Japan Researchers Warn of Fingerprint Theft From 'Peace' Sign

Tulsa_Time quotes a report from Phys.Org: Could flashing the "peace" sign in photos lead to fingerprint data being stolen? Research by a team at Japan's National Institute of Informatics (NII) says so, raising alarm bells over the popular two-fingered pose. Fingerprint recognition technology is becoming widely available to verify identities, such as when logging on to smartphones, tablets and laptop computers. But the proliferation of mobile devices with high-quality cameras and social media sites where photographs can be easily posted is raising the risk of personal information being leaked, reports said. The NII researchers were able to copy fingerprints based on photos taken by a digital camera three meters (nine feet) away from the subject.

Slashdot has malicious ads

Fix your fucking website already

Re: Slashdot has malicious ads

Slashdot has ads?

Re:Slashdot has malicious ads

[Hylandr]

You're not running ad-block pro?

Tsk, Tsk.

Re: Slashdot has malicious ads

I am running a bad lock pro.

Re: Slashdot has malicious ads

[Buchenskjoll]

I'm running bad luck, bro.

Re: Slashdot has malicious ads

I am running a mad cock pro.

Re:Slashdot has malicious ads

[ckatko]

Isn't Adblock Pro the one that sold out?

Pretty sure uBlock Origin is one of the few that isn't whored-out these days.

Re:Slashdot has malicious ads

[Hylandr]

I don't pay anything, and I turned off the 'tasteful ads'.

Re:Slashdot has malicious ads

[omnichad]

I'm not sure they sold out, but they were never really against ads in the first place. They were against dangerous/intrusive/annoying ads but still understood that ads pay for things and sought a fair compromise.

Re:Slashdot has malicious ads

Adblock Plus is just fine. You do realize you can untick the checkbox that says "Allow some non-intrusive advertising", right?

Re:Slashdot has malicious ads

[PrimaryConsult]

That is why I still use Adblock, and allow the unintrusive ads.

That said I have a few disagreements with what it finds unintrusive. Wikipedia ads are IMO intrusive, as are those ones that pop up a few minutes after you start reading an article or webpage and grey out the page.

Hippies Lack Fingerprints

Years of burning their fingers on the glass bong have rendered this technique ineffective.

Re:Hippies Lack Fingerprints

Years of burning their fingers on the glass bong have rendered this technique ineffective.

Get with the times man. The only time they're burning themselves is when the vape pen battery explodes in their face, so perhaps facial recognition will be rendered ineffective...

Re:Hippies Lack Fingerprints

Years of burning their fingers on the glass bong have rendered this technique ineffective.

And the old technique of lifting prints off the bong with powder and tape, which is much easier to do, renders this new technology obsolete.

Re:Hippies Lack Fingerprints

[Comrade+Ogilvy]

I have been drinking out of a bottle wrapped in a paper bag for years, just to be safe. Screaming at people enough to keep them more than 3 meters away is a cinch. What's the problem?

Re: Hippies Lack Fingerprints

No glove, no love.

I learned that from Futurama.

Re:Hippies Lack Fingerprints

brilliant! Why didn't I think of that!

Re:Hippies Lack Fingerprints

[LynnwoodRooster]

So that's YOU that I see every morning at the Hyde street exit of Civic Center stop in San Francisco... Can you code?

Re: Hippies Lack Fingerprints

I learned it from Highlander 3

Re: Hippies Lack Fingerprints

I learned it from Michael Jackson.

What's the problem here?

Fingerprints and other biometric information should only be used for identification and not for authentication.

Re:What's the problem here?

[Calydor]

Is there really a difference today?

Sigh.

[ledow]

Fingerprints are not used for authentication, right? So it's not a problem, is it?

Even the kids in my school get this - you do have to explain the first time but then it's obvious to them.

Where do you write down your password? Almost nowhere (some of our kids have password in their planners and things like that, but they have no access anyway).

Where do you leave your fingerprint? Everywhere you go, on everything you touch, including the device you're logging into, and every device you've ever logged into.

Though we don't get high-level attacks, I feel that users need to only have this explained once to question the James Bond etc. concept of using fingerprints for doors, high security facilities, etc.

The fact that cameras are at the point that you can photograph someone's fingerprint? That's been true for a little while. That means that Trump / May / whatever leader's fingerprints have basically been public-domain for the world's spies for many years. Hence you should be SERIOUSLY questioning use of fingerprints as anything more than convenience or casual use.

