e dot dot dot
a mostly about the Internet blog by

May 2017
Sun Mon Tue Wed Thu Fri Sat
 
     


Samsung's 'Airtight' Iris Scanning Technology For The S8 Defeated With A Camera, Printer, And Contact Lens

Furnished content.


The thing about biometric scanning as a security practice is it is one of those things that sounds great. "Lock your phone with your fingerprint or facial scan", shout the manufacturers and security companies that came up with the scans. Well, shit, thinks the average person, if nobody else has my face I'm in the clear. Even when movies and television tackle the subject, the methods for breaking the biometric security typically involve convoluted plans and insane stunts so brazen they would make Danny Ocean's jaw drop.The problem is that the hype around this tech is typically more effective than the tech itself. Fingerprint scanners are easily fooled and facial recognition software has been shown to be defeatable by, and I swear this is true, printouts of a person's face. That isn't security, it's a punchline. So, when Samsung and its security partner decide to pimp the iris-scanning security feature of the Galaxy S8 with language like "airtight" and suggestions that owners of the phone can "finally trust that their phones are protected", one would expect those claims to be backed up by strong technology.It isn't.

Hackers have broken the iris-based authentication in Samsung's Galaxy S8 smartphone in an easy-to-execute attack that's at odds with the manufacturer's claim that the mechanism is "one of the safest ways to keep your phone locked."The cost of the hack is less than the $725 price for an unlocked Galaxy S8 phone, hackers with the Chaos Computer Club in Germany said Tuesday. All that was required was a digital camera, a laser printer (ironically, models made by Samsung provided the best results), and a contact lens. The hack required taking a picture of the subject's face, printing it on paper, superimposing the contact lens, and holding the image in front of the locked Galaxy S8. The photo need not be a close up, although using night-shot mode or removing the infrared filter helps. The hackers provided a video demonstration of the bypass.
As they did in the previous facial recognition flaw post referenced above, some will, at this point, be diving for their keyboards to point out that this type of security isn't really designed to make a device impermeable. Rather, it's to keep easy break-ins from occurring. And, hey, that's true! Good job, you guys! The problem here isn't that Samsung's security tech failed to be 100% effective. It's that it's barely effective, yet at the same time Samsung is pitching it as the end of phone break-ins. I'm not the one making wild claims here; they are.And this tech is going to be rolled out in a big way, likely pitched to the public in the same manner.
"Iris recognition is the next big thing with mobile devices," Starbug wrote in an e-mail. "The technology, especially with the packed space and low computing power of mobile devices, is hard to make hack proof. You can't hide your iris, and it's even worse than fingerprints." At the same time, "mobile devices are holding more and more sensitive data."
Advertising this iris security as "airtight" is actively misleading the public on the security of a device becoming all the more important and one on which the public is more often storing sensitive information. For a company like Samsung to be so vociferous in its claims in light of this easy workaround ought to result in a ding to its credibility.For biometrics generally, a good pin number is probably still your best bet. The tech may improve to the point of being the most effective option some day, but we're not there yet.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 27-May-2017
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



More Legislators Jump On The 'Blue Lives Matter' Bandwagon

Furnished content.


Not wanting to be outdone by idiots in Congress, two idiot senators from the great state of Texas* are pushing their own "Blue Lives Matter" legislation. Senators Cruz and Cornyn have (re)introduced the Backed and Blown "Back the Blue Act," which adds mandatory minimums to any act of violence against most government officials. Oh, and for extra fun, automatic death penalty considerations for anyone charged under this act.*Federal law requires the descriptor "great state of" to be appended to any state name, but especially Texas.I'll get out of the way and allow Senator Cornyn to toot his own horn:

