Google Moving Forward on Automatic Logins

Google is trying to bring this to Android developers by the end of the year:

Today, secure logins -- like those used by banks or in the enterprise environment -- often require more than just a username and password. They tend to also require the entry of a unique PIN, which is generally sent to your phone via SMS or emailed. This is commonly referred to as two-factor authentication, as it combines something you know (your password) with something you have in your possession, like your phone.

With Project Abacus, users would instead unlock devices or sign into applications based on a cumulative "Trust Score." This score would be calculated using a variety of factors, including your typing patterns, current location, speed and voice patterns, facial recognition, and other things.

Basically, the system replaces traditional authentication -- something you know, have, or are -- with surveillance. So maybe this is a good idea, and maybe it isn't. The devil is in the details.

EDITED TO ADD: It's being called creepy. But, as we've repeatedly learned, creepy is subjective. What's creepy now is perfectly normal two years later.

Posted on May 24, 2016 at 8:35 AM • 74 Comments

Comments

Mark MurphyMay 24, 2016 9:01 AM

The problem goes beyond "creepy". Allowing Google to decide whether or not I can get into my bank account is not a good idea.

jaysonMay 24, 2016 9:15 AM

On the plus side, this will put an end to drunk dialing when we can't unlock our phones due to typing, speaking, and gait pattern changes.

NoMay 24, 2016 9:15 AM

So what if someone uncharacteristically decides to go travelling to a foreign nation and gets a cold (or some other illness that results in their voice changing)?

Mike GerwitzMay 24, 2016 9:16 AM

What's creepy now is perfectly normal two years later.

This is a strong diver of complacency with mass surveillance. It's a very bad thing---people will become dependent on this authentication mechanism as a perceived superior form of authentication when in reality they're trading account security for personal security; good intent or not, this is just another excuse to ask users for as much personal information as possible.

JordanMay 24, 2016 9:28 AM

Very interesting. Hopefully Google will be using this automatic login in a responsible way, that still keeps people getting into others' accounts to a minimum.

Tommy DohnMay 24, 2016 9:37 AM

Doesn't this mean Google would essentially have your "password" for every other site?

Jose says No WayMay 24, 2016 9:44 AM

Form the outset, whatever site implements this, I will not be using.

-I will NOT be uploading my biometric data to US-based corporations
-I will NOT browse the internet without anonymization
-I will NOT allow a bunch of unrelated sites to use the same centralized login system
-I will NOT allow websites to store and sell on my personal profile in exchange for letting me log on to MY OWN data

As a side note: Google's offices in France are being raided by the police as we speak as part of an investigation on tax evasion.

William TorchonMay 24, 2016 9:47 AM

"What's creepy now is perfectly normal two years later."

I don't know, Bruce. Facebook's facial recognition was creepy 5 years ago and it still is creepy as hell.

Project RidiculousMay 24, 2016 9:59 AM

Another wet dream straight from NSA headquarters.

1) Android has around 80% of the global market for smartphones.

2) Project Panopticon necessitates OCD data hoarders have it all.

Thus, in a classic corporate-spy complex synergistic play we are sold Project Fukwithus - full biometric take of facial features, voice prints, walking traits and typing patterns - as the new 'must have' security feature.

It is a logical progression, since the phonetards have already shown a proclivity for volunteering long term identity markers as part of their techno-narcissism; amply illustrated by Apple's successful fingerprinting test run.

I can already see the future articles decrying the NSA hack of Google servers hosting the said data, which will be shared surreptitiously with FBI, DHS, and every other authoritarian pig in uniform.

The 'National Security yada yada' (get-out-of-jail-free card) defense will be played instantly and nobody will be held to account. Rinse repeat. "Don't Be Evil" can pry the fingerprints and other biometric markers from my cold, dead hands.

Clive RobinsonMay 24, 2016 10:01 AM

@ Bruce,

It's being called creepy. But, as we've repeatedly learned, creepy is subjective. What's creepy now is perfectly normal two years later.

It also works the other way in that what was considered normal or atleast acceptable a few years ago is now considered creepy.

It's actually an indicator that at some level society is still working and evolving.

Interestingly in both cases it's those of a liberal nature that accept such changes in their stride. Whilst those of a conservative nature tend to react against any changes irrespective of which way the creepiness moves.

