Slashdot Mirror

← Back to Stories (view on slashdot.org)

Biometrics Win Support From the Lazy

Posted by ryuzaki0 on from the i-have-to-use-my-finger-to-type-pshh dept.

judgecorp writes "We're used to discussions about privacy and security, but amongst users, the real issue is ease of use, according to a survey by Unisys. It's not a huge sample, but ten percent of the users in Asia were happy to be chipped and have done with it." From the article: "Frost & Sullivan security analyst James Turner said while speed of identity verification may be driving people's acceptance of biometrics, the key issue is that biometrics can be a security block, rather than an enabler. Turner added that what is more important in the smartcard debate is ratifying exactly where the identification data is stored. "

36 of 124 comments (clear)

  1. Man I hate having to type in my /. password. by Whiney+Mac+Fanboy · · Score: 3, Funny

    I wish there was someway for me to use a fingerprint scanner or embedded RFID - that way I could get first post! ;-)

    --
    There are shills on slashdot. Apparently, I'm one of them.
    1. Re:Man I hate having to type in my /. password. by Znork · · Score: 2, Insightful

      Just do with your password like you do with your fingerprints:

      Attach it written on a postit note to every cup of coffee you touch.

      I'll bet that you (or some random stranger being 'you') will get that first post soon enough.

    2. Re:Man I hate having to type in my /. password. by jamshid · · Score: 2, Insightful

      Yup, it really worries me that we're fighting a losing privacy battle, at least in the US. Let's face it, most people would implant an RFID chip that broadcasts their social security number for a 10%-off coupon at Wal-Mart.

      We have to educate people about what it means to provide information to a corporation that can be used as a key into other databases.

  2. Where the chip is best stored... by parasonic · · Score: 2, Funny

    ...is in the body area most likely to be guarded.

  3. The problem being... by Churla · · Score: 4, Insightful

    I don't want an RFID which simply spews out "yes this is Churla" to any device requesting my identity because that it far too easy to spoof. Anything transmitted is just a transmission and on the most basic level can be recorded and rebroadcast by someone else.

    This brings around the point that you would still need a second means of authentication anyways. meaning either a password/code to enter that you knew, or possibly some biometrics like fingerprints/retina scans. I don't trust facial geometry scanning because it also is dupable easier than stealing a retina.

    --
    I'm a fiscal conservative, it's a pity we don't have a political party anymore
    1. Re:The problem being... by jimicus · · Score: 3, Insightful

      I'm still not convinced that the will exists. With strong keypair-based encryption, unless the RFID has enough intelligence to generate its own keypair, something else is going to have to do that and copy the keys onto the RFID chip.

      And you just know someone will keep a copy of all the generated keypairs, and a whole bunch of them will be stolen.

      All these are resolveable, technical issues. But they're the kind of thing that gets resolved by academics dedicated to perfecting the theory, not the kind of thing that gets resolved by a company dedicated to getting the per-chip cost down to a fraction of a penny.

  4. the real issue is ease of use... by Grrr · · Score: 5, Insightful

    Mold the technology to the users, not the other way around. Check.

    < grrr / >

  5. Turn it off? by joke_dst · · Score: 5, Insightful
    The main issue I have with putting chips under my skin is that I can't take it out whenever I want! If there were a convenient way to turn it off I might do it...

    (But carrying around a device for turning it off kind of circumvent the whole idea... Then i could just carry an ID card with an off switch instead)

    1. Re:Turn it off? by Stradenko · · Score: 2, Funny

      Chip your hand and wear a nice set of wire-mesh gloves. Put some leather around the wire-mesh and you'd be borderline fashionable.

    2. Re:Turn it off? by MrHeartbreak · · Score: 2, Funny

      Wear a glove everywhere? Kewl!

      Trendy, just like Michael Ja... oh, wait.

      --
      Don't drag me into your petty squabbles.
    3. Re:Turn it off? by Epistax · · Score: 2, Interesting

      How about instead of implanting chips, which can break or become obsolete easily, we implant something that can hold the chips? People get implants all the time which result in things like tubes sticking out, perhaps to regulate pressure or allow draining of some liquid. Pretty disgusting, but life saving.

      Well how about an implant that (is hopefully not nearly as disgusting) which allows a chip to be slid in place or out of place? The implant could be a tiny flap of sorts which allows a film to be placed between it and you. That film would be a small flexible chip. Some sort of electric pulse could form an ejection system for removing the chip.

