06-08-2019, 08:31 PM
31
Re: New online security checks exclude people without mobile phones or decent signal
Originally Posted by Zuleika
->
So far as I’m aware from speaking to my bank this new security is about online purchases with your card .
But that doesn't alter the fact that they are essentially lying about it all.
What security advantage does texting a verification code to your mobile have over the previous method of asking you to provide characters from a password when making online transactions?
It's a total nonsense and another step towards total loss of privacy.
06-08-2019, 09:02 PM
33
Re: New online security checks exclude people without mobile phones or decent signal
Originally Posted by Rehab44
->
My online login has moved from username..password..and relatives middle name....to my thumbprint...immediate access to all my accounts
06-08-2019, 09:04 PM
34
Re: New online security checks exclude people without mobile phones or decent signal
Originally Posted by Realist
->
Far easier to fake a fingerprint than find out someone's password. Madness.
07-08-2019, 08:18 AM
35
Re: New online security checks exclude people without mobile phones or decent signal
Originally Posted by Rehab44
->
Really? Tell me more...but wait..let me adjust this tin foil hat
07-08-2019, 11:01 AM
36
Re: New online security checks exclude people without mobile phones or decent signal
Originally Posted by Rehab44
->
Really? Tell me more...but wait..let me adjust this tin foil hat
A few simple examples going back as far as 2008
https://www.avg.com/en/signal/3-reas...gerprint-locks
3 Reasons to Never Use Fingerprint Locks on Phones
"#1 People can hack your fingerprints (and scanners)
We leave fingerprints behind everywhere we go: on doorknobs, on railings, on cups and glasses, on keypads, on screens, in photos—you name it. So there are lots of places hackers can harvest this supposedly uncrackable password.
The Chaos Computer Club demonstrated this as far back as 2008. To protest a German politician’s proposal to implement biometrics, the club used a photograph to recreate his fingerprint. In 2013, it used latex to create a fake finger to open a lock. More recently, the approach has been repeated with playdough and Elmer’s glue, highlighting just how easy it is becoming to recreate physical prints.
Worse yet, fingerprints can also be hacked virtually. At the 2015 Black Hat convention in Las Vegas, a couple of security experts demonstrated a number of hacks for fingerprint locks. They built an app that mimicked a phone’s unlock screen; when used by the victim, it could approve a financial transaction. They pre-loaded fingerprints onto the phone, enabling access. They showed it was relatively easy to rebuild a fingerprint from the file used to store it. And they hacked the scanner itself, allowing them to grab fingerprint images whenever used.
#2 You can change your password — not your fingerprints
This is so basic it is often overlooked. When my email account was hacked several years ago, I changed the password and the problem went away. But if someone were to hack my fingerprint, they would always have it.
Think about what that means. Fingerprints are forever. Once the bad guys have them, they can keep using or selling them to other bad guys. This is particularly disturbing when you consider how many government organizations collect fingerprints and the increasing number of private firms using it for authentications.
#3 Police don’t need your permission to unlock a phone with biometrics
It is also important to remember that we are not always in control of our own hands. All someone has to do to get you to unlock your phone is press your fingers against the screen.
This has been allowed in the US, where a judge granted a search order to police officers in Glendale, California. The position is that a fingerprint is “physical evidence”, akin to a physical key, which can be gathered as evidence or demanded by court order. Moreover, fingerprints are readily available because they are routinely collected as part of basic police and legal procedures. And because fingerprints are physical and not “testimony”, they are not protected by the Fifth Amendment’s clause on self-incrimination.
Not so passwords and PIN codes. Forcing a person to show you something “in their mind” is testimonial, and thus coercion is prohibited. Large tech companies (including AVG) make a similar argument about corporate information. Fighting the FBI to a largely unresolved standstill over access to the phone used by the San Bernardino terrorist, Apple made the legal argument that the FBI was attempting to force Apple to speak — and speak against its own interests, something that should not be allowed. The FBI dropped the case after paying a third party to hack the phone. While rent-a-hacker proved effective, it also proved rather expensive; and for the time being, most cases are unlikely to warrant such an investment.
Still, it is within the realm of possibility that law enforcement agencies could force or coerce manufacturers to include back doors to devices for harvesting prints through fingerprint locks."
No 2 there is the most important to understand.
There is simply no going back once someone gets hold of your fingerprint. Game over.
Because of that even a dimwit can see that this whole fingerprinting usage will, in no time at all, just collapse as more and more people fall foul of having had their fingerprints hacked. Once that happens in enough numbers the fingerprint system will be removed, abolished.
Of course by then a whole raft of the population will have unwittingly volunteered their fingerprints to any number of national databases like criminals, bagged and tagged forever.
07-08-2019, 11:04 AM
37
Re: New online security checks exclude people without mobile phones or decent signal
Another load of concerns here:https://www.kaspersky.com/blog/finge...ecurity/10951/
"Security experts discovered that HTC One Max and Samsung Galaxy S5 smartphones stored fingerprint images in an unencrypted, readable-by-any-app .bmp file — just as a common bitmap picture. Any software, which has access to user’s pictures and Internet, could steal them. Developers produced a patch soon after the discovery but who guarantees that they won’t make similar mistakes with new phones and OS releases?
Moreover, many smartphones have poorly protected sensors, which let malware get the pictures right from the fingerprint scanners."
07-08-2019, 12:10 PM
38
Re: New online security checks exclude people without mobile phones or decent signal
Originally Posted by Realist
->
<Snip most of the drivel>
There is simply no going back once someone gets hold of your fingerprint. Game over.
So simple... Just use a different finger.
07-08-2019, 02:42 PM
39
Re: New online security checks exclude people without mobile phones or decent signal
Originally Posted by Bruce
->
So simple... Just use a different finger.
hahahahahahahahahaha
breathe . . . . . .
hahahahahahahahahaahaha
Naturally once 10 fingers are up you can start using your toes
Sheesh !
|
|
