-
The Google Pixel 4. [credit: Ron Amadeo ]
Google's recently announced Pixel 4 has a new biometric feature—well, new for Google, at least—face unlock. Like most new biometric systems, that means we'll probably be writing about security flaws in its implementation, and the first one has already popped up before the phone is even out. You don't need to have your eyes open for the Pixel 4's face unlock to work. The flaw was first publicized by the BBC's technology reporter, Chris Fox, who was able to get face unlock to work on several people with their eyes closed.
The thing about biometrics versus a password or PIN is that having to enter data via a keyboard is a pretty good indicator of consent. You're conscious, you're recalling this secret information, and you're typing it into the phone. You're at least aware of what's going on. Biometrics, on the other hand, are something other people can do for you, or to you. The easiest example is pointing a phone at a sleeping person to unlock it. You could also lift a person's finger and put it on a fingerprint reader, but at least you have to touch the victim to do that. There's a real lack of consent and awareness when you can just point the phone at an unconscious person.
Fox gives a great video example on Twitter:
Read 2 remaining paragraphs | Comments
https://ift.tt/2BhMaC8
Comments
Post a Comment