Whilst I like change and grab at new technology or ideas, I still metaphorically yern for the "pipe and slippers" ideals from my much younger days... As my other half has been heared to remark it's because I'm an old fart techno geek that likes doing everything from scratch... Whilst I will admit to likeing to make my own bread, jams pickles, charcuterie and boats I am a little past wrestling live stock bigger than a goose these days so she may have a point :-(

Ergo SumMay 24, 2016 10:11 AM

@Mike Gerwitz...

This is a strong diver of complacency with mass surveillance. It's a very bad thing---people will become dependent on this authentication mechanism as a perceived superior form of authentication when in reality they're trading account security for personal security; good intent or not, this is just another excuse to ask users for as much personal information as possible.

The driving factor in this type of 2FA is the positive identification of the user. Account security is just a sideshow that makes logging in securely easy/convenient, especially with the app on the mobile devices. The app can also provide GPS data to Google and others, they will know where you are at any given time better than your significant other ever will...

It's not like malware isn't making progress to exploit these type of 2FA...

Clive RobinsonMay 24, 2016 10:15 AM

@ Jose says no way,

As a side note: Google's offices in France are being raided by the police as we speak as part of an investigation on tax evasion.

Some times it's a shame that the liberals get to get rid of Madame Guillotine, I'd quite cheerfully watch a few Alphabet Execs get wheeled in on a tumbrel[1] and get a very short back and sides whilst doing some knitting ;-)

[1] For those that don't know the tumbrel was a particular kind of horse drawn cart that tipped up. It was more normally used by farmers to shift horse and pig manure when cleaning out. Such symbolism is probably why they were used to cart the aristo's to their demise...

DFMay 24, 2016 10:19 AM

What happens if you injure your hand(s) and/or lose your voice? It seems likely you could lose access to your accounts.

@Bill, perfect quote for this. Loved it.

HansMay 24, 2016 10:32 AM

@bruce

The link in the word "creepy" loops back to this page. Is that intentional?

albertMay 24, 2016 10:32 AM

This activity is happening in the phone. So the data for logins is being moved from inside your head, to inside the phone. Even if Google were holy angels from heaven, this wouldn't be a good idea. I'd guess that most Android phones could be easily hacked, and the login procedure bypassed, without having to simulate the owners 'profile'. Facial recognition too?

What could possibility go wrong?

I suspect that banking is the most important online activity for most people. I wouldn't even mind 3FA for my bank access. I don't think it advisable to do banking on a phone, or laptop, on -any- wifi system. It doesn't make sense to me. I can lose my money on the craps tables in Vegas, and have fun as well.

. .. . .. --- ....

David LeppikMay 24, 2016 10:33 AM

It seems similar to how credit card companies verify transactions. When I was in Minnesota and someone tried to pay for a spa in Italy with my credit card, they flagged it as unrealistic. (They also do the same when I legitimately pay for Estonian software.)

In this case, it doesn't eliminate passwords, it simply falls back to passwords if there is insufficient positive evidence. Also, it's not clear that any data is processed or stored in the cloud.

I'm perfectly fine with it, so long as (1) all the data is kept local, (2) there's a password fallback, and (3) it's reliable enough to tell if my kids are trying to use my phone.

In fact, I welcome it. There are apps on my iPhone that I don't use because I haven't bothered to remember the app's password, and the app can't seem to remember it.

JonKnowsNothingMay 24, 2016 10:39 AM

In the USA all biometric data is considered "public". Your face, your finger prints, your DNA. The US Courts have ruled that these items do not require a warrant. The courts/law enforcement can force you to take a DNA/alcohol/drug test or have your finger print taken or take unlimited photos of you and your car as you cross an intersection or by one of their face/license plate readers. Even tow trucks and insurance companies do not require any court authorization for face/license plate recognition biometric captures.

A new app now does Partial Face Recognition and is available to the public and from news reports, a very large number of people want to know: Who is that dude/dudette in the background of my Hawaii vacation pics?

Passwords do require a warrant. Passwords have been found to be "intellectual thought", something that comes from your mind and is not public. You can face a demand for a password but you can fight that in court and/or refuse to comply.