Re:Sigh.

[JanneM]

Finger prints are fine for identification, not verification. They're your username, not your password. If you do use them like that they are not dangerous.

But of course nobody does; US, Japan and other countries all use fingerprints to verify the password identity for instance. And as a result they catch multiple people here in Japan every year that entered the country with fake fingerprints. And since they just catch people that happen to get arrested for some other reason, it probably means there's hundreds entering the country using other peoples' ID and fingerprints each year.

Re:Sigh.

[ThatsMyNick]

Yeah, try explaining why your finger print is all over a crime scene.

Re:Sigh.

[ag0ny]

Haven't read the article, but...

and that's where you should have stopped. The article explains how they have achieved what you say they won't be able to. Using a common camera, from 3 meters away.

Re:Sigh.

[MrL0G1C]

I RTFA and it's very light on details. You basically have to guess that:

1. The researchers used an expensive 'digital camera' with a good optical zoom.
2. The lighting is just right.
3. They zoomed in on the fingerprints.

Otherwise the GP post is right, this really wouldn't apply to 99.999+% of photos taken.

Or, take a picture of something from 3meters away and see what you get when you load that image onto a computer and zoom in to it.

Re: Sigh.

yes, a common dslr with a fat zoom lens, and they shot a lot of photos. hardly very inconspicious. why not just dust for prints afterwards?

Re:Sigh.

[CptLoRes]

No, they only said "a digital camera from 3 meter away". So it could be anything like a professional 40MPixel DSLR with a tele lens zoomed into the finger for all we know.

Re:Sigh.

[ledow]

Actually guys, this is not only possible - it's old news.

And, no, it doesn't necessarily need stupendously perfect conditions:

http://www.bbc.co.uk/news/tech...

Re:Sigh.

It just doesn't matter though since you leave your fingerprints everywhere anyway

Re:Sigh.

It can be useful for two-factor authentication or even three-factor authentication (it's an extra hurdle so extra security but not the end of the world if an attacker has them if they don't know the other factors). I certainly wouldn't trust it on its own.

Just like I don't trust facial recognition ones either - my old laptop had a disabled feature that'd open if the webcam saw your face at the computer, which I successfully bypassed by standing behind the computer and holding a printout of my facebook profile picture in front of the webcam.

Authentication wasn't the first thing that came to mind when reading the article though. What about court cases where fingerprints are used as evidence? If you can get a copy of someone's prints you could use them to frame them. The example is the peace sign which is frequently used by protesters and I'm sure companies and shadier governments would love to frame them for things like criminal damage so that the police can arrest them and remove them from the site as a easy method of clearing the protest. Or worse.

Re:Sigh.

[StikyPad]

Or, take a picture of something from 3meters away and see what you get when you load that image onto a computer and zoom in to it.

Obviously you have to enhance after zooming. If you continue enhancing, you can zoom in to any image indefinitely.

Re:Sigh.

[StikyPad]

Assuming you have more than one finger, and especially if you have an alibi, it shouldn't be terribly difficult.

Re:Sigh.

[David_Hart]

Or, take a picture of something from 3meters away and see what you get when you load that image onto a computer and zoom in to it.

Obviously you have to enhance after zooming. If you continue enhancing, you can zoom in to any image indefinitely.

Incorrect... "enhancing" isn't anything like what you see in the movies. You can't enhance infinitely. You can enhance up to a point, but after that, there just isn't enough data and you start adding artifacts and inaccuracies. You might be able to get away with some inaccuracies depending on the fingerprint reader and the matching algorithm. That's why the researchers specified a limit in distance. They also don't go into the size of the photos, but the point is that now there is enough resolution provided by digital cameras (20MP+) and phones (10MP+) today to provide the necessary level of detail at 3 meters.

Re:Sigh.

[Applehu+Akbar]

"Fingerprints are not used for authentication, right? So it's not a problem, is it?"

Fingerprints are the most convenient form of authentication, but you have to consider the surroundings. If someone grabs your phone, he is highly unlikely to have taken high-res photos of your fingertips, or to have been able to prowl around in your home and lift fingerprints. For a desktop, on the other hand, the lifted fingerprint attack is a simple and obvious one.

Re:Sigh.

