:BoostOK: Do not kill the password! In the US at least, passwords are considered knowledge, so you are constitutionally protected from revealing passwords as per the 5th amendment of the US Constitution. That means the government can't legally get the password out of you. Biometrics on the other hand, is not considered knowledge, and the government can force your hand (sometimes literally) for your biometrics to unlock something.
For all of those using #23andMe or similar services, here's a periodic reminder on how to properly protect your #biometrics DNA #2fa factors:
Regularly (at least once a year,) change your genetic code. Small random mutations are insufficient, a new code should be generated.
Never use the same genetic code on more than one service.
Select a strong genetic code. Use at least 8 great-grandparents, and at least 1 billion base pairs.
Never share your genetic code with anyone. We will not ask for your genetic code, and giving your genetic code to a co-worker or friend can result in disciplinary actions, including infectious diseases, romantic angst, and unwanted lifetime financial and caregiving responsibilities.
#UK#FacialRecognition#PoliceState#Facewatch#Biometrics#Privacy#Surveillance: "Senior officials at the Home Office secretly lobbied the UK’s independent privacy regulator to act “favourably” towards a private firm keen to roll out controversial facial recognition technology across the country, according to internal government emails seen by the Observer.
Correspondence reveals that the Home Office wrote to the Information Commissioner’s Office (ICO) warning that policing minister, Chris Philp, would “write to your commissioner” if the regulator’s investigation into Facewatch – whose facial recognition cameras have provoked huge opposition after being installed in shops – was not positive towards the firm.
An official from the Home Office’s data and identity directorate warned the ICO: “If you are about to do something imminently in Facewatch’s favour then I should be able to head that off [Philp’s intervention], otherwise we will just have to let it take its course.”
The apparent threat came two days after a closed-door meeting on 8 March between Philp, senior Home Office officials and Facewatch."
X (ex-Twitter)’s privacy policy is being updated, and there’s a reason it’s prettier
The two attached screenshots are from (the English-language version of) MuskCo’s new privacy policy, which will take effect on 29 September 2023: https://twitter.com/privacy
Because of the way everything’s hidden in folded-up sections, which you can only see one at a time, it’s actually quite hard to read, despite MuskCo’s alleged efforts to make it ‘short and easy to understand’
(The current version is still accessible via the handy ‘Download PDF’ button)
Changes that might make you think twice about continuing to participate in MuskCo’s dystopian social network:
⚠️ In Section 1.1 (first screenshot), information MuskCo may collect from users now includes
• your biometric information (‘based on your consent’) – why?
• ‘employment history, educational history, employment preferences, skills and abilities, job search activity and engagement’ – is this the LinkedIn-ification of MuskCo?
⚠️ In Section 2.1 (second screenshot), in order to ‘[o]perate, improve and personalize [their] services’, MuskCo may now use any of your data to train their machine learning or (so-called) artificial intelligence models
I’m not sure how all this will play out in Europe, where there are semi-decent data protection laws, but wherever you live, if you’re still a MuskCo customer, now feels like a(nother) great opportunity to get out!
FTC denies rating board's suggestion for age verification system
The Federal Trade Commission has denied a petition to allow companies to use facial age estimation (FAE) technology to obtain parental consent when collecting data from children under 13, a requirement for the Children's Online Privacy Protection Act (COPPA).
Work issued me a new laptop with a fingerprint reader, but I haven’t been able to use it yet—every time I try to scan my finger, it tells me that my fingerprint must contain at least one capital letter, one lowercase letter, one numeral, one special character…
“It really isn’t good enough....Not only do you have potentially millions of people whose images are in police records, even though there are no guilty findings against them, but you can’t even know how many there are... It is an intractable problem.”
#Canada-based University of #Waterloo is racing to remove M&M-branded smart vending machines from campus after outraged students discovered the machines were covertly collecting facial-recognition data…
Invenda.Vending.FacialRecognitionApp.exe," displayed after the machine failed to launch a facial recognition application that nobody expected to be part of the process of using a vending machine.
Air Canada, Emirates among carriers using biometric data for travelling
While airlines and airports say facial recognition can make air travel — an often tedious experience — more efficient and seamless, privacy advocates argue the use of biometric data is fraught and open to abuse.
A #Montreal lawyer wants to file a class action lawsuit against the Chinese-owned discount shopping app #Temu, alleging that customers' data was stolen.
I wrote something for Dark Reading. Tell me if you like it.
"African Cybersecurity: Facing 2024's Biggest Hurdles: Key trends in African information security this year will include biometric deployments and privacy concerns, and the rise of misinformation."
I've heard #cybersecurity experts often say that passwords are more secure than #biometrics, one of the reasons being that you can change your #passwords if it ever gets leaked but you can't change your biometrics. However one of the major downsides of using a password/pin for your lockscreen is that someone could simply look over your sholder to figure out your #password. These so called over-the-shoulder attacks are more common than you may think and the presence of #surveillance cameras everywhere makes the situation worse because now you could be recorded typing in your password!
So because of all these reasons I had mixed feelings about using a password/pin and tent to use biometrics whenever possible. But my opinion about passwords changed entirely after watching this 9 year old video on YouTube showing how to use the "picture password" feature on a #BlackBerry device - https://www.youtube.com/watch?v=Gef7kehpedA
The ingenuity of this system not only prevents over-the-shoulder attacks but is also fast & easy to use! I'm actually quite surprised that this never caught on to other devices because it really seems like a smart and easy solution to a common problem. Thanks to @sr for mentioning this on your #podcast or else I would've never known about this technique.
#UK#FacialRecognition#Privacy#Biometrics: "Privacy International (PI), Big Brother Watch (BBW), StopWatch, CopWatch, Defend Digital Me, Liberty and Statewatch have written to Home Secretary James Cleverly to raise concerns over the danger posed to UK society by Facial Recognition Technology (FRT).
In a letter sent on 18 January 2024, the signatories raised concerns over the escalating use of FRT and warned the Home Secretary that "The indiscriminate use of this dystopian biometric technology to identify people in public spaces is a form of mass surveillance [...] happening in a democratic vacuum, without specific legislation to restrict its use".
We called on the Home Secretary to "put an immediate end to the radical expansion of the use of FRT in order to protect the fundamental freedoms of all members of UK society". "