Although, the FBI couldn't demand the password to the iPhone from the dead dude in San Berdo, they could have opened a biometric password on an iPhone with a finger print (gummy bear) and face photo and snaps of the iris, samples of blood or whatever biometric data is chosen.

While intellectual passwords may not be all the great (123456), at least you have some minimal protection from law enforcement. Law enforcement/Security Services steal far MORE data than those "other guys", who run parallel malware writing services.

Maybe we all should start wearing hijabs. Except of course in liberal democratic countries when hijabs are illegal in public. You know, it interferes with the biometric data sweeps. Gloves could be making a comeback too.

Your face is in front of you.
You freedom is trailing behind you and falling farther behind.

UnsureMay 24, 2016 11:09 AM

I hope they will take their time implementing this. Besides the privacy aspect I wonder how this is going to work when a user is under the influence of alcohol, as that should change the way we type, speak and handle a phone quite drastically.

Last time I visited my parents (they live in a different country) I found myself fairly stressed at airport I arrived at. Would this Google authentication system still give me a high enough trust score to let me use most of my apps even though I am in a different country and behave differently? I mean it's in those situations I rely on my phone the most, to keep in touch with my parents and to use my bank in case of emergencies.

MikeAMay 24, 2016 11:26 AM

Creeping Creepiness. Just heard on the news that over 50% of people interviewed about self-driving cars are skeptical, and would not (today) accept one with no manual override. Makes sense to me, but opinions can change.
I do not own any cars less than 5 years old, which seems to be the limit for "software upgrades", so I really have to wonder which path they will take:
1) growing number of autonomous vehicle with unpatched vulnerabilities on the road.
2) Illegal to possess a vehicle that does not contain the latest (possibly suborned) software.

Yes, I am aware that an autonomous vehicle, with software that is both competently and honestly developed, can be a much better driver than a human, in normal driving situations. Those are big "if"s.

Dale PontiusMay 24, 2016 11:44 AM

Your phone is already on you, and for all you know, it's collecting all of this information already and sending it back to the Three Letter motherships. Maybe the information is being gathered N more times and sent to 3N corporate overlords as well. You don't know, and unless you're loading your own ROM images and apps, and get them from truly trusted sources, you can't know. (Maybe not even with all trusted phone software, because even then you don't control the baseband or the SIM card.)

Google's crime is rubbing your nose in it. Meanwhile they're offering you some benefit, too. They may even be doing you a real service by shining a light on it.

I run Cyanogenmod with Privacy Guard. I've no doubt that that doesn't make me fully safe, but I also limit what I put on my phone. It's kind of like the old joke about the bear and the sneaker-change. I don't have to be faster than the bear, just faster than you. I don't have to be perfectly secure, just good enough to send them to easier phones. Plus if some three letter agency really wants my data, the game is already over.

Randy EssexMay 24, 2016 11:46 AM

"I'm perfectly fine with it, so long as (1) all the data is kept local, (2) there's a password fallback, and (3) it's reliable enough to tell if my kids are trying to use my phone."

These seem to me VERY bad ideas from an infosec point of view.

1) If all the data required for the verification is kept local, how does the server know who they're supposed to verify and whether or not the credentials have been tampered with on the client side?

2) If there is a password fallback, how are you going to defend against downgrade attacks?

3) With regard to one's kids using the phone, you've got to choose -- you either go for biometrics and usage patterns associated with a single user, or you allow the entire family to use the device, but you can't have both (unless the device has several password-protected accounts, in which case we're back to square one with the use of passwords).

I am generally suspicious of any company or government that tries to substitute passwords for something that is not protected under the Fourth Amendment.

hawkMay 24, 2016 12:11 PM

I thought everyone was all for two-factor authentication.

I remember when it was unthinkable to expect ladies to pump their own fuel. What if they spilled gas and there was an explosion or they broke a nail or something.

Grumpy McGrumpfaceMay 24, 2016 12:27 PM

@Randy Essex
RE: "company or government"

One can't address the *real* problem if one still differentiates.

JdLMay 24, 2016 12:52 PM

It's being called creepy. But, as we've repeatedly learned, creepy is subjective. What's creepy now is perfectly normal two years later.

That's what I'm afraid of. That's what gets the frog boiled to death.

