Technological advancement is all about solving existing problems by finding creative solutions and boy, do we have a lot of them! The problems I mean.
The more problems we solve, it seems the more we create. It is almost like humanity is constantly on a test-taking phase, perennially trying to answer questions, only, the questions never end!
One such problem, which is a result of technological advancement, is of digital security. This means protecting your online accounts or your gadgets from would be intruders.
While we have had a solution in the form of “passwords” for ages now, it has given rise to another problem, especially in more recent times, and that is of lack of convenience.
Security Vs Convenience
Let me first give you a brief history of this problem in case you were born only yesterday. The mass adoption of personal computers and then the internet and now smartphones, has led to us living a more digital life.
The various aspects of our lives including the more confidential ones are now commonly stored either offline on our various devices or online, safely protected by the current safety measures, which comprise mainly of usernames and passwords.
This had worked out pretty well until hackers figured out how to break through. As a result, people began to use even more complex passwords but hackers still found a way in. Then the two-factor authentication was introduced but this made the convenience problem even more severe.
The thing is, it is difficult (and frustrating) enough to remember all the usernames and passwords of all the different services and gadgets we use, but having to wait for a code to pop-up as text message or an email is just ridiculous. Saving passwords in the browser eases up that pain a bit but even that is not safe these days as has been revealed recently.
Biometric Authentication To The Rescue
Even though biometric authentication has been around for a long, long time now, they are only now making their way to our smart devices. Smartphones and laptops are increasingly being equipped with biometrics scanning that make things a lot easier.
Be it fingerprint scanning, iris scanning or facial recognition, biometric authentication ensures security along with convenience because they are unique to the individual and cannot be stolen unlike your passwords and the process to authenticate only takes like a second, and you don’t have to remember anything.
Biometric authentication is now slowly getting mass adoption and with that, its application is seeing a varied use as well (like contact-less payments). MasterCard is planning to use your heartbeat to verify purchases and just recently it was reported that Australia’s international airports are going to start replacing passports with facial recognition! Now that, is convenience.
But as I mentioned in the beginning of this article, technology often gives birth to another problem while trying to solve something and in this case, a new problem has come to light and that is the problem of privacy.
Privacy Concerns
When you set up your fingerprint, or any other unique-to-you body part for biometric identification and authentication, the information regarding those parts, is stored with the tech companies and eventually find their way into the database of law enforcement agencies or worse, intelligence agencies like FBI or CIA or your country’s equivalent.
That raises a huge privacy concern because your biometric data may be used for reasons not aware to you or even for purposes not intended originally. We all know how the government has been surveilling the public and the accumulation of such data only makes the matters worse.
As is usually the case, this might get resolved with yet another piece of technology in the future but until then, I think this is direction the world seems to be going right now as far as digital security is concerned.
I believe that if someone wants to steal your information, they will get it. Of course you want to make it as difficult as possible to hack. But at this point I am more resigned to convenience over the security aspect.
Yeah, as they say, no system is 100% theft proof.
Well, I think it depends on the use case. If it is financial data, we would surely prefer security even at the expense of convenience.
I'm kind of resigned to the fact that however hard we try and protect our identities online these days, most of it is just out of our control. If they get hacked and or sell our information then absolutely nothing we can do about it.
Yes, no system is 100% perfect and I guess, if some skilled hackers wanted to hack you, chances are you will get hacked.
Yeah but biometric options have some strong legal drawbacks imo.
You can not be forced to reveal a password to decrypt a device. You can be forced to give up any type of biometric used for authenticity.
THIS. Plus they can just put your finger on the scanner when you're passed out drunk. There is no real security in commercial biometrics.
Yeah, that's true. But they can force you to type your password too, right? I think these rules are different for different countries.
Well are they going to torture you if you say you don't know the password?
Good point!
No it doesn't. Biometrics is shit. It has 0 entropy. All biometric information is public, because it's easy to access it.
It's literally that easy to hack somebody's bank account, who will use biometric data to access it.
But don't phones have like that thing where it won't work if it is not on a living thing? It's not universal but companies can indeed integrate such technology.
Acess control is not equal to encryption. Sure you can prohibit people from using your things, but that is too superficial.
It's just easier to just use actual secret phrases to access things. Passwords are good. But if you want to make it more convenient then use an access card:
Of course the card can be stolen, but that is another issue. I'd just use memorizable mnemonics instead. Thats the more secure and most convenient way.
The most significant drawback is the ability to identify the exact location of an individual. I think in many ways the same applies to two factor authentication, but with bio metrics, it's on a whole new level. There is no denying, you were there where the breach happened.
Yup agreed!! Love this show by the way :D
There is plenty of denying it. Fingerprints are easy to forge. Other things can be spoofed too.. Sorry that's not proof when the tech is shady.
for years i have watched this on Movies
Oh I agree 100%. The problem is you have to prove to a jury something you just described, that they have only ever seen in a spy thriller, is real. Then you have to convince them that it's what happened in that particular case. For a guilty until proven innocent society, where DNA evidence was just recently revealed to be dubunked and abused by the FBI for DECADES!!!!! I find it hard to believe anyone would ever believe you when you say, "my computer got hacked"... with that level of security. My computer actually was hacked while I was using retina access protocol.
I bet it was far easier to break than my hardware encryption device and strong password.
OH not to mention Vault 7...
