Identification – Page 3 – WindowsTechs.com

Facial Recognition Systems in the US

Posted on January 3, 2024 by Bruce Schneier

A helpful summary of which US retail stores are using facial recognition, thinking about using it, or currently not planning on using it. (This, of course, can all change without notice.)

Three years ago, I wrote that campaigns to ban facial recognition are too narrow. The problem here is identification, correlation, and then discrimination. There’s no difference whether the identification technology is facial recognition, the MAC address of our phones, gait recognition, license plate recognition, or anything else. Facial recognition is just the easiest technology right now…

Continue reading Facial Recognition Systems in the US→

Breaking Laptop Fingerprint Sensors

Posted on November 29, 2023 by Bruce Schneier

They’re not that good:

Security researchers Jesse D’Aguanno and Timo Teräs write that, with varying degrees of reverse-engineering and using some external hardware, they were able to fool the Goodix fingerprint sensor in a Dell Inspiron 15, the Synaptic sensor in a Lenovo ThinkPad T14, and the ELAN sensor in one of Microsoft’s own Surface Pro Type Covers. These are just three laptop models from the wide universe of PCs, but one of these three companies usually does make the fingerprint sensor in every laptop we’ve reviewed in the last few years. It’s likely that most Windows PCs with fingerprint readers will be vulnerable to similar exploits…

Continue reading Breaking Laptop Fingerprint Sensors→

New forensic tech may nab criminals by the look of their shoes

Posted on November 28, 2023 by Ben Coxworth

Although most of our clothes fold and crease with our bodies as we move, our shoes maintain the same shape and appearance pretty much all the time. With that fact in mind, scientists are now developing a method of catching criminals via shoe ID.Continu… Continue reading New forensic tech may nab criminals by the look of their shoes→

On Technologies for Automatic Facial Recognition

Posted on September 15, 2023 by Bruce Schneier

Interesting article on technologies that will automatically identify people:

With technology like that on Mr. Leyvand’s head, Facebook could prevent users from ever forgetting a colleague’s name, give a reminder at a cocktail party that an acquaintance had kids to ask about or help find someone at a crowded conference. However, six years later, the company now known as Meta has not released a version of that product and Mr. Leyvand has departed for Apple to work on its Vision Pro augmented reality glasses.

The technology is here. Maybe the implementation is still dorky, but that will change. The social implications will be enormous…

Continue reading On Technologies for Automatic Facial Recognition→

Identifying information contained in Adobe files

Posted on August 13, 2023 by Mark Wan

For many file formats, there are typical types of metadata that one may want to erase if they do not want personally-identifying information to be associated with the file. EXIF data in image files is a typical example.
I have recently beg… Continue reading Identifying information contained in Adobe files→

The Inability to Simultaneously Verify Sentience, Location, and Identity

Posted on August 11, 2023 by Bruce Schneier

Really interesting “systematization of knowledge” paper:

“SoK: The Ghost Trilemma”

Abstract: Trolls, bots, and sybils distort online discourse and compromise the security of networked platforms. User identity is central to the vectors of attack and manipulation employed in these contexts. However it has long seemed that, try as it might, the security community has been unable to stem the rising tide of such problems. We posit the Ghost Trilemma, that there are three key properties of identity—sentience, location, and uniqueness—that cannot be simultaneously verified in a fully-decentralized setting. Many fully-decentralized systems—whether for communication or social coordination—grapple with this trilemma in some way, perhaps unknowingly. In this Systematization of Knowledge (SoK) paper, we examine the design space, use cases, problems with prior approaches, and possible paths forward. We sketch a proof of this trilemma and outline options for practical, incrementally deployable schemes to achieve an acceptable tradeoff of trust in centralized trust anchors, decentralized operation, and an ability to withstand a range of attacks, while protecting user privacy…

Continue reading The Inability to Simultaneously Verify Sentience, Location, and Identity→

Wood’s unique “chemical fingerprint” could thwart timber fraudsters

Posted on April 21, 2023 by Ben Coxworth

Even though logging is prohibited in many of the world’s threatened forests, that doesn’t stop some companies from logging in those areas anyways, then lying about the origins of the timber. Soon, however, such groups may be foiled by the wood’s chemic… Continue reading Wood’s unique “chemical fingerprint” could thwart timber fraudsters→

Fooling a Voice Authentication System with an AI-Generated Voice

Posted on March 1, 2023 by Bruce Schneier

A reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd’s Bank.
Continue reading Fooling a Voice Authentication System with an AI-Generated Voice→

Experian Privacy Vulnerability

Posted on January 12, 2023 by Bruce Schneier

Brian Krebs is reporting on a vulnerability in Experian’s website:

Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. All that was needed was the person’s name, address, birthday and Social Security number…

Continue reading Experian Privacy Vulnerability→

Retrieving Android phone’s identifiers

Posted on December 3, 2022 by CurtisB

I will be publishing a fingerprinting app that shows its user how much access to their Android phone’s identifiers it has. I haven’t started writing it because I need to understand how can any Android phone be identified by using only its … Continue reading Retrieving Android phone’s identifiers→