“Our law enforcement officers put their lives on the line every day to protect and serve families across Texas. Violent criminals who deliberately target those who protect and serve our communities should face swift and tough penalties and the Back the Blue Act sends that clear message. Every day, and particularly during National Police Week, we must give the men and women in blue our unparalleled support,” Sen. Cornyn said.
You hear that, you bunch of ungrateful Americans? No matter how many citizens are gunned down for holding game controllers or toddlers torched by carelessly-tossed flashbang grenades, these fine men and women are to be given "unparalleled support." They apparently "deserve" it -- a term that must be wholly divorced from the process of earning it.Cruz and Cornyn's 2016 attempt died from a lack of attention, perhaps overshadowed by the DOJ's endless stream of scathing reports on police misconduct. With a new "tough on crime" DOJ boss at the helm and the DOJ's civil rights division neutered, the political climate seems a tad more receptive to glorifying government employees as lowercase-g gods. (But gods nonetheless.)Several legislators have joined the two senators in stumping for underprotected government employees. Rep. Ted Poe (also of Texas) has plenty to say about the bill at his personal blog. He's all for it, naturally, but more importantly, he summarizes the harsh new penalties awaiting anyone who threatens, injures, kills, or conspires to do any of the above to a law enforcement officer.
Creates a new federal crime for killing, attempting to kill, or conspiring to kill a federal judge, federal law enforcement officer, or federally funded public safety officer. The offender would be subject to the death penalty and a mandatory minimum sentence of 30 years if death results; the offender would otherwise face a minimum sentence of 10 years.Creates a new federal crime for assaulting a federally funded law enforcement officer with escalating penalties, including mandatory minimums, based on the extent of any injury and the use of a dangerous weapon. However, no prosecution can be commenced absent certification by the Attorney General that prosecution is appropriate.Creates a new federal crime for interstate flight from justice to avoid prosecution for killing, attempting to kill, or conspiring to kill a federal judge, federal law enforcement officer, or federally funded public safety officer. The offender would be subject to a mandatory minimum sentence of 10 years for this offense.
Take a good look at the middle stipulation. This means pretty much every law enforcement officer in the nation will be covered by this law, instantly subjecting people who do nothing more than assault an officer (aka, resisting arrest, contempt of cop, etc.) to federal punishments. Almost every law enforcement agency in the nation receives some sort of federal funding. This bill would yank prosecutions out of locals' hands and, presumably, separate defendants from less-harsh local laws.The bill also allows law enforcement officers (including those whose agencies are the recipients of federal funding) to carry weapons into places citizens can't. Nothing like adding an extra right to a long list of extra punishments.This chaser would put two "Blue Lives Matter" bills in play, giving Congress multiple ways to make policing worse. Considering the Go Team Blue attitude on display at the White House, these bills have a home team advantage and a president dying to sign a few more citizens' rights and liberties away on behalf of law enforcement.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 27-May-2017
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



May 2017
Sun Mon Tue Wed Thu Fri Sat
 
     







RSS (site)  RSS (path)

ATOM (site)  ATOM (path)

Categories
 - blog home

 - Announcements  (0)
 - Annoyances  (0)
 - Career_Advice  (0)
 - Domains  (0)
 - Downloads  (3)
 - Ecommerce  (0)
 - Fitness  (0)
 - Home_and_Garden  (0)
     - Cooking  (0)
     - Tools  (0)
 - Humor  (0)
 - Notices  (0)
 - Observations  (1)
 - Oddities  (2)
 - Online_Marketing  (0)
     - Affiliates  (1)
     - Merchants  (1)
 - Policy  (3743)
 - Programming  (0)
     - Bookmarklets  (1)
     - Browsers  (1)
     - DHTML  (0)
     - Javascript  (3)
     - PHP  (0)
     - PayPal  (1)
     - Perl  (37)
          - blosxom  (0)
     - Unidata_Universe  (22)
 - Random_Advice  (1)
 - Reading  (0)
     - Books  (0)
     - Ebooks  (0)
     - Magazines  (0)
     - Online_Articles  (5)
 - Resume_or_CV  (1)
 - Reviews  (2)
 - Rhode_Island_USA  (0)
     - Providence  (1)
 - Shop  (0)
 - Sports  (0)
     - Football  (0)
          - Cowboys  (0)
          - Patriots  (0)
     - Futbol  (0)
          - The_Rest  (0)
          - USA  (0)
 - Technology  (1049)
 - Windows  (1)
 - Woodworking  (0)


Archives
 -2024  March  (164)
 -2024  February  (168)
 -2024  January  (146)
 -2023  December  (140)
 -2023  November  (174)
 -2023  October  (156)
 -2023  September  (161)
 -2023  August  (49)
 -2023  July  (40)
 -2023  June  (44)
 -2023  May  (45)
 -2023  April  (45)
 -2023  March  (53)
 -2023  February  (40)


My Sites

 - Millennium3Publishing.com

 - SponsorWorks.net

 - ListBug.com

 - TextEx.net

 - FindAdsHere.com

 - VisitLater.com