WilbertMay 24, 2016 12:53 PM

@Mike Gerwitz

Most people don't know of or don't understand what mass surveillance is. The concept of having the entire world's communications screened by NatSec and LEOs is alien to them. The concept is so absurd they just mentally filter it out.

paulMay 24, 2016 12:58 PM

Maybe I don't use my phone enough to understand why this is so crucial. Saves a second or two at the most? But I can see how by reducing the time to get into a payment app it might make people just that tiny bit more willing to spend money using their phones.

rMay 24, 2016 1:02 PM

@Jordan,

You bet it will be used by Google in a legal manner.

The government will present a warranty to use your identity or... Identifiers to allow logins to your various accounts the same way fingerprints can be compulsorily used to unlock doors, safes, phones, cars, guns... Etc.

CuriousMay 24, 2016 1:15 PM

This idea of pattern recognition for id'ing a computer user sounds like half assed security, something that could be added on top of good security, but not replacing good security.

Why does Bruce think something could be perceived as creepy to be perceived as perfectly normal two years later? Perhaps with other people entirely a century later, but not in two years, that doesn't make good sense to me to be honest.

Comrade MajorMay 24, 2016 1:39 PM

Well, with this mechanism of authentication, attacker needs to:
1. hack into smartphone
2. gather all info used for authentication
3. emulate user

Not very hard, considering poor state of security we have.

Fred PMay 24, 2016 1:59 PM

It would seem to me that a nasty accident could change most of these factors very rapidly.

Comrade MajorMay 24, 2016 2:04 PM

Of course, this will increase barrier's entry, and maybe cost of operation, but not much.

What's interesting about this authentication system, is that it makes all this smartphones a target, instead of central servers.

This means that smartphones will be attacked more often than before. And we know that they're insecure by design.

Ross SniderMay 24, 2016 2:28 PM

Security is an undefined concept until a threat model specified.

The past decade has given sufficient evidence that security *from* Google is a priority - both in terms of data sharing, extralegal access and impersonation, and vendor lock-in.

This authentication mechanism does not meet the lowest bar on its security requirements, when security *from* Google is considered in the thread model.

@Jose says No Way has a good list. Any authentication pattern centralized under Google or other profit-and-power-driven-enterprise, that at the same time provides them with massive biometric databases, and that at the same time removes the possibility of anonymity in authentication - is purely not acceptable and entirely inappropriate.

I am already mostly boycotting Google. This will not win me over.

k15May 24, 2016 2:39 PM

If I seemingly always have to enter capchas twice, even the easy ones, and traceroute() never completes, does this indicate something else on the line, that might use recorded keystroke patterns to emulate me?

Also, phone numbers given over the phone, that sound as though someone's inserted a recording of the person saying a digit? And when the number I write down does indeed turn out to be wrong?

How are we going to navigate this?

David LeppikMay 24, 2016 3:18 PM

@Randy:

The phone can already see your password as you type it. Mind you, if it isn't stored it can't be retrieved after the fact. Depending on how it's implemented (and I assume these guys at Google aren't total amateurs) this could improve security. Especially if they replace passwords with key-based authentication.

Right now on my iPhone I can check my credit card statement with my thumbprint instead of a password. This sounds similar, only with behavior-based heuristics rather than a thumbprint.

Which one has better security depends on the particulars of the implementation. But the baseline is a pretty awful form of authentication: passwords.

Comrade MajorMay 24, 2016 4:05 PM

@David Leppik
Sure, but Abacus project is presented as a panacea - it should protect users from hackers.

In reality, it cannot protect users from hackers. It will increase entry barrier for hackers, but that's it.

Passwords are insecure. Since you know this, there is no false sense of security.

trsm.mckayMay 24, 2016 4:50 PM

@Randy
1) If all the data required for the verification is kept local, how does the server know who they're supposed to verify and whether or not the credentials have been tampered with on the client side?

Good questions, this one has a complicated answer. As a crypto geek I love the idea of end-to-end authentication to reduce internal replay attacks. The relying party generates a challenge (nonce), which is then included in the various signatures as the authentication chain is built. But the given the strong privacy movement, I think most biometrics will end-up remaining local to the client - which implies the need for a trusted client (trusted by whom is a good question, which I won't try to answer in this post). But my conclusion is that going forward end-to-end encryption will only occur in really rare circumstances.

