Home Secretary Requests Fingerprint-Activated iPods

John Reid, Home Secretary, has called upon tech manufacturers to improve the security on their gadgets to help with his recent push to frustrate criminals. Inviting Apple, Sony, and several others to his crime fighting summit Reid hopes to attack the rising robbery numbers in the most recent Home Office figures.

Useless

[geek]

There is no such thing as security when you have physical access to the device. It's a useless "summit" that will do little more than raise the cost of these devices on consumers.

Re:Useless

[hey!]

Oh, I don't think that's really true.

What you have to do is make it more trouble to get around the security than the value of the device. So, if you can pin-reset the device, obviously the security measures aren't worth squat. But let's say you have to open the device, and the case is designed to break when that happens. Sure, as a geek you might no mind walking around with the guts of your gadget hanging out, but it does put a crimp on the resale value.

The real problem is figuring out effective security measures that won't bite legitimate users thousand of times more often than they bite thieves.

Manufacturers barely have the capacity to make usable devices as it is. Adding security that will thwart a thief is sure to earn them legions of incensed users.

In any case Homeland Security doesn't really want really secure devices, because one of the unauthorized parties that might want to look at the contents of your device is ... Homeland Security.

Re:Useless

[skiflyer]

It doesn't, but it's a pointless example in the case of iPods, thieves aren't trying to steal the contents of the drives, they're trying to steal the device itself.

In resoponse to the added security...

[Billosaur]

...thieves have not only been stealing the iPods, but cutting off their victim's fingers as well. Given this new threat, the Home Secretary is calling for iPods controlled by brain waves.

Why?

[morgan_greywolf]

Why fingerprint-activated iPods? So no one but me can find out what's on my iPod? (Like I care if anyone knows that I listen to Disturbed, Metallica, or Puddle of Mud?) So no one will steal it? How fast before the thieves figure out how to disable the fingerprint scanner? All this'll do is drive up the cost of iPods, as if Apple didn't already charge and arm and a leg for the things.

Revocation

[Jeremiah+Cornelius]

"I'm sorry sir. Your identity has been compromised, and we are revoking all known authenticators. Your physical characteristics are no longer valid to autheticate your personal identity. You have been added to the list of unconfirmable citizens. Please turn in your face and fingers to the Department at the earliest possible opportunity."

Revokation of Biometrics

[mwilliamson]

One of the biggest problems with biometric authentication is the lack of ability to revoke a compromised biometric key. Sure you can revoke rights based on a fingerprint, but then you've no way to use it again. Lifting fingerprints with gelatin isn't really that hard. See http://www.schneier.com/crypto-gram-0205.html#5 for more information on the gummy-bear fingerprint reader bypass technique.

Personally, I think biometrics are great as a username equivalent, but should not be relied on for authentication. There is sound reason to have (1) something you have with (2) something you know in a good authentication system. The ability to revoke and re-generate either component is needed.

-Michael

Technological solution to social problem

[kahei]

Like the endless parade of anti-IP-infringement measures, like the endless surveillance and mail-sifting programs, this is yet another result of a bunch of people facing (or creating) a social problem, and then trying to convince themselves that a nifty gadget will fix it.

And it's the latest in a long parade.

What they've got is a culture that favors the instigator, rather than the victim, in robbery, street violence, and general antisocial behavior. Here are their solutions so far:

--Cameras
--Electronic tags
--New Databases (rather like many large companies, the UK government loves greating A New Database to solve any kind of problem)
--Magic dream iPods that can't be stolen or some such rubbish

It's a simple choice -- you can either address a problem, or you can talk about how cool it would be if a gadget would make it go away.

Normalisation

[Gumshoe]

John Reid is really, really keen on keeping Biometric information for all UK citizens as part of a national ID project. Naturally enough, a large proportion of the UK population is uncomfortable with the idea. I suspect that this new idea is an attempt to encourage people into thinking that biometric identification is a part of everyday life.

As other poster's have pointed out there are other methods of protecting these sorts of devices (think of your car stereo for example) so it's reasonably clear to me at least that Reid has an ulterior motive.

Re:Brilliant!

[jfengel]

Because I can hardly see somebody trying to fence an iPod with the little proviso that you have to keep around a fake thumbprint in order to use it.

Crime is something you deter, not forbid. Slashdotters get used to security being absolute because we work with computers, where we tend to put all of our data eggs in one password basket. Security of physical objects is much more about making it inconvenient, not impossible, to steal something.