[peragrin]

I didn't write the go but I did hear the thunderous woosh as the joke passed by your head at Mach 5.

I am surprised it didn't suck the air out of your lungs leaving you speechless. Then again from your post length you have excess air inside anyways.

Re: Sigh.

So true. They demonstrated it in the final episode of red dwarf. Amazing tech!

If you can't see sarcasm it sticks to be you.

Re:Sigh.

[Arashi256]

No, no. I saw this on CSI. You just enhance the image. Jeez, I thought as somebody posting on Slashdot you would know this! What a n00b.

Re:Sigh.

[sh00z]

Incorrect... "enhancing" isn't anything like what you see in the movies.

Give me a hard copy right there.

Re:Sigh.

Use someone else's fingerprint chosen randomly for authentication.

Problem solved.

Re:Sigh.

[pjt33]

If someone grabs your phone, it's probably got your fingerprints all over it.

Re: Sigh.

Your password is "incorrect", isn't it?

Re:Sigh.

Fingerprints are public. We leave them everywhere we put our hands on. You can get them from anyone anytime you want. You just have to wait for the perfect occasion.

Re:Sigh.

[Applehu+Akbar]

Not if you have it in one of those rubbery cases and keep the display clean.

Re:Sigh.

[syn3rg]

And that is why I only use a single digit, facing me, as a hand gesture...

Re: Sigh.

[omnichad]

Far from the last episode - there's been two full new seasons since then.

Re:Sigh.

[mchall]

Fingerprints are not used for authentication, right? So it's not a problem, is it?

Yes, fingerprints are used for authentication.

- A large local chain of fitness clubs here in my state uses a two part authentication system, one of which is a fingerprint scan, to authenticate and authorize users of their facilities.

- The iPhone has an option to use "Touch ID" (i.e. a fingerprint scan) for authentication to access the phone, make purchases, and use Apple Pay.

- The list goes on.

... and it is definitely a problem. As MythBusters proved, fingerprint scanners can be defeated with a high res copier, some ballistics gel, and a little extra voodoo that they wisely (and for legal reasons) chose note to broadcast. Fingerprints are most definitely one of the less secure sources of biometric authentication.

Re:Sigh.

[fish_in_the_c]

biometrics in general are a fine second layer of authentication, they should not be a primary level of authentication for 2 reasons.
1) they are generally not horribly hard to fake.
2) once someone has figured out how to fake your biometric data it isn't like you can change it.

Since Roman times there have been 3 ways to 'establish trust' Something you have, something you know, something you are.
So the best anyone can do is this something you know( password or pin) tied to something you have ( smart device, smart card ,token) and used to authentic something you are ( biometric,retena, iris, fingerprint).

Re:Sigh.

[Anubis+IV]

You're talking about identification, which is related to authentication, but isn't quite the same. Just as your username is used to identify you, so too is your fingerprint used to identify you. But just as your username isn't sufficient in and of itself to authenticate your identity (i.e. I can't log in as you by simply knowing your username), and so too should your fingerprint be insufficient to authenticate your identity.

The police can identify you using your fingerprint just fine, but that doesn't mean fingerprints should be used for authentication. Inasmuch as they are being used for authentication, it's poor security.

Re:Sigh.

[Gavagai80]

That's in the year 2019. Gotta wait 2 years.

Re:Sigh.

[Macdude]

I've said for years:

Fingerprint* = Identification, not authorization.
Think of your fingerprint being your user ID, not your password.

* This applies to any biometric identification system, e.g. retina scans.

Re:Sigh.

[phantomfive]

Where do you leave your fingerprint? Everywhere you go, on everything you touch, including the device you're logging into, and every device you've ever logged into.

Specifically, you are leaving your fingerprint on the very device you are trying to log in to. If a thief wants to find it, he doesn't have to go very far.

Re:Sigh.

so, your sarcasm detector is broken I see. Time for you to get 'recalibrated'. I propose you nick on down to the local pub for a few pints and a curry, that'll sort you right out.

Re:Sigh.

That's why my voice is my passport.

Re:Sigh.

[swillden]

Fingerprints are not used for authentication, right?

Wrong. Fingerprints are great authenticators (and not particularly good identifiers; uniqueness guarantees are very weak), but the authentication is derived from the integrity of the measurement process, not the secrecy of the fingerprint.