As for people.. they are proving themselves to be stupider than I ever thought possible, so nothing surprises me anymore, especially things like juries
There always is a trade-off that you have to decide upon....... You have to give upon one to gain upon other....... That is the basic rule. The degree of trade-off may change but the rule remains.....
In terms of security and convenience, I am Just waiting for the Johnny english Voice activated car, to get cheap so that I can purchase it.
In terms of security, as along with username and passwords, even the fingerprints and face recognition can be hacked and leaked, then there will be no way to protect it, Or we have to make it more complicated to protect a couple of hundred dollars in my account or a few hd pornos in my laptop. Till then I think I will trust my brain to remember the username and passwords.
The best is a crypto-key protected by a strong pass.
LOL, that would be awesome :D
yepp....
Yes, it has both advantage and disadvantage going from either wants to use biometrics.
But the reality that technologies are cavez but advanced and we have to adhere to them for own protection of accounts.
Yup, as I said, newer technologies open up newer ways to abuse. I guess it's human nature and we will never find THE perfect solution for everything.
I am stuck with my passwords. I feel them much more secure. They can be hacked and stolen of course, but if I don't want to tell them, no one can force me. With biometric security, security is not really there (my fingerprints are probably recorded in every single airport I have been through during the last 10 years, which means a lot of places all around the world). I would definitely not use my fingerprints as password.
Yeah, you are correct. It's such an irony that even though your fingerprint is unique, it is not, in the way that it is stored in god knows how many places!!
Exactly! It is unique but tons of copies exist :D
I never put my fingers on systems that i never can trust, like gyms and condos...
Good strategy!
Biometrics are unique and cannot be stolen... yet.
3D printing technology can already be used to print bones, skin, etc.
Plus there's this technology with which you can scan an entire body and create a virtual replica of it. It's mostly used by the movie industry at the moment and it's expensive as hell. But I think there will be enough demand for such a thing from the general public that the price will go down like it has with computers and mobile phones.
https://www.digitaltrends.com/photography/body-labs-wants-create-virtual-doppleganger/
Plus we have this AI and quantum computers that are just now taking off. These two technologies combined will create technologies impossible to predict at the moment.
Plus there's this:
http://www.davidyerle.com/the-future-of-porn-a-disturbing-possibility/
Yeah, that's true. I guess they could make it work so that it will only work if on a living body and not on a non-living body.
Thanks! :)
Pretty cool information, @sauravrungta! What an advanced technology of security!
Biometrics are very very insecure and risky.
Thanks! :D Yeah, it's advanced but it has a long, long ways to go before we start using it everywhere. Lots of holes to be fixed still.
I guess it would certainly solve a lot of issues. I like the fact, where you said, " it is difficult (and frustrating) enough to remember all the usernames and passwords of all the different services and gadgets we use"
this is so true. Every other day, I have to change my password. Not that I have to do it as I want to change but I forget the password :P. Then, reset password drama for another few mins. Oh gosh.
If a gadget can scan my retina and I'm done with it. It would be super cool.
I'm sure, we are heading towards that but it just when
You don't actually want that. It's pretty much the most insecure system ever. Better to have a hardware key, and a strong password protecting all your passes.
But, we have to have a hardware that can support all the platform. From banking to social media.
I do... u2f for 2FA, and a password vault protected by hardware, and the hardware to sign into ssh using an RSA key.
2FA does secure a bit. I use it for almost every required application now.
I haven't checked the hardware key, except VPN token.
2FA is totally not good, since it's very easy to spoof. U2F is far superior, though not perfect. Security is always layers.
so, you use the vault for almost everything? which one do you use for hardware key?
I think Trezor is working on this.
Yeah, I have been through a lot of this drama and keep going through it regularly. I just wish there was a secure way of handling biometrics so that we can all live our lives more peacefully!
100% Agreed with @kyle.anderson
Yup, still has a long ways to go!
biometrics are hardly perfect. I would much prefer a cryptographic id secured with a good password thanks.
Yup that's for sure. As with all technologies, they improve with time and developments in this field might one day make it super secure along with convenience.
Very interesting post and very interesting times!
Thank you. yes, the times are really interesting :)
We have been offered so much for the sake of security and convenience, and the only cost is privacy. Much of the promised security falls pitifully short. The answer, give up more privacy and control. Definitely interesting times we are entering.
Yup, a phenomenal breakthrough is needed in this field for the coming times.
Wow, this post takes right after where mine ends :)
Awesome analysis man. Couldn't have said it better myself.
Exponential Laziness and the Path Towards Crypto Adaptation
You had me at "remember trying to teach friends how to use email in combination with their social media account. When myspace came around this task alone resembled rocket science to most." :D
Yeah, these things are really important as I believe we are moving into the next phase of our digital lives. Thanks for the kind words :)
always a pleasure to read you stuff!
Great points. I agree on most of them.
The truth is that the more technology advances, the less privacy we have. I didn't know that our biometrical data can be used in some way but that makes total sense.
I'm not even sure that in a few years we will have any privacy at all. It will be gone probably.. But who knows, maybe there will be some companies that will help to stay private. If not, then the free market will come up with something
"I'm not even sure that in a few years we will have any privacy at all." I have the same fear. Technology has rendered all our lives accessible from anywhere, anytime. I guess this is the building of a new human civilisation!