Your fingerprints can be recreated from the sounds made when you swipe on a touchscreen — Chinese and US researchers show new side channel can reproduce fingerprints to enable attacks
An interesting new attack on biometric security has been outlined by a group of researchers from China and the US. PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Fi ...continues
:BoostOK: Do not kill the password! In the US at least, passwords are considered knowledge, so you are constitutionally protected from revealing passwords as per the 5th amendment of the US Constitution. That means the government can't legally get the password out of you. Biometrics on the other hand, is not considered knowledge, and the government can force your hand (sometimes literally) for your biometrics to unlock something.
I wrote something for Dark Reading. Tell me if you like it.
"African Cybersecurity: Facing 2024's Biggest Hurdles: Key trends in African information security this year will include biometric deployments and privacy concerns, and the rise of misinformation."
#UK#Surveillance#PoliceState#Biometrics#FacialRecognition#DataProtection: "Britain is an “omni-surveillance” society with police forces in the “extraordinary” position of holding more than 3m custody photographs of innocent people more than a decade after being told to destroy them, the independent surveillance watchdog has said.
Fraser Sampson, who will end his term as the Home Office’s biometrics and surveillance commissioner this month, said there “isn’t much not being watched by somebody” in the UK and that the regulatory framework was “inconsistent, incomplete and in some areas incoherent”.
He spoke of his concerns that the law was not keeping up with technological advances in artificial intelligence (AI) that allow millions of images to be sorted through within moments and that there were insufficient checks and balances on the police."
Work issued me a new laptop with a fingerprint reader, but I haven’t been able to use it yet—every time I try to scan my finger, it tells me that my fingerprint must contain at least one capital letter, one lowercase letter, one numeral, one special character…
#SocialMedia#Twitter#AI#ML#Biometrics#DataProtection: "X’s recently updated privacy policy informed its users it would now collect biometric data as well as users’ job and education history, Bloomberg spotted earlier this week. But it appears that’s not the only thing that X plans to do with user data. According to an update to another section of the policy, the company additionally plans to use the information it collects and other publicly available information to help train its machine learning and AI models, it says.
The change was noticed by Alex Ivanovs of Stackdiary, who has a history of finding notable updates in the terms of service of tech companies, having previously found AI-related updates in Brave and Zoom. His post is now trending on Y Combinator’s discussion forum Hacker News."
The European Union’s Entry-Exit System (EES), which aims to enhance internal security and modernise external border management, will start its operation just a few months from now. The Entry/Exit System (EES) will be an automated system that will be used to register travellers from third countries each time they cross an EU...
#Surveillance#Biometrics#FacialRecognition#Israel#Palestine#Gaza: "Israel is deploying a mass facial recognition program in Gaza, conducting surveillance of Palestinians without their knowledge or consent, according to a new report from The New York Times.
As the publisher reports, speaking to Israeli intelligence officers, military officials, and soldiers, the facial recognition program is run by the Israel Defense Forces (IDF)'s military Unit 8200, which is "collecting and cataloging the faces of Palestinians". The program reportedly uses technology from Corsight, an Israel facial recognition company that provides services for government agencies, law enforcement, and corporations, alongside Google Photos.
The Times says this mass surveillance is being rolled out in Israel to identify members of Hamas, following the Oct. 7 attacks. The Israeli military also set up checkpoints — along roads Palestinians are using to flee the war — with facial recognition cameras, and soldiers have used security camera footage, videos uploaded by Hamas on social media, and also asked Palestinian prisoners to identify anyone affiliated with Hamas." https://mashable.com/article/israel-palestine-gaza-facial-recognition-program
In an exclusive interview with The Times, the Met’s director of intelligence, Lindsey Chiswick, said that the tool had been a “game-changer”, triggering an arrest every two hours of alleged criminals including rapists, burglars and robbers since it was introduced last April.
A Whitehall source said that it had been so successful that the government was planning to make a policy statement setting out its facial recognition strategy in May or June.
#CyberSecurity#DataBreach#Biometrics#FacialRecognition#DataProtection#Australia: "Police and federal agencies are responding to a massive breach of personal data linked to a facial recognition scheme that was implemented in bars and clubs across Australia. The incident highlights emerging privacy concerns as AI-powered facial recognition becomes more widely used everywhere from shopping malls to sporting events.
The affected company is Australia-based Outabox, which also has offices in the United States and the Philippines. In response to the Covid-19 pandemic, Outabox debuted a facial recognition kiosk that scans visitors and checks their temperature. The kiosks can also be used to identify problem gamblers who enrolled in a self-exclusion initiative. This week, a website called “Have I Been Outaboxed” emerged, claiming to be set up by former Outabox developers in the Philippines. The website asks visitors to enter their name to check whether their information had been included in a database of Outabox data, which the site alleges had lax internal controls and was shared in an unsecured spreadsheet. It claims to have more than 1 million records.
The incident has rankled privacy experts who have long set off alarm bells over the creep of facial recognition systems in public spaces such as clubs and casinos."
#UK#Privacy#Biometrics#FacialRecognition: "Silkie Carlo, director of Big Brother Watch, has filmed the police on numerous facial-recognition deployments. She was there the night Shaun Thompson was picked up by police.
"My experience, observing live facial recognition for many years, [is that] most members of the public don't really know what live facial recognition is," she says.
She says that anyone's face who is scanned is effectively part of a digital police line-up.
"If they trigger a match alert, then the police will come in, possibly detain them and question them and ask them to prove their innocence."
The use of facial recognition by the police is ramping up.
Between 2020 and 2022 the Metropolitan Police used live facial recognition nine times. The following year the figure was 23.
Already in 2024 it has been used 67 times, so the direction of travel is clear.
Champions say that misidentifications are rare.
The Metropolitan Police say that around one in every 33,000 people who walk by its cameras is misidentified.
But the error count is much higher once an someone is actually flagged. One in 40 alerts so far this year has been a false positive."
EU to Launch Biometric Entry/Exit System in a Few Months - SchengenVisaInfo.com (www.schengenvisainfo.com)
The European Union’s Entry-Exit System (EES), which aims to enhance internal security and modernise external border management, will start its operation just a few months from now. The Entry/Exit System (EES) will be an automated system that will be used to register travellers from third countries each time they cross an EU...
Privacy group challenges Ryanair’s use of facial recognition (www.biometricupdate.com)
The complaint alleges that Ryanair is infringing on customers' data protection rights by using facial recognition for identity verification.