Slashdot Mirror
Biometrics Are Making Espionage Harder
schwit1 sends this story from Foreign Policy: In the age of iris scans and facial recognition software, biometrics experts like to point out: The eyes don't lie. And that has made tradecraft all the more difficult for U.S. spies. After billions of dollars of investment — largely by the U.S. government — the routine collection and analysis of fingerprints, iris scans, and facial images are helping to ferret out terrorists and immigration fraudsters all over the world. But it has also made it harder for undercover agents to remain anonymous.
Gone are the days of entering a country with a false passport and wearing a wig and a mustache to hide your true identity. Once an iris scan is on record, it becomes nearly impossible to evade detection. 'In the 21st century, you can't do any of that because of biometrics,' said retired Army Lt. Gen. Michael Flynn, the former director of the Defense Intelligence Agency.
Gone are the days of entering a country with a false passport and wearing a wig and a mustache to hide your true identity. Once an iris scan is on record, it becomes nearly impossible to evade detection. 'In the 21st century, you can't do any of that because of biometrics,' said retired Army Lt. Gen. Michael Flynn, the former director of the Defense Intelligence Agency.
He figured it out.
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
Genuine question as I have no expertise in this whatsoever...would crafted contact lenses help out here?
You don't say...
Nonsense! James O'Keefe has crossed the border masquarading as Osama bin Laden. And thousands of serious "undocumented Americans" do that without even any attempts to disguise themselves — and do not encounter much molestation neither during nor after the act.
TFA tells us, the technology to fight it is there. Now we just need the will to use it — instead we currently have a will not to.
In Soviet Washington the swamp drains you.
Am I somehow supposed to feel bad that due to the extensive tracking by Big Brother of everything that we do that all of a sudden Big Brother is having a hard time of it?
Boo fucking hoo.
You assholes created this surveillance society. You don't get to bitch when the same fucking issues we all face suddenly bit you in your own ass.
That these clowns are now stepping in the pile of shit they helped to create is too fucking bad.
Lost at C:>. Found at C.
I guarantee you that they'd barely need to anyway.
To my knowledge, nobody on this planet has an official record of my retina, and not of my fingerprint. Maybe "unofficially", as in they scooped it from something without my consent of knowledge, but I've travelled all over the world and never been required to give either.
I have a current driving licence, a current passport, etc. all the usual gubbins and have not once been required to give either of the above.
I'm sure someone will tell me some rubbish about facial biometrics and the shape of my chin, etc. but I'm not at all convinced on that either and we all know what simple cosmetics can achieve in the cheapest of TV shows.
It's not that biometrics aren't capable of doing this. It's that they AREN'T being deployed. I'm sure if I was an illegal who was getting arrested, etc. that there'd be some record of fingerprints somewhere, but I'm also pretty sure that espionage - as such - isn't hindered in the slighest because they tend to steer clear of entering countries illegally (or visibly), getting caught, and getting arrested. Because, biometrics or not, that's just not a useful thing to be doing, given their remit.
a future black market in human irises.
"Hello, Mr. Yakamoto, welcome back to the Gap."
If it weren't for deadlines, nothing would be late.
Because it sounds like you're placing nearly absolute confidence in a solution where a back-end server storing biometric template data is one compromise away from being used to make all your efforts completely useless. Gone are the days when someone intent on espionage needed a wig and fake mustache; now they can compromise your back-end server, overwrite some template data, and become a whole other person that you firmly believe should be trusted and provided all kinds of privileged access.
What you've done is come up with a system where the good guys can't change the passwords, but the bad guys can. It's among the dumbest ideas ever.
-- "Government is the great fiction through which everybody endeavors to live at the expense of everybody else."
I have a current driving licence, a current passport, etc. all the usual gubbins and have not once been required to give either of the above.
I'm sure someone will tell me some rubbish about facial biometrics and the shape of my chin, etc. but I'm not at all convinced on that either and we all know what simple cosmetics can achieve in the cheapest of TV shows.
And I have a beard and need vision correction, so it's unlikely that they could easily pick me out by the shape of my jawline or my eyes as those arguably have changed with differing beard length and style, along with different eyeglasses from time to time.