That is, the security of a fingerprint-based authentication is primarily derived from the assurance you have that the fingerprint being measured is an actual body part and not some simulacrum. In the case of attended authentication stations, where a guard examines your fingers to verify that you're not wearing latex finger covers or similar the security is actually very good. In the case of a mobile phone phone sensor or similar, the security is fairly low -- though stronger than a typical phone password when shoulder-surfing opportunities are factored in.

Re:Sigh.

[green1]

You do realize most phones these days use TOUCH screens right?

Re:Sigh.

So, half a peace sign. I like your style.

Re:Sigh.

[ledow]

A PCB etching kit.

Print off fingerprint in black/white onto acetate.

Etch the PCB using the acetate as a mask. It's now a raised copy of the fingerprint.

Use as a template for something malleable (gel, etc.).

Re:Sigh.

[ThatsMyNick]

Good luck explaining that to a jury though.

Re:Sigh.

[Wolfrider]

--Maybe we should start giving people the "flying V" (like the Brits do) for photos...

who'd have thunk it

Coming next: Seconds after the moment you shake hands with me, all your personal datas are belong to us.

Flipping the Bird

The NII researchers were able to copy fingerprints based on photos taken by a digital camera three meters (nine feet) away from the subject.

Instead of making a peace sign when having your photo taken, an obvious solution is to flip the bird instead! Your fingerprints are facing away from the camera. All of the problems are solved, once and for all!

Re:Flipping the Bird

Doesn't work. You're just giving your fingerprints to the guy you don't even see with a camera 3 meters behind your back.

Re:Flipping the Bird

[Diss+Champ]

Doesn't work. You're just giving your fingerprints to the guy you don't even see with a camera 3 meters behind your back.

With the bird, you're only giving them 1 fingerprint, and not the one most people check.

That's an improvement.

[Hylandr]

I would much rather have a photo of my fingers stolen than have my fingers, or finger tips stolen!

Something similar was done 2 years ago

German defense minister got her fingerprints "stolen" in a similar fashion two years ago.

Then May I Suggest This Alternative?

  It's real popular for some, and can be for you, too, now that we are in the Trumpverse

https://regmedia.co.uk/2015/07...

So basically

[93+Escort+Wagon]

They're saying they have the fingerprints of every Japanese female under the age of 30.

Re:So basically

[PolygamousRanchKid+]

They're saying they have the fingerprints of every Japanese female under the age of 30.

Hmmm . . . so if we photograph gang members, tossing gang sings, the police can build a database of gang members, with their fingerprints.

This is why when strangers photograph me, I flip them the bird, not a peace sign. Then they don't get my fingerprint, since it is not facing them.

Re:So basically

[JanneM]

This is why when strangers photograph me, I flip them the bird, not a peace sign. Then they don't get my fingerprint, since it is not facing them.

Most parts of your skin has distinctive, unique patterns. You can get a unique print from your elbow, wrist, knuckles, knees... And you tend to leave such marks around too, if less commonly than fingers.

Re:So basically

Make sure there is nothing reflective behind you, or to either side of you, they might be able to get the reflection of your finger print.

iPhone camera is safe

You'll never pull a finger print from a photo taken with a cell phone camera. Those things have no optical quality.

yep

with the hi res in devices today yep. more than that it can be extracted from objects too.

Banks use them for verification

[shanen]

Fingerprints are not used for authentication, right?

Not sure about the States, but in Japan many of the banks have biometric devices on the ATMs to read fingerprints. From the placement of the devices, I would say the thumb is unlikely to be used, and I would suppose that most people use their index finger.

Also there are a lot of smartphones with fingerprint recognition, and I have two computers with it (though I'm not using it because I don't regard it as secure).

Peace sign - fuck that

[Chrisq]

It's the V for victory

Don't worry, they have a solution

[MadTinfoilHatter]

The proposed solution is to hold your hand the other way around exposing only your fingernails. ;-)

Re:Don't worry, they have a solution

The proposed solution is to hold your hand the other way around exposing only your fingernails. ;-)

Don't forget to lower your index finger.

Re:Don't worry, they have a solution

[MadTinfoilHatter]

Don't forget to lower your index finger.

The point was that you don't even need to do that.

Re:Don't worry, they have a solution

[Snard]

But what happens if they read your fingerprints in the reflection from your glasses? :)

Re:Don't worry, they have a solution

And maybe you can keep the index finger down!