      Now I don't know the exact physics of it, but I don't see a problem with it. Any number of ejection mechanisms could easily be tried. The only concern I'd have is infection, but someone out there is bound to have a solution for that, as well a solution to skin completely growing ontop of the device.

  6. Morbidity by Billosaur · · Score: 4, Insightful

    Mind you... if all they need is a fingerprint and/or data from your RFID implant, a crook wouldn't even need you alive. The RFID chip would supposedly keep working for a while and fingerprints don't depend on you being alive. Retinas would be a different story, since they require a constant blood flow, though I'm not sure what the decay rate is for retinal tissue when you die.

    Food for thought.

    --
    GetOuttaMySpace - The Anti-Social Network
    1. Re:Morbidity by BigChiefMunkey · · Score: 2, Interesting

      While this is true, I believe you are on the right track with the retinas. The 'pattern' that they are recognizing is the random pattern that the blood vessels make on your retina. No blood circulating/inflating those vessels..

      There are also technologies out that address this specifically with blood vessel patterns in your fingers as well. Although I'd have to think that these would be less accurate than retinas.. You'd think that there more capillaries in your eye than your fingers (although you certainly have a lot of nerve endings and blood in your fingertips.)

      Still, all that being said, it is more useful to have 2-factor identification anyway. SomethingYouHave and SomethingYouKnow. Not one or the other, etc.

      -bw

  7. Wait a minute... by bensafrickingenius · · Score: 4, Insightful

    "ten percent of the users in Asia were happy to be chipped and have done with it."

    Is being "chipped" biometrics at all? Or am I being a semantics Nazi?

    --
    I am not left-handed, either!
  8. Repeat the Story Enough by mpapet · · Score: 3, Insightful

    times and people will believe it.

    Unisys has the most to gain by selling this story. They do these kinds of projects on a regular basis.

    I'd be interested to hear how many of their smart card projects actually worked as promised.

    --
    http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
  9. Why implants? by XxtraLarGe · · Score: 3, Interesting

    Why not simply embed a password in a chip on some jewelry like a bracelet or a ring? Something you can take off if you need, and will be aware of if it is missing. Then have a system to deactivate it if it does come up missing or stolen. I for one don't want to have anything implanted in me unless it's a matter of life or death, but I guess the sheeple don't have as much of a problem with it :-(

    --
    Taking guns away from the 99% gives the 1% 100% of the power.
  10. Who needs RFID? by thebdj · · Score: 3, Insightful

    RFID isn't lazy. This would be the ultimate in lazy and simple. Of course, it would be fun if things start happening randomly once your mind starts to wander.

    --
    "Some days you just can't get rid of a bomb."
  11. Excuse me? Lazy? by Otter · · Score: 5, Insightful
    from the i-have-to-use-my-finger-to-type-pshh dept.

    I don't think the users are sick of having to type -- they're sick of the situation created by lazy-ass admins who think that you create security by having 30 different accounts, each with >8 characters, with mandatory uppercase, lowercase, numerics and punctuation. Oh, and they all have to be rotated at 60 day intervals and it's easy because you just make up a little story about each of your convoluted passwords, remember all 30 of them and make up a new one and forget the old one every time you change the password!

    I just had to change and lengthen my purchasing account password because, y'know, there's a huge problem with h4x0rs ordering office supplies in my name. I'll tell you where I'd like to implant an RFID chip...

    --
    What I'm listening to now on Pandora...
  12. Hello, Mr. Fragmentate, Welcome to Wal-Mart by fragmentate · · Score: 3, Insightful
    There was that one movie with that one guy that eats placentas... uhm... "Minority Report".

    I already don't like when they read my credit card and say, "thank you Mr. Fragmentate." Actually, I don't really want them talking to me in a personal manner at all.

    You just know that eventually they'll always just know where you are. "Shame on you Mr. Fragmentate... an NC-7 movie? Tsk." I find it hilarious that a good portion of the people recently surveyed by my company about the "evils of browser cookies" were willing to have an implant in their body, but absolutely would not allow cookies.

    I don't get it. A harmless text string implanted on your hard-drive that can track you quite anonymously (the net only knows what you tell it) and that you have direct access to; versus a device implanted in your body that you have absolutely no understanding of, or control over.

    It's not THAT hard to whip out the driver's license or state-issued ID. I know they're not "secure" but this article isn't talking about security -- it's talking about convenience.

    --
    My ZooLoo
  13. Re:is it who the chip says it is? by voice_of_all_reason · · Score: 2, Funny

    The career chip police. You gotta do what ya gotta do.