Do not look into laser with remaining eye.
I can guarantee you that they can get around rental and fingerprint scans.
It is this kind of miss-information, found in this article, that makes people and governments feel secure in their security measures... all while they are being taken advantage of and not knowing it until a decade later.
I didn't know Avis and Hertz were scanning anything...
the world needs fewer spies and more honest people.
Anons need not reply. Questions end with a question mark.
So the contact lenses with the fake iris prints don't work?
No they don't. A real iris pulses slightly as your heart beats. A biometric sensor can detect that.
http://s3.photobucket.com/user...
Get free satoshi (Bitcoin) and Dogecoins
In reality, only rarely. Geeks like to claim that security benefits are overstated, but in their criticism, they often overstate the simplicity and ease with which it can be beaten. One item of faith for many geeks is the jelly fingerprint. Yet 15 years ago I encountered fingerprint scanners that would not be fooled by that, and it wasn't exactly cutting edge tech even back then. It used a combination of pattern, temperature, electric conductivity and pressure
There are people that are pushing for systems to be accessible from just about anywhere (read Internet). We see countless headlines about systems (government and corp) getting hacked and most of us on /. realize the systems never should have been remotely accessible in the first place. Spies will be hackers or visa versa .. however you want to look at it.
Keep the Classic Slashdot.
You are a bad country if you were doing it that way. Most spies are not registerd as such. They are people who have a job in an other country and do the spying on the side.
Crossing borders is not an issue. And if they are recognised as spies, they are burned and will not be used again.
FYI, James Bond is fiction.
And even if they would want to get into a country, they can. Look at people illegaly smuggeling others and succeed. Now imagine that you somehow make those illegal people legal.
And they could even give you a new passport. Happens all the time. New passport, ID and what not.
Don't fight for your country, if your country does not fight for you.
Gone are the days of entering a country with a false passport and wearing a wig and a mustache to hide your true identity.
And here are the days when you cross into the United States through our old proxy-war torn neighbours in south and central america, or our drug-war torn border buddy Mexico. Or how about just not coming at all, and hacking from abroad. Most corporate targets will gladly sweep your efforts and activities under the rug for you, as it could have dire consequences for their stock or earnings. Our government on the other hand, the institution we intentionally shut down twice and lost two credit ratings over along with 24 billion dollars, could care less. If youre an $evil_country for us, we'll insist you did it anyway, and if you arent, we'll find a reason to implicate you in a race to divert attention from our massive domestic surveillance program and illegal prison camp in cuba.
A senior Defense Department official said the policies have changed decisions about who can travel where â" and how often. âoeIt limits your movement,â said the official, who was not authorized to be named in discussing tradecraft and spoke on condition of anonymity.
Yes, yes it does limit your movement and thats the intention. For Occupy, planned parenthood, tea party, and second amendment protestors to be part of a massive biometric dragnet means they dont get to openly speak out against the government as is their first amendment right. For you to be so frightened to tell the public this as to insist anonymity in a public office is tantamount to treason.
Good people go to bed earlier.
Wow, I can't believe this is even worthy of a post.
This is bullshit, just someone looking for more money.
First off the NSA is tapped into everything, they are already spying on all of us.
Second, the NSA can hack into any computers across the world that is storing the biometric data and change the data.
Third, you rarely have spies that no one knows about, and honestly, it's easy enough to make those. You can find someone in the twenties/thirties that have never worked for the government in anything, make some fake data about them, and suddenly have a new spy. If you keep going to the military or FBI, or those sort of people for spies then yes, it a lot easier to figure out.
Fourth, It's election years.
Be seeing you...
At least its rental not rectal...
Maybe that's the reason of that alien anal probing... biometrics!
English is not my first language. Corrections and suggestions are welcome.
Yeah! Geeks are overrated. However, as a nerd I would say you simply have to target the database instead of trying to confuse the detector. Once you very private characteristics will have been stolen, you will be in deep trouble.
Achille Talon
Hop!