Re:Don't worry, they have a solution

My understanding is that, in the UK, two fingers up with the palm inward is equivalent to the single middle finger up in the US. Not that I suggest people not do that just wanted to warn them

Re:Don't worry, they have a solution

But what happens if they read your fingerprints in the reflection from your glasses? :)

They'll be inverted?

Re:Don't worry, they have a solution

[Aighearach]

In much of the world that is true; it is the female version of the middle finger.

You would not write your password

[SlashDread]

on your forehead right? For anyone to see?

Then why do people think information you leave all over the place is a replacement for a password?

Re:You would not write your password

logging into your phone via a password in a public place is just as bad... e.g. you type in your password, any camera in the area now has your password (unless you *always* do it in a very discreet way---which is kinda hard when using a cellphone outside).

with fingerprints, you just open phone, and bam, you're in... cameras got nothing on you... unless they're super duper good cameras focusing on your fingerprints... but then they'd capture you typing in your password anyway.

st some point you just gotta accept that if a powerful enough entity wants to spy on you, they will... probably won't even care about your logings (they'll just have a backend way of getting into your information).

Asian Vagina

Seeing as how it is always asian females who flash it in selfies. it is really V for asian Vagina.

Re:Asian Vagina

Seeing as how it is always asian females who flash it in selfies. it is really V for asian Vagina.

The cunts

I call BS

[johannesg]

When I pass through border control they cannot even get my fingerprints when I'm touching the glass. And now a blurry mobile phone would be able to do better from several meters away?

I guess the next warning will be to always wear gloves, otherwise you will be leaving a trail of fingerprints everywhere you go...

Re:I call BS

[swb]

I can only assume this involves the best cameras under good conditions.

I did a google image search for peace sign and only what look like stock photos and at high resolutions even remotely resolved even the most basic topology of the finger tips, but even then when zoomed in it was far too blurry to see anything resembling a fingerprint that could be duplicated.

Everything else? A facebook photo where the hand is 5% of even a high resolution facebook picture? You're talking a pixel subset of maybe a few hundred by a few hundred pixels given all the most optimistic variables -- close zooming, high resolution. Finger tips even then are going to be a pixelated mess.

Now look at the *avergae* photo of someone doing this, and the pixel subset representing the hand is smaller yet, the exposure is way off, the shutter speed too slow to cope with shake and subject movement and lighting.

Re:I call BS

That's because 10000 people touched the glass before you. It's so smudged it's difficult to get a clear image because of the noise-signal ratio.

In a photo where you're further away and not touching anything it'll be much clearer. Cameras weren't high resolution enough for that in the past but they are now.

The sensors you touch are also probably scanning more layers of skin than just the surface though, so while they can get your fingerprints that isn't necessarily enough to bypass all fingerprint authentication (eg to unlock an iPhone).

Re:I call BS

[johannesg]

I was told by a border guard that I shouldn't worry, that it is quite normal for prints to be faded "in old people". I'm 46...

Rock/metal horns also affected

[azrael29a]

I guess the horns "\m/" sign is also affected, even though you're displaying only your index and pinky fingers. The vulcan greeting sign "_\\//" would be the worst to photograph, since it displays all the fingerprints.

Re:Rock/metal horns also affected

Live long and get hacked!

Re:Rock/metal horns also affected

[azrael29a]

I forgot about the Roman/Nazi salute also showing all five fingerprints. o/ And the high-five. Basically we should wear gloves all the year to avoid fingerprint disclosure ;-)

Japan researchers?

Shouldn't that be Japanese researchers? As in people who are Japanese who are engaged in research? And not people who research the island country of Japan?

Re:Japan researchers?

Shouldn't that be Japanese researchers? As in people who are Japanese who are engaged in research? And not people who research the island country of Japan?

That's fair, so long as you also get your 'grammar Nazi' on for phrases such as "US scientists".

YDI

Anyone who flashes the peace sign in pictures deserve it...

That's not what Biometrics is for

Biometrics: securing your data via non-changeable, non-secret data.

Biometrics should *never* be used in a situation where the input is not controlled. For example, it is okay to use it as part of a border crossing, it is *not* okay to use it on a door lock. It is okay to use it on a phone, as the goal there is "prevent someone from quickly unlocking your phone if you step away for a moment and you trust them not to steal it" - in any other situation, a person with physical access to your phone can already compromise it, so alternatives don't significantly increase security.