  14. Well of COURSE they don't care.... by Khan · · Score: 2, Funny

    ...that's because they are godless heathens! ;-)

    --

    "Klaatu, verada, necktie!" -Ash

  15. Famous quotation by caluml · · Score: 4, Funny

    Wasn't it Abe Lincoln that said: "Those that would be be lazy and get an RFID chip inserted into them deserve no privacy - who shot me?"

    --
    Get your own free personal location tracker
  16. After reading the demo in Wired 14.05... by jpellino · · Score: 2, Informative

    ...where Jon Westhues cloned an implanted VeriChip (the only FDA approved chip on the market) in 10 minutes with a homebrew device, NO CHIP FOR ME!

    --
    "Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
  17. Communism by armyturtle · · Score: 2, Insightful

    100% of those 10% surveyed are probably not accustomed to the normal daily freedoms we have as Americans. If you survey 10% of people in China who are used to being oppressed by their government I'm more than certain they'll be more accepting to this idea than 10% of Americans. I hate one-sided/slanted polls because not everyone can think for themselves & there are those who are prone to take a poll for gospel.

    --
    Wherever you go, there you are. :D
  18. I'm lazy by tezza · · Score: 4, Funny

    I would have voted against biometrics, but never quite got around to it.

    --
    [% slash_sig_val.text %]
  19. Chiped off!!! by pedalfreak862 · · Score: 2, Interesting

    The problem was stated in another article where people with laptops are stealing cars with keyless entries. Just think what they could do if they stole your chip info and could access not only your car but every aspect of your life.

  20. Security without Usability = Insecurity by cheesedog · · Score: 2, Interesting
    I'm a big fan of the thesis recently popularized by O'Reilly's "Security and Usabilty: Designing Secure Systems that People can Use", which is this:

    If you implement theoretically secure designs, but they suffer from usability problems, you'll end up with a system which is neither secure nor usable.

    If, on the other hand, you design your security/authentication mechanisms with usability as a key concern, you'll end up with usable, secure systems.

  21. Easy means wrong application. by LeDopore · · Score: 2, Insightful

    I've had my credit card info stolen when the swipe machine at a Kinko's was hacked to record everything. That very night I got a call from VISA regarding suspicious account activity; my card was deactivated and they sent me a new one in the mail.

    Imagine if I were using a retina or fingerprint scanner instead of a credit card. Replacing my retina/fingerprints isn't nearly as easy.

    Biometrics mean you have once chance to keep your identity safe. Afterwards you're screwed for the rest of your life. For this reason I don't think biometrics is going to replace the authentication methods we already have: after a decade of using biometrics, half of us will have had our biometric information stolen and will be back to cards anyways. I'm going to beat the rush and stay with cards now ;)

    I *can* think of one potential good way to use biometrics: imagine if your drivers licence, etc, contained a jpeg file of your face that's been digitally signed by the issuing organization. That would make forgery much harder.

    In summary, I think biometrics can work for applications where you don't care who sees your identifying info, but for any application where you would need to keep it secret, forget it. Not even good for the lazy.

    --
    Expected time to finish is 1 hour and 60 minutes.
  22. Religious Issues with Chip? by RexRhino · · Score: 2, Interesting

    I am athiest, so I am not really sure... but wouldn't Christians be upset by being chipped? Doesn't it make people nervous about the whole "Mark of the Beast" thing? I would think that the whole issue of implants would be a non-starter in the U.S., and probably many parts of Europe. But maybe Christians don't mind, if it is implanted in their butt, or their foot, or elbow, or somewhere other than their forehead or right hand. Or maybe Christians don't mind, because in modern U.S. politics the Christian-right supports a lot of things forbidden in Christianity (war and military service, death penalty, etc.)

    Seems to me, using fingerprints, or retina scans, or some other "god given" form of ID would be more socially acceptable to Christians... and not really any more difficult to implement than an implate. And it would be harder to fake a retina or fingerprint than a chip.

    1. Re:Religious Issues with Chip? by RexRhino · · Score: 2, Interesting

      It is not a flamewar with me, because I don't really care that much about what the rules in Christianity are. But before the Roman Empire adopted Christianity, early Christians would choose to die rather than participate in military service. The whole "Turn the other cheek" and "love thy enemy" thing seems pretty clearly pacifist to me. Even when Jesus was going to be murdered, his disiples were forbidden from saving him.

      And when it comes to the death penalty, you can look at the story in the Gospel of John, when the adulterur was to be killed by stoning, and Jesus said "Let him who is without sin cast the first stone".