Can you imagine the reaction when a TSA agent talked about having a great day at work once that new policy was implemented?
Not sure if intelligence agencies can fake out IRIS and other biometric data. Shouldn't be that difficult?
So the argument Snowden made it harder for the spies is really bullshit.
Because their own systems have made human spying impossible.
Oh come on. You are misrepresenting what they are saying. Human spying isn't impossible, it's just HARDER to do without getting noticed or having to do things in more difficult ways. Gone are the days you could just hop a commercial plane, use an alternate passport and pass though another country with little risk of being ID'ed. Now, you are more and more likely to be caught though biometrics if you are a spy.
You can still get into and out of countries unnoticed, it's just a lot harder to bypass all the checkpoints and immigration controls that you cannot risk passing though anymore. You have to take more of a smuggling approach which is harder, but not impossible.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
I guess they'll have to do it the old-fashioned way, then: sleep with someone who knows the secrets.
US spies can now change their irises.
no, you just need to get to the guards, the person scannning, or whatever human element is between you and the system. All this techno wizardry is silly. humans are now, and will forever be the weakest link.
I'm definitely interested in expert input from somebody who confuses iris scans and retinal scans.
You can "get past" an iris scan with patterned contacts, but patterned contacts are also detectable. If they're enforcing a "no patterend contacts" rule, you're going to have a very hard time going undetected.
An interesting anagram of "BANACH TARSKI" is "BANACH TARSKI BANACH TARSKI"
You have no idea as to where the real vulnerabilities are, do you?
Sad, sad, pitiful fools.
Biometrics won't save you, physical measures won't do you no good
When the humint fails, ain't no place that's safe.
Now go back and learn proper tradecraft.
-- Tigger warning: This post may contain tiggers! --
"Passengers must have a biometric passport to use the system."
No different to the UK gates which have the same facility. But nobody is under any obligation to provide biometrics beyond a photo to get a passport. If you don't have a biometric passport (i.e. almost everybody), you have to use the normal channel and not the e-gate.
And I tell you precisely how any people I've ever seen walk through the e-gates at London Stansted, Gatwick or Heathrow (considered the world's busiest airport up until very recently) for the many years they've been in place? About 0.01%. The queues in Stansted border control, in particular, can number several thousand people and STILL barely a handful will go through the e-gates and they do so voluntarily.
Last time I walked through the queue there, someone was trying to get people to use them but acting official and checking if you have an e-passport and getting you to use that queue. I said "No, thanks", and joined the normal queue. By far I was not the only person to do so.
And, to be honest, I've been through Amsterdam several times. I've never needed to pass through an airport. You can drive across the french, dutch and german borders and not even notice you've done so until your phone goes off to tell you what a text message costs in that country.
You would be wrong. Your jaw is hot, your beard is not. You can no longer fool most facial detection systems.
Good-bye
Oh no you didn't. That beard is hot, particularly the way he doesn't trim it.
Sleep your way to a whiter smile...date a dentist!
I have a current driving licence, a current passport, etc. all the usual gubbins and have not once been required to give either of the above.
I find this assertion difficult to believe. Not saying it isn't true. Just find it difficult to believe
I would say that, at the very least, you have not visited the US in the last 10-20 years.
The EU? I find it _impossible_ to believe they don't collect _some_ biometric information on its citizens. Especially for an identity type document, say a drivers license, or a passport.
Jus' sayin'
- X/Y -
At least that's what the ladies say...
> Once an iris scan is on record, it becomes nearly impossible to evade detection.
Um, not really, just the techniques change. When you have a "foolproof" method of identity, (in this case where you compare some biometric data stored in a database somewhere,) the tendency is to believe the method of identity, without once considering that everything is predicated on the database being correct.
And so, instead of wearing a wig and affecting a different accent and different posture and style of walk and all of those things Sherlock Holmes used to do when he went into disguise, you don't have to change any feature of yourself at all -- you just have to change the database. This is especially easy when your organization *owns* the data, but isn't impossible even if the imposter you're trying to field needs credentials in someone else's database.