The alternative is partial authentication taking place at multiple locations; the three obvious categories are: client, relying-party, and intermediaries. So most biometric verification will take place at the client level, and the client will represent how well the authentication worked. Other locations will authenticate using the transaction risk rating approach -- similar to home banking or a credit card transaction: how risky is that transaction, client type, biometric verification method used (or at least the client's assertion of what it did), time, client-location, frequency of transaction, etc. A lot of this transaction risk rating already takes place, and though it has privacy concerns, is mostly outside of the direct control of the user.

2) If there is a password fallback, how are you going to defend against downgrade attacks?

There will have to be some fallback, and it will use the transaction-risk approach mentioned above (just like we do now, for example help desks dealing with forgotten passwords). Passwords may, or may not, be involved.

3) With regard to one's kids using the phone, you've got to choose -- you either go for biometrics and usage patterns associated with a single user, or you allow the entire family to use the device, but you can't have both (unless the device has several password-protected accounts, in which case we're back to square one with the use of passwords).

I don't see the inherent conflict between using both biometrics and usage patterns? True it is a bit harder for devices with out explicit user accounts (Apple, Android), but given my experience in this area a small number of users could be handled fairly transparently. If the number of users grows too large, than the patterns become more general and because less useful.

I am generally suspicious of any company or government that tries to substitute passwords for something that is not protected under the Fourth Amendment.

Agree this is an important issue (though your framing is USA specific). As usual when dealing with a well funded adversary (like the FBI/NSA), there are no easy answers. My thoughts on a way of solving this, which I admit only works well for sophisticated users, is to provide some user-specified client level security levels; which specify how much hassle (based on the thought that user hassle increases as biometric authentication strength increases) is required to access particular data and features. Kind of like configuring your own transaction-risk settings in the client.

Dan3264May 24, 2016 5:24 PM

@Randy, @trsm.mckay,
The verification is almost certainly not going to work. Android is a very popular operating system running on a wide variety of devices whose specifications are not controlled by Google. Any possible protection methods are insulated from the phones by several layers of bureaucracy. Any scheme like this would (as a bare minimum) have up-to-date patches, a root of trust from every phone back to google(every phone would have to have a keypair with the public key signed by Google), and every manufacturer would have to handle security well(If any manufacturer does not do that, there would be no reason to trust the system). There are probably many other things that would have to be taken into account for the system to be secure.

rMay 24, 2016 5:26 PM

@dan3264,

In b4 an [inter]national ID card system and licensed use of the internet.

Grumpy McGrumpfaceMay 24, 2016 5:34 PM

@pudding pops

Re these PTB you speak of: Are they the Dog Soldiers from the Greater Magellanic Cluster or the Plutonians from Cygnus X-1? If the latter, we probably should be REALLY worried, because they're the ones that got Kennedy.

Just some Tor DeveloperMay 24, 2016 5:47 PM

Google should go bankruptcy after the NSA scandal.
Instead, stupid citizens still trust Google and use their service.
They give up their privacy, but I never do it.

I won't use web service which use Google Login.
I always click Back button when I encounter Cloudflare's "One more step" page
which is including Google captcha.

This is far beyond "creepy". This is madness.

> What's creepy now is perfectly normal two years later.
Do you really think so? I highly doubt it.

Dirk PraetMay 24, 2016 7:00 PM

A biometrics based authentication API by the largest collector of personal data on the planet for an operating system the ecosystem of which is a total security nightmare. What could possibly go wrong?

@ Bruce

The devil is in the details.

s/details/Google

@ JonKnowsNothing

In the USA all biometric data is considered "public".

Hear, hear. From a legal vantage indeed another government "front door" just like Apple's iOS fingerprint authentication.

@ Clive

Some times it's a shame that the liberals get to get rid of Madame Guillotine, I'd quite cheerfully watch a few Alphabet Execs get wheeled in on a tumbrel ...

It would be even nicer if they were to be accompanied by some bankster friends: Lawsuit accusing 16 big banks of Libor manipulation reinstated by US court.

JackMay 24, 2016 10:17 PM

Bruce said: "What's creepy now is perfectly normal two years later."

We do love our boiling frogs don't we...

HamidMay 25, 2016 1:19 AM

Why nobody is asking about how we got here in the first place. Do we really need so many apps to remember the passwords for?

