biometrics is, that it is so sexy and so hyped up, that people aren't willing to look at the numbers behind it. Contrary with what privacy and security people always shout, the biggest problem isn't that it doesn't stop criminals and terrorists. The single biggest problem of biometrics is its failure rate.
If you want to roll out biometrics on a massive scale, an accuracy of 0.1 percent chance for falsely rejecting a person means that at an average large airport, like JFK, Atlanta, Heathrow means that 1 in a thousand scans fails. Now this might not sound as a big chance, but since you need to go through the biometric scanner twice, when you get on or when you get off. So this reduces the amount of people nescessary for failure to 500. Result is that with the hundreds of millions flying on a yearly basis in Europe and the US over 100.000 people might not get on or off a plane.
You might be one of them!
Use Adsense for Charity
This seems a worrying trend with biometric systems - even innocent fear/nerves cause physiological changes which can cause a scanner to give a 'no match' scenario. If biometric ID were to become compulsory, there is the distinct possibility of this problem becoming a real danger to the population.
For example, if you have some nerves or phobia about the screening process (big men with guns, what-ifs about false positives), your physiology changes, and your biometrics no longer match your card. You are therefore taken in for further questioning.
Even if you are cleared, the next time it happens, you are more nervous, and eventually this becomes a common event for you.
In extreme cases, some people's reinforced phobia would then prevent them claiming benefits, travelling, anything that the ID was required for, sine they fear the accusations and questioning.
This is similar to effects seen on the now-discredited polygraph, still in use by agencies worldwide.
For example, I always get tense going through metal detectors. This is partly due to a childhood visit to Washington from the UK, when by accident I triggered the bomb detectors on a visit to the CIA buildings. (I was about 7, and didn't realise my pocket fan would set off the detectors.) I was taken away from my parents, and searched. This is a big thing when you're seven, and now these sorts of checks make me (irrationally, I know) very twitchy.
If failing these tests due to phobia were to become a pattern with me, even if it meant I was often singled out in any sort of official process, I am sure my phobia's symptoms would increase, just driving up the error rate. Positive feedback, you see.
Once they have a database they can at least make the comparison between citizens and aliens.
Assuming that the "database" is secure against alterations. Any government using such a system will require that falsified and completely bogus identities can be created and that they be indistinguishable from real identities. It wouldn't do for someone's ID to carry metadata which equates to "undercover law enforcement". It would only require one criminal or blackmailable person with the relevent access for this assumption to be false.
Rather gruesomely, the system checked for a pulse in the iris to ensure that you hadn't got a life-size photograph...or cut off the account owner's head.
When I am king, you will be first against the wall.
Iris scanners have a failure rate of around 4% -> 7%. This is a failure to identify a legitimate person against a *previously stored scan*. I.e. the scan stored in your biometric card or the scan stored in the government database.
Fingerprint scanners have a failure rate of around 2%.
Facial scanners have a failure rate of 10+%.
Government of the people, by corporate executives, for corporate profits.
I had ops for cataracts when I was a child. As a result my pupils aren't the nice round sort the rest of you have but are sort of ragged. I wonder how Mr Blunkett's rinky-dinky little fascist scanner equipment will cope with my eyes?
Well no matter, hopefully me and the soon-to-be-missus will have emigrated to somewhere saner by the time the "voluntary" ID cards will have stopped being voluntary.
ID checkpoints will only catch the stupid criminals based on the ID itself. But even a well-trained terrorist will have trouble not showing some nerves while being ID-checked by a uniformed officer. With proper training and experience, security officers could identify a pool of people with anamolous behavior that require further watching/screening.
Of course, the TSA probably doesn't train people in behavior observation, and the employees are low-paid and not well motivated. As Bruce Schneier said on the same subject: "We're taking smart people and replacing them with dumb technology, to the detriment of security."
Here in the US, my brother tried to replace his driver's license (the de facto US identity card) because his old one was damaged. He tried to use cash to pay the fee for this (probably something like $20), but then he discovered the driver's license center would only accept a money order because the employees of the center weren't trusted to handle cash. Seriously! Our government over here doesn't even trust the people who hand out ID cards with twenty dollars of cash!
If the US hadn't spent so much on its military in the past 60 years, much of the world would be communist (in the model of the USSR) and would not have this "freedom" we now enjoy. There would still be a cold war. Countries like South Korea would be in the sad state of countries like North Korea. If we had taken that money and put it toward social services, we would curerntly have an unsustainable population because every unproductive bum in the world would come here for free health care, shelter, and food. And these bums would have a disproportinately high number of children, who inherit their freeloading attitude. But enough of thus alternate timeline.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.