Re:That's not what Biometrics is for

[Enigma2175]

Biometrics: securing your data via non-changeable, non-secret data.

Biometrics should *never* be used in a situation where the input is not controlled. For example, it is okay to use it as part of a border crossing, it is *not* okay to use it on a door lock. It is okay to use it on a phone, as the goal there is "prevent someone from quickly unlocking your phone if you step away for a moment and you trust them not to steal it" - in any other situation, a person with physical access to your phone can already compromise it, so alternatives don't significantly increase security.

But someone with physical access to your phone can't already compromise it, if it's a later model iPhone, at least not according to the FBI. The FBI asked the court to compel Apple to create an exploitable OS so that they could break into a phone, presumably because they could not access it even though they had physical possession. With the later models that have the secure enclave, even that wouldn't have sufficed to break into the phone. Given enough time and effort (and Apple's signing key), it might still be possible but it's not like in the old days of computers where physical access == pwned.

https://en.wikipedia.org/wiki/...

Ironic results

[CODiNE]

As Japanese photos gradually become less peaceful...
British photos gradually become more well behaved.

Assuming people stop holding up those 2 fingers.

Re:Ironic results

[93+Escort+Wagon]

HA! I am now in possession of the fingerprints from the famous Briton, Winston Churchill! I bet I can get into many secret places with them and do many evil deeds!

Same for retina checks

The same is true for retina print (eye print) checks. It does take a better camera (20M pixel), and it may require a brief *infrared* flash (so you will *not* notice it), but it will allow one to copy the retina prints from everyone looking in the camera's direction, and they are most often good enough to confuse retina scanners into accepting a false eye as valid.

Biometry may be useful as a 2FA/3FA, but it really isn't "safe" by itself.

Re:Same for retina checks

[sh00z]

The same is true for retina print (eye print) checks. It does take a better camera (20M pixel), and it may require a brief *infrared* flash (so you will *not* notice it), but it will allow one to copy the retina prints from everyone looking in the camera's direction, and they are most often good enough to confuse retina scanners into accepting a false eye as valid.

Biometry may be useful as a 2FA/3FA, but it really isn't "safe" by itself.

Uh, that would be iris scans, right? If someone is reading your retina, it's not from more than a couple of centimeters in front of your eye.

The V of freedom and victory, not peace.

The sign they are talking about is the V of Vrijheid and Victoire, after the Dutch word for Freedom and the French word for Victory. People in occupied Belgium used it during WWII. The gesture was used as a response to the Nazi salute, and was used every time the Germans lost a battle (the news was spread by the BBC). This way the people managed to scare the German soldier, and indirectly instructed them to be nice and to not commit war crimes. This sign was adopted in both the Netherlands and France and was even picked up by Churchill who made the symbol for the allies (after having done it wrong the first few times, he showed the back of his hands which was a way to insult other people in the British lower classes).

Re:The V of freedom and victory, not peace.

[Verdatum]

Further, it's not uncommon for Japanese people when being photographed while making the gesture to also say the Japanified version of the English word "Victory" (sounding sort of like "Wikutorii"), similar to how Americans say "cheese", causing a smiling face.

Only a concern for Android users

iOS users don't have anything to worry about since they use their thumb to authenticate which would not be visible when giving a peace sign. Android users, however, are forced to use their index finger on the back of the phone.

Two-finger salute

[doggo]

They should just reverse the hand gesture and show the camera their fingernails.

In other news...

[eeyore]

Glove Manufacturers report an encouraging spike in sales

Fingerprints?

You leave fingerprints behind you everywhere you go. On everything you touch. It is trivial to get someone's fingerprints.

Pen is print

That's why I use my genitals for fingerprint authentication. I can guarantee nobody is getting ahold of those.

Re: Pen is print

Makes it slightly awkward unlocking your phone in public, though.

So what TFA really means is

[TheDarkener]

Anyone can have their hands photographed and fingerprints stolen. Who the fuck came up with the fearmongering scare tactic that singles out making the peace sign as a way of stealing fingerprint data? That's so fucking lame.

Only if you're Asian.

I don't even think they realize it's a "peace sign". They just do it because everyone else they know does it.

What About Eyes?

What about iris scanning. Should people also avoid poses that expose their eyes to the camera?