Take Back Your Privacy: The Barefoot Anarchist's Guide to Navigating Today's Digital Landscape by David Haywood Young

Author:David Haywood Young
Language: eng
Format: mobi, azw3, epub, pdf
Tags: General Fiction
Publisher: Cabin Fever Press
Published: 2016-01-23T22:00:00+00:00

Smart Cards & Biometrics

Smart cards are nice. They make hacking more difficult, usually. But for most things, we don’t use them. Too bad, I guess. Okay, that’s all kind of a smart-ass approach to the topic. Especially since the snark is somewhat disguised within the links, and what if you don’t click on them? Like everything else, smart cards can help…but it’s really up to us, individually, to manage the security of our own data. As the links show, hacking does happen. Caution is a good idea.

Do I think a PIN is better, or do I prefer a signature, for “chipped” credit cards? Truthfully I think they’re both kind of weak. The PIN approach makes it hard for the buyer to repudiate a transaction, because the PIN is the same for everybody who might use the card. Whereas a signature, in theory at least, might be analyzed/compared later to determine whether the buyer was actually present. But a signature provides no particular protection vs. a given transaction’s being processed in the first place, and is therefore only good as a retroactive sort of security measure upon later analysis. Maybe…both? But people mostly won’t want the bother.

Anyway. I don’t know how to carry around a device that does any sort of encryption/decryption, that has a key stored on it, that can’t in principle be hacked by an attacker with physical access (see those links above for examples). I think the combination of a smart card and some form of strong password, though, might be a good idea. Unfortunately I don’t know how to keep the password from being stolen either.

I started theorizing here, but just deleted it as being too geeky. Other folks will probably come up with better ideas than mine anyway.

The best overall suggestion I can come up with, for now at least, might involve having lots of systems in use in different places, so maybe they won’t all be hacked simultaneously, or at least by the same people. It’s that crazy-anarchist part of me again, plus I think having a plethora of competing systems will work to weed out the weaker ones over time.

I’m not a big fan of one-size-fits-all systems that everybody’s expected to use. Single point of failure, and all that.

Which brings me to biometrics. (See how I did that? I’m laughing right now. One size fits all? Biometrics? Get it?)

By biometrics, I mean using physical-bit readers like fingerprint scanners or iris scanners for both identification and authorization. Thousands will disagree, but I think the way this stuff’s currently being used is a horrible, horrible idea (in my opinion that last link has by far the best analysis I’ve seen, but it’s pretty geeky), and in more ways than the obvious. Fingerprints in particular are extremely problematic, because you leave “latent” fingerprints everywhere you go, and those can be used against you. Low-tech methods of fooling fingerprint scanners can also be pretty horrific. Biometric information can also be stolen from databases. Generally, fingerprint readers can be fooled in many ways.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.