Information Security & Occasional Forays Into Adjacent Realms
via superlative reportage from DJ Pangburn, we now learn of the ineptitude of US governmental oversight officials (and the Agencies, Bureaus, Departments, and Branches of Federal Government they service) tasked with protecting gathered and stored biometric data (amongst other things). Simply asotounding.
Lawrence Abrams - writing at Bleeping Computer - regales us with the (unfortunately true) tale of nearly two hundred and thirty thousand Danish passports possess invalid finger print data (the hands are 'swapped', as it were).
In typically excellent form, Troy Hunt analyzes ostensibly the largest biometric data system in the world, comprising at least 1.2 billion records of bio-data markers. Absolutely phenomenal and, Today's Must Read.
"Q: Can you explain why your hack worked but similar attempts (like Wired magazine's) failed?
A: Because... we are the leading cyber security firm ;) It is quite hard to make the "correct" mask without certain knowledge of security. We were able to trick Apple's AI, as mentioned in the writing, because we understood how their AI worked and how to bypass it. As in 2008, we were the first to show that face recognition was not an effective security measure for laptops (related links can be found at the end of this writing)." - via Questions and Answers, Bkav Corporation, November 11, 2017
