您现在的位置是:熱點 >>正文
【】
熱點319人已围观
简介From fingerprints, to facescans, to possibly even sweat analysis, biometrics have become the default ...
From fingerprints, to facescans, to possibly even sweat analysis, biometrics have become the default way many of us secure our data and unlock our smart devices. But with that ubiquity also comes risk, as security researchers have demonstrated time and time again that many of these supposed safeguards are susceptible to multiple-step hacks.
But what about, you know, single step hacks? Like, for example, hacking off someone's thumb? The question of whether or not a dead body or missing limb could be used to unlock a phone is not a new one, and has been asked since at least the release of Apple's Touch ID. And yet, despite the years of coverage, no one has been able to agree on an answer.
SEE ALSO:So how worried should we be about Apple's Face ID?The rather morbid debate popped back into the public consciousness this month after the tragic November 5 mass shooting at a Texas church. USA Today subsequently reported that the FBI was attempting to gain access to the shooter's iPhone, and that, if Touch ID was enabled, a specialized reproduction of his dead finger would likely have sufficed to unlock it — assuming it was used within a 48-hour window of the last time the phone was unlocked.
This claim, based on the expertise of Anil Jain, a professor of computer science at Michigan State University, adds a confusing layer to the reporting of numerous outlets — including this one — that a dead hand itself would notbe sufficient to bypass Touch ID. That's because the Apple-developed biometric uses radio frequency waves to check the skin underneath a finger's outer layer, a trick that supposedly prevents a dead one from being used. What's more, the tech also relies on a capacitive sensor which is activated by an electrical charge in living skin. No living skin, no luck.
So can smartphones make a distinction between the living and the dead, or not? The answer matters. If the fingers, eyes, or face of a deceased victim be used either by law enforcement or criminals to unlock a smartphone, then biometric locks have a brutally defined shelf-life. This, of course, would stand in contrast to a strong alphanumeric password which can't (at least yet) be pried from your ever-so-quickly decaying body, and would suggest yet another reason that the security conscious should avoid biometrics like a privacy-violating plague.
Credit: BRITTANY HERBERT/MASHABLEMashable repeatedly asked Apple, Google, and Samsung for comment on the matter, but received not a single response to our numerous inquiries. We also reached out to a host of biometric security experts, hackers, digital law experts, and forensic pathologists in an attempt to get to the bottom of what has passed from the realm of dark thought experiment to serious inquiry, but the responses (or lack thereof) only further muddied the waters.
It's almost as if, when it comes down to it, there's no agreement on whether or not a dead body could pass the biometric test.
The experts
There are, of course, many different forms of biometric security. Different devices rely on varying hardware and software solutions for purposes of authentication, and some of those have shown to be substantially less robust than others.
Daniel Edlund of Precise Biometrics, a company that makes and sells software for fingerprint authentication, told Mashable that the dead-body question comes down to a feature known as "liveness detection."
"If the fingerprint technology is equipped with what is called liveness detection, or in professional terms 'Presentation Attack Detection,' it will with a high security reject false fingerprints," he explained over email. "It doesn't matter if it is a copy of a fingerprint, such as a rubber, silicon or plastic replication, or a dead finger."
Touch ID, which relies on the aforementioned capacitive sensor and RF waves, would seem to fall in that category. It's less clear with Face ID, which Apple claims is "attention-aware." However, according to the company, that simply means the phone "recognizes if your eyes are open and looking towards the device." As the 1993 modern American classic Demolition Manmakes clear, an eye doesn't necessarily need to be attached to a living head to fulfill that requirement.
Nate Cardozo, Senior Staff Attorney on the Electronic Frontier Foundation's digital civil liberties team, had a different take based upon his technical knowledge of the systems in question.
"It's my understanding that while Touch ID does work [with a deceased individual], Face ID won't because it detects 'attention' from the user."
Face ID doing its thing.Credit: appleThis sentiment was partially echoed by Phobos Group security researcher Dan Tentler, who likewise gave a conditional response when asked about using the dead to unlock a smartphone.
"Touch ID, definitely," he observed over email. "Face ID? Hard to say, you could probably get it done if you had the body, and were able to open the person's eyes. But then again, there was that one guy who shaved his beard and Face ID quit working, so it's hard to say."
Yet another expert, UnifyID co-founder and CEO John Whaley, went even further. His company specializes in behavioral biometrics — a way to "authenticate you based on unique factors like the way you walk, type, and sit" — and his assessment of dead bodies and biometrics suggests that your digital secrets won't die with you.
"It is certainly possible to authenticate with biometrics even without user consent, or the person even being alive," he explained. "This is especially true if the factor they use is static, like a fingerprint or a face. One attempt to combat this is to use a liveness check, but even those are often easily spoofable."
In other words, in Whaley's mind, even the latest and supposed greatest in biometric security —Face ID — is likely capable of being unlocked with the face of a deceased individual.
Death and your data
Manufacturers around the world love to brag about the biometric locks built into their smartphones, claiming to have found that sweet spot between security and convenience. However, short of someone conducting an extremely unethical experiment, the "severed finger test" is one that companies like Apple and Google may never have to take — let alone prove they can pass.
That won't matter for most consumers, who, if presented with the possibility of having their hand lobbed off by a criminal trying to break into their phone, will likely be more concerned about their digits than their documents. However, as time passes and biometric sensors are added to more and more of the devices that surround us, a new question is presented: who has access to our identity — and our data — after we die?
Much like whether or not a corpse can be used to unlock an iPhone, that question still remains very much unanswered.
Featured Video For You
Sorry, but you just can't erase yourself from the internet
TopicsAppleCybersecurityGoogleiPhoneSamsung
Tags:
转载:欢迎各位朋友分享到网络,但转载请说明文章出处“夫榮妻貴網”。http://new.maomao321.com/news/04b4999946.html
相关文章
This coloring book is here for all your relationship goals
熱點LONDON -- We are living through the golden age of celebrity relationships. Gone are the days of tort ...
【熱點】
阅读更多This guy survives in the wild with nothing but a bunch of everyday tech gadgets
熱點We all use tech to get through the day. Whether its replying to messages on Slack or email for work, ...
【熱點】
阅读更多Melania Trump wore a chill $51,500 jacket to meet G7 spouses
熱點Melania Trump said "hey" to her fellow G7 spouses in Sicily Friday wearing a bright, floral Dolce &a ...
【熱點】
阅读更多
热门文章
- Two states took big steps this week to get rid of the tampon tax
- LED eyelashes are the future of making your eyes literally light up
- Dear smartphone companies, please give us smaller phones
- This rat is doing just fine in his banana skin, thanks for asking
- Sound the alarms: Simone Biles finally met Zac Efron
- People are pretending the floor is lava and no, you haven't traveled back in time
最新文章
Visualizing July's astounding global temperature records
Snow is hard to come by in Australia, so this guy created his own
This guy wants to use tech to create a 'wizarding pub' in London
Austin mayor has the perfect response to man mad about women
This chart shows just how high Simone Biles can jump
Drone delivery ahead: Amazon gets patent for package parachutes