C'mon, we're geeks. Several vectors come to mind.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Nothing magical makes technology work just for the US federal government. If technology exists, others can use it, too. What is so hard about this concept? A better question to ask is why should we trust a government that wants this ability all to itself?
You're telling me that its SOP to use high-resolution 10-12 um cutoff wavelength thermal imaging for facial recognition?
Your tinfoil hat is showing.
They can be identified and their locations revealed. You take the good with the bad.
Please do not read this sig. Thank you.
I used the biometric gates because it used to be a much shorter queue. Last time at Gatwick I was dismayed to see I actually had to queue, and most of my friends now have and use a biometric passport.
In my experience it's a minority, but nothing like 1 in 10,000. In the past couple of years the queues have gotten a lot busier.
You really haven't been paying attention, have you?
And you know it.
-- Tigger warning: This post may contain tiggers! --
Which is likely exactly what this whole story is really about. It seems a likely bet that the NSA has hacked some key biometric databases and are looking to protect this hack for as long as possible with some military knob running around spreading PR=B$ about how secure biometrics are and how they can not get around it. These asshats would not admit the sky was blue unless they had a specific reason and advantage in doing so, otherwise they would continue try to obfuscate it's existence. So at a bet, a bunch of American criminals are running around the world doing something quite naughty at this time, hiding behind falsified biometric data. I wonder which countries, have started using more biometric security (compromised at it's core) and in which locations. Just like them monitoring and recording all US post and parcels.
Chaos - everything, everywhere, everywhen
I agree. I always think the opposite when a spy opens mouth :D
Possibly the fight has moved the playing field.
Somebody, somewhere has no eyes. Old people have worn out fingerprints. Because of this there's a way round it. And, of course the battle just moves to compromising the databases.
In a few years time we might find out more. Shame not to know now bit with spooks you just got to get used to curbing your curiousity all the time.
A blog I run for the wealth
Mossad are alleged to have done exactly that with a group of people involved with an assassination in Dubai a couple of years back. A few countries were a bit annoyed at having their passports faked by that group.
I last visited the US in 2008.
I hold a full UK driving licence and have done since about the same time (I didn't drive until late in life).
I've held a full UK passport my entire life.
I freely travelled throughout Europe several times in the past few years and my girlfriend and I go to her home in Italy several times a year.
** Neither of us have ever given those biometrics to get the paperwork necessary.**
As I say, the closest is a photograph taken in a standard photo booth that they say is used for "facial recognition". That was necessary for my last driving licence/passport (shared system) and for her UK driving licence (she has an Italian passport - no biometrics).
The EU and the UK are - contrary to popular US belief - nowhere near as 1984 as you think we are. I have driven, on one journey, through six countries and only stopped once to buy a sticker for the car to allow motorway travel (paid in cash, at no point had to present ANY documentation to cross borders or use roads whatsoever).
My brother does not even have the driving licence or passport. He has ABSOLUTELY no photographic or biometric form of identification whatsoever. He opened a bank account with a birth certificate and an employer's letter just recently.
Sorry to disappoint you, but this is the norm over here in the UK. The last national ID card scheme was SCRAPPED because it was voluntary, so few people signed up and the cards were disabled, the data deleted and the scheme abolished. An official UK government identity scheme.
You can, of course, talk about how many CCTV cameras we have and how free you are. But that's just ignoring simple facts. Hell, I don't even go out of my way to avoid biometrics, but it's entirely optional and voluntary over here. The same throughout the majority of the EU.
We pay tax, I'm 100% legitimately British, my girlfriend is Italian with settlement rights in UK due to EU rules, we exist as normal citizens (natural citizen in my case). And I'll state again - THERE ARE NO OFFICIAL RECORDS OF ANY BIOMETRIC FOR ME. Except possibly one photograph that *I* took in a photo booth.
I don't know about you, but the Texas' DMV has my right thumb print. Granted that one is 15 years old, but more biometrics are collected than you think; especially in the US. Maybe THAT is the problem, US spooks can't operate properly because the US collected key biometrics and now other countries have the data. Other countries don't have the problem, since they did not collect the data in the first place...