JonKnowsNothingMay 25, 2016 3:34 AM

@Hamid

Why nobody is asking about how we got here in the first place.

Well... technically I would hazard that by now, most people (some, few, lots, BEEELLLLIOONS) know how we got here. It just that most people (see above) don't really want to change anything.

Change requires risk. In USA risk means: a visit from the FBI, charges of espionage, threats of 35+years in SuperMax (a very lenient sentence compared to execution) and of course at the very least: No Job.

Don't want to write code for the telemetry corps? How come so many people are still working for Don'tBeEvil? What about that flagship-X in Redmond? I've not heard of any mass exodus from any tech company other than those companies who are flinging people off the payrolls so the shareholders and board members can have it instead.

People are easily conned (I-CON-THE-RECORD) and really would rather NOT look and especially NOT CHANGE anything at all. Magic at work.

If everything about "how we got here" is wrapped nicely in the National Flag of your choice, people will hop on the band wagon and happy sing all the way to the gates of ....

The real issue isn't about how we got HERE. It's more like: Where do we do now? What CAN we do now? Afaik, none of the paths are looking all that good. All of them fail to address the issues. All of them have back doors for surveillance and telemetry. Nope not looking good at all.

So, what change can you do?

Have you dropped your $700 USD iPhone in the toilet yet? Have you dumped JavaScript(or as much as you can). Have you blocked WinBlo-X? Do you plan to buy that super nice mega sized WiFi Enabled TV? Do you have the BIG SHOW SPORTS and EVERYTHING package from your cable provider? Watching those Foxxy-CNN Shows? How about an AI BOT in your home? Got one? Want one? Hey they might throw in an IDIOT of THINGS device too.

There are economic forces and individuals who depend on you to NOT DO ANYTHING. Accept your fate, shackles and restrictions. Bow to the demands of the 1% in exchange for ... ??

What will you give them that they cannot already take by force or guile? You can start by not giving them what they want the most. THE most important thing they want you to do is: LOOK AWAY.

Don't Look Away, Be Witness.

SteveoMay 25, 2016 5:17 AM

In a Google server farm somewhere, "Oh hai, looks like those two google accounts you were trying desperately to keep separate are both logged into with the same voice/eye pattern, we'll just pass that information on to the NSA".

SteveoMay 25, 2016 5:18 AM

Google and Facebook want to know everything about you. And I do mean everything.

Clive RobinsonMay 25, 2016 6:17 AM

@ Steveo,

Google and Facebook want to know everything about you. And I do mean everything.

Your comment reminds me of an episode of Futurama, where Fry has got worms from a "truck stop egg sandwich". After getting run through with a pipe the company Dr Zoidberg, notices that something strange has happend to Fry. Thus Zoidberg gets a long fiber optic cable to do an internal exam. Fry opens his mouth for the cable and Zoidberg says "guess again", at which point the sceen changes to show the rest of the company sitting in front of a big screen eating popcorn as the Prof has got a copy of the video feed from the cable... We then see a picture of Fry's colon...

For some reason the Futurama production team have guessed correctly that US audiences just love refrence things relating to colons and impacted bowels and other lower GI tract humour...

JimMay 25, 2016 8:52 AM

"But, as we've repeatedly learned, creepy is subjective. What's creepy now is perfectly normal two years later."

Isn't that the definition of "creep" though? it...creeps.

BytopiaMay 25, 2016 11:18 AM

@Jose

-I will NOT be uploading my biometric data to US-based corporations -I will NOT browse the internet without anonymization -I will NOT allow websites to store and sell on my personal profile in exchange for letting me log on to MY OWN data

One minor problem there. Hardly anyone asks (or would ask, I suspect) for your (or anyone's else) consent.

I'm quite interested if the problem can be solved in a way that eliminates or minimizes reliance on trust.

As a side note, I recall working for a taxation department of some backwater town ten years ago. They warehoused all kinds of interesting personal data and it would have been ridiculously easy to grab had it been connected to the Net. It hadn't; the other "assuring" thing was the technical ineptitude of most of the staff working there. But boy, had it been a hawking mess.

TovarichMay 25, 2016 12:51 PM

Given the behavior pattern based component, coupled with Alphabeth's [brazen that name] lack of help desk, this approach will inevitably degenerate into the modern version of checking in with authorities in advance to declare your future activity patterns.

