FIDO log-in details clash with crypto-anarchy

Sat May 7 16:01:11 PDT 2022

On 5/6/22, professor rat <pro2rat at yahoo.com.au> wrote:
> By presenting a facial scan or fingerprint to the device, I’ll be able to
> log in without having to type a password . . ."
>
> https://arstechnica.com/information-technology/2022/05/how-apple-google-and-microsoft-will-kill-passwords-and-phishing-in-1-stroke/
>
> I was under the impression cypherpunks opposed the use of biometrics for ID
> purposes.
>
> Was I wrong?

> https://fidoalliance.org/

Using bio to secure your own local stuff isn't terrible, if still used with
passphrase or other elements, since fingers are easily copied your
face and eyes easily capturable anywhere in public or private your
DNA scooped up off any surface etc, and is just as subject to
rubberhose as any other single fiduciary system.

Problem with some if not all of the bio implementations today,
is that these bio scanners upload the raw scanned bio data
to a system outside of your control, to the server and the auth
software running on it, which then stores it and every one of its per-scan
variations forever, abuses sells datamines gives it to GovCorp etc,
and then does whatever characterization math and comparison of
the result to let you login. That's bad.

Auth systems that honor bio privacy, at minimum your own scanner
modules, and hopefully plugged into only your own end-user system,
anyway would never emit raw bio scan data, but would do the
characterization of the scan internally locally, then hash that,
then send the hash outside your system upstream to the auth login
comparison process.

Unfortunately, many potential biometrics (face, eye, finger, etc),
and most certainly not their distilled-down characterizations,
do not have sufficient number of bits (ie at least 128) to prevent
collision or rainbow table reversal of the uploaded hash, and thus
cannot prevent the immediate reversal, disclosure, and abuses
of your real bio that you input. That's bad.

All of this SSO auth shit is just the globalist authoritarian "alliance"
wet dream to digitally ID control trace and track everyone on the
planet under a single collateable unchangeable mark of the beast
that will be used to fuck you and everyone else.

Voluntary ID works just fine for million years of humanity,
picture ID was still nowhere even 50 years ago, then you
all fell for the bullshit and raced to sign yourselves up for
that totalitarian anti-freedom permanent skin-branding forever
stored and used against you bullshit. You stupid stupid stupids.

Better way is to teach actual privacy, security, anonymity,
password managers, voluntaryism, freedom, etc to youth
from first day they use computer.

Unfortunately public schools just teach to conform and
follow the authoritarian, and to never challenge them with
the peace and sanity of freedom and anarchism.
Stop teaching that.