On 5/6/22, professor rat <pro2rat@yahoo.com.au> wrote:
By presenting a facial scan or fingerprint to the device, I’ll be able to log in without having to type a password . . ."
https://arstechnica.com/information-technology/2022/05/how-apple-google-and-...
I was under the impression cypherpunks opposed the use of biometrics for ID purposes.
Was I wrong?
Using bio to secure your own local stuff isn't terrible, if still used with passphrase or other elements, since fingers are easily copied your face and eyes easily capturable anywhere in public or private your DNA scooped up off any surface etc, and is just as subject to rubberhose as any other single fiduciary system. Problem with some if not all of the bio implementations today, is that these bio scanners upload the raw scanned bio data to a system outside of your control, to the server and the auth software running on it, which then stores it and every one of its per-scan variations forever, abuses sells datamines gives it to GovCorp etc, and then does whatever characterization math and comparison of the result to let you login. That's bad. Auth systems that honor bio privacy, at minimum your own scanner modules, and hopefully plugged into only your own end-user system, anyway would never emit raw bio scan data, but would do the characterization of the scan internally locally, then hash that, then send the hash outside your system upstream to the auth login comparison process. Unfortunately, many potential biometrics (face, eye, finger, etc), and most certainly not their distilled-down characterizations, do not have sufficient number of bits (ie at least 128) to prevent collision or rainbow table reversal of the uploaded hash, and thus cannot prevent the immediate reversal, disclosure, and abuses of your real bio that you input. That's bad. All of this SSO auth shit is just the globalist authoritarian "alliance" wet dream to digitally ID control trace and track everyone on the planet under a single collateable unchangeable mark of the beast that will be used to fuck you and everyone else. Voluntary ID works just fine for million years of humanity, picture ID was still nowhere even 50 years ago, then you all fell for the bullshit and raced to sign yourselves up for that totalitarian anti-freedom permanent skin-branding forever stored and used against you bullshit. You stupid stupid stupids. Better way is to teach actual privacy, security, anonymity, password managers, voluntaryism, freedom, etc to youth from first day they use computer. Unfortunately public schools just teach to conform and follow the authoritarian, and to never challenge them with the peace and sanity of freedom and anarchism. Stop teaching that.