      After Christianity was adopted by the Roman Empire, Christianity was kind of re-interpreted to support the goals of the Empire. But I think you have to seriously stretch the message of the Gospel in order to come to the conclusion that Jesus would approve of military service, war, or the death penalty.

      You could argue maybe that self-defense is justifyable under Christianity, but there is a big difference between having a military guarding U.S. borders, and launching a full scale global offensive as the modern Christian-right tend to support.

    2. Re:Religious Issues with Chip? by RexRhino · · Score: 2, Interesting

      I wasn't singling out Christianity for not supporting putting chips in people... Or for selling out their religion (which everyone seems to do nowadays) I was saying that Christianity would be the deal breaker. If the vast majorty of wealthy people in America and Western Europe refuse to get a chip, then it doesn't matter what poor people in the middle east will do - because they aren't the big market for financial services. It is the middle class (largely Christian) American or Western European who will really decide on the fate of installing chips into people for ID.

      I was also speculating if the Christian Right would be for or against chips though. The Christian Right tends to support all sorts of state interventions that don't have anything to do with Christianity - such as the war in iraq, death penalty for drug dealers, rounding up and deporting imigrants etc. Would the Christian Right be against chips on the fact that they are "the mark of the beast", or would they go along with it if some "conservative" leader promised that it was for stopping terrorists, or stopping illegal immigration, or something like that?

      But perhaps you, as a Christian, can answer my questions/speculation.

      1. Would the typical American Christian be opposed to using implanted chips as ID for religious reasons?

      2. Would it be OK, from a biblical standpoint, to get a chip in your buttocks, or elbow, or foot, or some place that clearly isn't your right hand or forehead, as it mentions in revelations? The book of Revelations is very specific. Will you be saved if you get a chip implanted in your left thumb?

  23. This is a people challenge with a people solution. by Smoodo · · Score: 2, Insightful

    I am constantly surprised by all of the security efforts and fads that come and go. I have observed that security is usually lighter where people know and trust each other and is more complex where people do not know each other. Perhaps security experts would do well to consider how we could improve the relationships we have with people around us.

  24. It's NOT ease of use by i+am+kman · · Score: 3, Interesting

    I was pretty deeply into the smartcards and biometrics business 7-8 years ago and they had VERY cheap ($2/keyboard on a keyboard) and VERY easy to use embedded keyboard scanners (as well as separate). We built prototypes for folks to easily to computers and web accounts, but it didn't really take off.

    Why? Users don't really care - even for bank account logins. Passwords work well enough. Also, everyone 'says' they'd LOVE biometrics, but when you get down to capturing their electronic fingerprint, they start to get nervous.

    It's rather like smartcards. While they're superior to credit cards, the credit card system in the US is mature, ubiquitious, integrated, and simple enough that most consumers wouldn't really get a huge benefit. I don't think most identity theft comes from stolen passwords.

    Same with biometrics - the technology has been around for 10 years and it's made some headway into niche applications, but it's not going to explode anytime soon unless WalMart or banks requires everyone to use it.

  25. Where, where, where is Waldo? by Dark+Coder · · Score: 2, Insightful

    Yeah, right... Where do we put the identification metrics and how is it kept in check from unauthorized usages?

    You have your basic triage of information:

    1. Consumer/User/
    2. Merchant/Provider
    3. Arbitrator/Mediator/Authenticator

    Each MUST be able to revoke one of the other two for such a successful system. Right now, the biggest problem in today's computing world is the consumer/user cannot revoke.

    Without user revokation, the system is ineffectual against abuse (i.e., identity thefts, innocent arrest records, stuck with a Social Security Number)

    What is needed is a 3-way public key exchange algorithm (can't even find that in Google).

  26. But you know... by east+coast · · Score: 2, Insightful

    Biometrics Win Support From the Lazy

    This is the same reason that beers with twist-off caps is so popular too.

    --
    Dedicated Cthulhu Cultist since 4523 BC.
  27. Biometrics != Chipping by Ernesto+Alvarez · · Score: 2, Insightful

    The idea behind biometrics is that some autentication device detects some characteristic of your body that's not easy to forge. The response of a RFID chip however, would be relatively easy to fake, and the intruder would not have to be himself chipped.

    Chipping is no more than a fancy way of carrying an access card, a poor substitute for biometrics (really NOT a substitute). And even if it were a perfect substitute, biometrics is not a good method under some circumstances (like remote logging: was that someone speaking his passphrase on a microphone, or just a recording?).

    Decision makers should leave the mothod of authentication to the experts (sane ones, excessive paranoia is detrimental too).

    --
    GPG 0x1B479C78