The tech community has completely failed to act as guardians of society at large. We have built the surveillance society. No doubt Ted is having a good laugh at the supermax over this latest episode.

Creepy GoogleMay 25, 2016 2:59 PM

@Clive Robinson • May 24, 2016 10:01 AM

It also works the other way in that what was considered normal or atleast acceptable a few years ago is now considered creepy.

--

Yes. For example, it's now considered "creepy" not to have a Facebook account.

If that's an example of society "evolving", I don't care to see what evolution it makes next.

LolMay 25, 2016 4:47 PM

@Clive Robinson

Now here I thought they were just going to "tune" into the right frequency to view the picture (i.e. everyone's secretly implanted with cameras at birth, which broadcast publicly)

@Tovarich

Companies (which tech companies are a subset of, which the tech community is a subset of) were never designed to be the "guardian" of anything but their own profits... Government is supposed to be protecting people from those companies, instead of being worse oppressors themselves...

@Creepy Google

Darwin got it backwards, mankind isn't evolving, it's devolving. Entropy always increases over time. It's a basic law of physics.

albertMay 26, 2016 11:06 AM

@Dirk, et al,

It's quite legal to photograph people in a public setting. However, you must have their permission to {publish} photos or videos, when the subjects are {identifiable}. The the terms in braces have been redefined by technology that didn't exist in the period during which the Constitution was written. (Sound recording and photography were not known to the general public then).

What would the Founding Fathers have thought about x-ray and thermal scans? Wouldn't they consider them unreasonable, akin to strip searches? (which weren't legal then, but apparently OK now).

The problem is not that our laws haven't caught up with our technology. The problem is our technology has bypassed our laws.

............
@Clive, Creepy,

W. Edwards Deming said, you can't blame the -workers- for poor quality; it's always a -management- problem. They have control, therefore they have responsibility.

We're devolving because our government/educational system has abandoned any concepts of rational morality and the common good, and replaced them with all-consuming greed for money and power.

That's why we're devolving.

. .. . .. --- ....

Bumble BeeMay 26, 2016 6:09 PM

@albert

W. Edwards Deming said, you can't blame the -workers- for poor quality; it's always a -management- problem. They have control, therefore they have responsibility.

Yes, I think that's about right. Management is perfectly capable of blaming workers for poor quality, handling P.R. for them, and so on and so forth... Someone very intelligent who works for the sewer district once told me, "Shit flows downhill."

65535May 26, 2016 8:15 PM

We have to find an alternative to Google.

Any suggestions, including GMail and all other google services [say removing googles root certificate]?

Mr. ObviousMay 27, 2016 2:47 AM

It is wrong to call this automated logins.

It is a system predicting your behavior which does so successfully enough without any local resources.

"Automatic login" is the sales pitch for livestock management.

In essence a dog owner taking the dog for a walk at regular intervals.

We are all already house-trained.

The livestock management is information management. Humanity's future wasn't what came to mind when I first read about the destructive digitization approach to the books in Rainbows End by Vernor Vinge. Humans are slower than books and rewrite themselves constantly so the process takes longer in order to duplicate, simulate, and predict that reiterative process.

None of this is fanciful or fantasy, the Snowden files document its beginning from ten years ago but it doesn't spell it out for you. It's not yet perfect but more than good enough to choose who to kill. Those nominally in charge admit it openly whether or not they realize that such a thing is what they admit to.

ianfMay 27, 2016 3:01 AM


@ 65535 “We have to find an alternative to Google.

"Alphabet," you mean. There are alternative search engines, but, apart from the schizo duck, most track users for opaque commercial reasons anyway. And the duck^2 indexing isn't as extensive as Google's own, alas.

Before there was Gmail, I chiefly used Eudora, with offline plaintext (thus freely editable) storage, but nowhere near the inbox search capabilities of Gmail (not that that is anywhere near perfect, as it can not display just the lines/snippets with sought keywords in context, but insists on presenting the entire message contents instead). And then Eudora became unusable itself (don't ask), and folded.

Any suggestions, including GMail and all other google services [say removing googles root certificate]?

