Identification – Page 2 – WindowsTechs.com

On Technologies for Automatic Facial Recognition

Posted on September 15, 2023 by Bruce Schneier

Interesting article on technologies that will automatically identify people:

With technology like that on Mr. Leyvand’s head, Facebook could prevent users from ever forgetting a colleague’s name, give a reminder at a cocktail party that an acquaintance had kids to ask about or help find someone at a crowded conference. However, six years later, the company now known as Meta has not released a version of that product and Mr. Leyvand has departed for Apple to work on its Vision Pro augmented reality glasses.

The technology is here. Maybe the implementation is still dorky, but that will change. The social implications will be enormous…

Continue reading On Technologies for Automatic Facial Recognition→

Identifying information contained in Adobe files

Posted on August 13, 2023 by Mark Wan

For many file formats, there are typical types of metadata that one may want to erase if they do not want personally-identifying information to be associated with the file. EXIF data in image files is a typical example.
I have recently beg… Continue reading Identifying information contained in Adobe files→

The Inability to Simultaneously Verify Sentience, Location, and Identity

Posted on August 11, 2023 by Bruce Schneier

Really interesting “systematization of knowledge” paper:

“SoK: The Ghost Trilemma”

Abstract: Trolls, bots, and sybils distort online discourse and compromise the security of networked platforms. User identity is central to the vectors of attack and manipulation employed in these contexts. However it has long seemed that, try as it might, the security community has been unable to stem the rising tide of such problems. We posit the Ghost Trilemma, that there are three key properties of identity—sentience, location, and uniqueness—that cannot be simultaneously verified in a fully-decentralized setting. Many fully-decentralized systems—whether for communication or social coordination—grapple with this trilemma in some way, perhaps unknowingly. In this Systematization of Knowledge (SoK) paper, we examine the design space, use cases, problems with prior approaches, and possible paths forward. We sketch a proof of this trilemma and outline options for practical, incrementally deployable schemes to achieve an acceptable tradeoff of trust in centralized trust anchors, decentralized operation, and an ability to withstand a range of attacks, while protecting user privacy…

Continue reading The Inability to Simultaneously Verify Sentience, Location, and Identity→

Wood’s unique “chemical fingerprint” could thwart timber fraudsters

Posted on April 21, 2023 by Ben Coxworth

Even though logging is prohibited in many of the world’s threatened forests, that doesn’t stop some companies from logging in those areas anyways, then lying about the origins of the timber. Soon, however, such groups may be foiled by the wood’s chemic… Continue reading Wood’s unique “chemical fingerprint” could thwart timber fraudsters→

Fooling a Voice Authentication System with an AI-Generated Voice

Posted on March 1, 2023 by Bruce Schneier

A reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd’s Bank.
Continue reading Fooling a Voice Authentication System with an AI-Generated Voice→

Experian Privacy Vulnerability

Posted on January 12, 2023 by Bruce Schneier

Brian Krebs is reporting on a vulnerability in Experian’s website:

Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. All that was needed was the person’s name, address, birthday and Social Security number…

Continue reading Experian Privacy Vulnerability→

Retrieving Android phone’s identifiers

Posted on December 3, 2022 by CurtisB

I will be publishing a fingerprinting app that shows its user how much access to their Android phone’s identifiers it has. I haven’t started writing it because I need to understand how can any Android phone be identified by using only its … Continue reading Retrieving Android phone’s identifiers→

Apple’s Device Analytics Can Identify iCloud Users

Posted on November 22, 2022 by Bruce Schneier

Researchers claim that supposedly anonymous device analytics information can identify users:

On Twitter, security researchers Tommy Mysk and Talal Haj Bakry have found that Apple’s device analytics data includes an iCloud account and can be linked directly to a specific user, including their name, date of birth, email, and associated information stored on iCloud.

Apple has long claimed otherwise:

On Apple’s device analytics and privacy legal page, the company says no information collected from a device for analytics purposes is traceable back to a specific user. “iPhone Analytics may include details about hardware and operating system specifications, performance statistics, and data about how you use your devices and applications. None of the collected information identifies you personally,” the company claims…

Continue reading Apple’s Device Analytics Can Identify iCloud Users→

Identifying a ransomware with .mkp file extensions

Posted on September 25, 2022 by newly-arrived guest

Yesterday, a ransomware hit my PC. I didn’t pay the ransom and didn’t comply with what the attackers were asking for and I wiped everything and every drive on my PC and then reinstalled my stuff from a backup I made previously so everythin… Continue reading Identifying a ransomware with .mkp file extensions→

KYC: How do fintech companies validate official identity document numbers? [closed]

Posted on September 4, 2022 by Mr Innocent Curiosity

Online financial services these days offer their users the ability to "prove" their identity by having them take a picture (usually from multiple angles) of an official government-issued identity document (e.g., passport, ID card… Continue reading KYC: How do fintech companies validate official identity document numbers? [closed]→