Swallowing Your Password
HughPickens.com writes: Amir Mizroch reports at the WSJ that a PayPal executive who works with engineers and developers to find and test new technologies, says that embeddable, injectable, and ingestible devices are the next wave in identification for mobile payments and other sensitive online interactions. Jonathon Leblanc says that identification of people will shift from "antiquated" external body methods like fingerprints, toward internal body functions like heartbeat and vein recognition, where embedded and ingestible devices will allow "natural body identification." Ingestible devices could be powered by stomach acid, which will run their batteries and could detect glucose levels and other unique internal features can use a person's body as a way to identify them and beam that data out. Leblanc made his remarks during a presentation called Kill all Passwords that he's recently started giving at various tech conferences in the U.S. and Europe, arguing that technology has taken a huge leap forward to "true integration with the human body." But the idea has its skeptics. What could possibly go wrong with a little implanted device that reads your vein patterns or your heart's unique activity or blood glucose levels writes AJ Vicens? "Wouldn't an insurance company love to use that information to decide that you had one too many donuts—so it won't be covering that bypass surgery after all?"
The problem with this, and biometrics in general, is that there is only one you.
You can't revoke your "vein pattern" any more than you can revoke your fingerprint. Using your same biometric information for everything has the same pitfalls as using the same password for everything, and you are just one sketchy gas station away from someone getting a copy.
If you are going to implant something, why not implant a challenge/response system with a public/private key and strong cryptography, like you know, we've been doing on the internet with a good amount of success. A random very large number is just as good as any biometric information, and at least you can change it.
Gives new meaning to "I can't find my password in all this shit"
by just swallowing this free, little pill.
This has the same problem as any exclusively biometric technique -- the user can be compelled to give up their "password" merely by being physically present. "Something you have" can be taken, even if it's your still-living (for now) carcass. "Something you have" should always be supplemented with "something you know".
The summary rightly brings up privacy concerns but I'd also be concerned about the security of the transmitted data. Like RFID, the information can easily be snooped, and would have to be appropriately encrypted to be useful as credentials.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
or at least considering ID more like dogs. Really. I can just hear the 'mark of the beast' stuff out of the religious right heading this way. Biometrics have limits just like any other technology. I agree with what has been said in prior debates about this stuff. Perhaps the biometric data can be used as a public/private key system, with safeguards built into it, but changeable as needed to address advancements in hacking by individuals driven by greed, etc. This is the only deterrence we have left when it's all broken down into ones and zeros.
Badguy 1: "We need his fingerprint to break in"
Badguy 2: "Cut off his finger then!"
Badguy 1: "We need his heartbeat to break in"
Badguy 2: "Cut out his heart then! We've got a machine to keep it beating after removal."
Or someone gets out a tape recorder and records your heartbeat.
Biometrics are only good so long as the device that reads your pattern is "honest." If you have to inject a device to read your biometric patterns, you could just as easily inject a device that pretends to read your biometrics, but actually copies someone else's.
from demolition man???
https://youtu.be/CbM--4-z0cs?t...
As a potential lottery winner, I totally support tax cuts for the wealthy
At best stomach acid is the electrolyte.
grumble grumble.
"Wouldn't an insurance company love to use that information to decide that you had one too many donuts—so it won't be covering that bypass surgery after all?"
Wouldn't that have to be spelled out in the policy wordings when the policy is taken out or renewed?
The heart bypass operation must be covered under the ACA (aka Obamacare). Insurance companies can no longer discriminate based on pre-existing conditions and can no longer impose a lifetime coverage cap.
That is not to say that the implant idea is a good one for a number of other reasons.
Like a good neighbor, fsck is there
And put it into a pipe. Unless it's really big and nasty, then the garbage collector has to dispose of it.
I know you young kids don't read the bible anymore, so let me quote something from Revelation for you.
"Also it causes all, both small and great, both rich and poor, both free and slave, to be marked on the right hand or the forehead, so that no one can buy or sell unless he has the mark, that is, the name of the beast or the number of its name. This calls for wisdom: let the one who has understanding calculate the number of the beast, for it is the number of a man, and his number is 666."
46137
How do you plan to make it secure? What would stop anyone from just reading the information off it? Can you even CHANGE the information on it? If yes, how do you prevent people from hacking it? How do you ensure it's not going to get lodged somewhere and become impossible to remove? Who will get to dictate the standards for how these things communicate? How do you revoke these things - that is, what happens if your internal information becomes public? Why are you measuring things that change with exercise or what food you eat, and are therefore never predictable? How do make sure that two people don't share the same sugar levels? How could you possibly imply that fingerprinting is "antique"? Fingerprints haven't changed at all in our human history. He's implying it's a product that is replaced every year.
The only thing that is "antiquated" here is this executive's buzzwords, which they clearly haven't put very much thought into.
"Set a man a fire, he'll be warm for the rest of the night. Set a man afire, he'll be warm for the rest of his life."
Many people don't have access to medical care now. What insurance company would pay for this? Their business model is to make money, not to care for patients.
So, how exactly do they propose to recover from a compromise of these kinds of systems where it's impossible to change the authentication data? And these systems will be compromised, history has taught us that. At least with a password or a certificate carried in a two-factor dongle I can change/reissue it and what the crooks have is no longer valid. I don't like systems whose failure mode in the event of a compromise is catastrophic.
Is the NHS. Universal heathcare is far from perfect, but it's also just the right thing to have in a first-world economy. Then you stay healthy for the right reasons, not because your insurer will abuse information about you.
She just grabs it from the table and slowly creeps up behind me and pushes it gently onto my thumb, and then runs away with an unlocked phone when i notice it...
The value of a password is that it is locked away in MY BRAIN until I choose to use it. These are not passwords, and neither is the button on an iPhone.
Good thing for the ACA that bands insurance company from doing stuff like. But guess what GOP letting the ER or even the jail / prison take up the slack when you get rid of the ACA will cost more then medicare / medicaid for all.
Not allowed under the ACA smokeing is the only thing they can bill you more for.
* If there is some allergic reactions workers comp may have to fit the bill to deal with it. Also the injury lawyers may also sue on half of the victim as well.
* religious rights lawsuits over this Mark of the beast / Shabbat? / others
* ownership issues?
* Who pays the costs
I'm all for interesting implants, but how much could we trust them?
"Laputan machine", anybody?
When I shit the thing out, do I have to eat it again?
What if I left my body at home?
"I'm sorry, ossifer. But my car's transponder is powered by ethanol."
Have gnu, will travel.
This will result in unique identification of people. It is not for passwords, it is for identifying.
For authentication, you need a password or passphrase. Something that can be independently chosen, changed, and rotated.
with the mark of the Antichrist needed to buy or sell.
Now I ask you, in this day of surveillance, digital money and computerized oppression does that really seem all that far fetched?
"If any question why we died, Tell them because our fathers lied."
Now determined hackers will literally spill your guts to get what they want.
So let's everyone swallow a chip that constantly identifies them! That's how we can get those dirty stealing bastards!
When the copyright term is "forever minus a day", live every day like it's the last.
The biggest issue is that people taut these implanted devices as "safer" than any other alternative. Most of us here can see through the gag, but when they market to the masses will your great aunt have the same ability to know? Perhaps not.
Most here know that "Strong" authentication requires at least 2 of 3 (something you know, something you are, something you have) and not just one of them. Security experts prefer the something you have over something you are, because we can control and monitor that thing. Something you are can usually be forged easier than a Yubi/RSA key, because high grade biometric scanners are extremely expensive.
IMHO this is just the latest crazy attempt to get people implanted. Let's not kid each other, that is the goal.
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
I'm guessing that ten minutes after this is possible, it will be mandatory.
You might not get a choice. Especially if you get arrested.
Sig Battery depleted. Reverting to safe mode.
E, you're embeddable
I, you're injectable
M, you're a meatbag full of tech
systemd is Roko's Basilisk.
I believe the idea is that they are 'single-use' devices, so...you get to keep buying new ones for the rest of your life, otherwise you are locked out of everything.
Now there's incentive...do you buy groceries and eat outside, or buy a new password and go hungry. Or dig through your shit and be disgusted.
And they'll make sure it corrodes from acid in your digestive tract so you can't fully 'reuse' it...
Sleep your way to a whiter smile...date a dentist!
Additionally, biometrics are subject to change (e.g. accidents, illnesses).
You're a temporary arrangement of matter sliding towards oblivion in a cold, uncaring universe
Is that considered a "password leak"?
I only look human.
My mother is a halfling and my dad is an ogre, so that makes me an Ogreling
Better to live in a country, where you don't need health insurance to get treated.
the automotive related intertubes discuss a new method of auto thefts which hypothetically involves using some sort of RF amp or repeater or such to amplify the signal from your key fob in your house to make your car think you're standing waiting to get in, for those cars which are nice enough to automatically unlock when you approach without buttons to push.
Star Trek transporters are just 3d printers.