Other Google services like Documents/ Drive, Picasa/etc and newsgroups are wholly voluntary and thus of little damage. But there are no wide viable alternatives to IMAP Gmail, Yahoo etc. There are some narrow, individually-coded solutions to these (mostly involving forks of mail clients), but they could never gain a foothold in a world where 1/5th of the population thinks nothing of subjecting itself to one whippersnapper Zuckerberg's idea how humans should "inter-communicate."

In other words, even if tomorrow you'd unveil a micropayment'sy pay-as-you-go, globally-accessible and encrypted cloud backed up, private unlimited mail storage and search function client, little would be gained by its (even widespread) adoption as long as its users would continue to rely on Fuckfacebook for their daily shots of KuteKitties™ videos.

ianfMay 27, 2016 3:34 AM


Imagines @Steveo: In a Google server farm somewhere, "Oh hai, looks like those two google accounts… are both logged into with the same voice/eye pattern, we'll just pass that information on to the NSA".

You got it ALL WRONG. No Google worth its no-evil name would voluntarily divulge anything as commercially valuable to them as a connection between separate ID-entities on their network to authorities. Just think of the missed eyeball ad impressions that they could sell to highest bidders to make the "other" ID-you respond to the same stimuli that the "first" ID-you found so entrancing! So of course they would not volunteer that connection. Only when compelled to do so by court orders and/or by looking the other way when Surveillance Homeland Internet Task Force installs its own fork for data firehose, which will save them both future legalese bother.


Further, on May 25, 2016 5:18 AM Steveo generalizes when s/he talks wishfully of him/herself (in third person singular):

Google and Facebook want to know everything about you. And I do mean everything

Oh, come on! Surely THAT INTERESTING you are not, or else we'd already know all about you, which I can assure you we do not—nor do we long to.

JoshMay 27, 2016 5:52 AM

Who needs 3 letter agencies, when Google and Facebook are the new big brother.

MarkMay 28, 2016 12:24 AM

Not that I use Google for anything, but this seems as though it's an obvious grab for even more data.

@ianf, except that Google lose no money by passing anything "commercially sensitive" on to the NSA etc., apart from the operation costs of running such a system. Last I checked, the spooks aren't in the advertising industry. In fact, it's better for the spooks to have us believe that they don't know about all of our extra accounts, email addresses, etc. We know that they have systems that link us to other people.

Perhaps you have it ALL WRONG.

@65535, there are of course plenty of alternatives to Google the search engine. Are they as good? No. I use duckduckgo.com personally. There are plenty of email services out there that claim to be "secure". I personally use Protonmail. The problem? Most of my friends use, guess what, Gmail. So my email still gets read by their advertising systems...

I'm surprised that no-one (that I saw) linked to this:

https://www.theguardian.com/technology/2016/feb/24/smartphone-apps-google-deepmind-nhs-hospitals

Google (under a company called DeepMind) are now sucking up medical information of NHS patients at a few hospitals in London. Now apparently they're not allowed to link this medical data (acquired by DeepMind) to any data known to "Google". However, it's well known that governments and companies alike play silly, little word games.

In true British fashion, it's opt out. Good luck trying to explain your privacy concerns to doctors in the UK. When I lived there, all of them laughed at my concerns.

Anyway, my point being that they capture biometric data as a part of authentication, medical data, tracking your email, and tracking your web surfing.

Are you happy with that?

GroogolMay 28, 2016 2:09 AM

> What's creepy now is perfectly normal two years later.

Which doesn't make it any less creepy. It just makes society dumber for being accepting of yet another intrusion into our lives by corporate and government interests.

xravenMay 30, 2016 9:19 AM

Combine this with the ridiculous insecurity of standard Android phones (heck, its entire "ecosystem") and its just a dumb idea.

But since this is done by Google at least it has the possibility of following umpteen other highly promoted Google projects into hades.

xravenMay 30, 2016 9:44 AM

Another issue with this is that it won't stop hackers into getting into peoples accounts outside of "logging in" (e.g. when an exploit is used because of some vulnerability to bypass a web app login).

For that reason this proposal is less interesting from a true "security" perspective and more interesting from "confirm that this is person X browsing for products Y" perspective.

In other words, a great fit for the advertising company named Google.

Anyway the fact that both Google and Facebook collect tremendous amounts of personal data is evident from the sizes of their datacenters and information already discussed elsewhere.

It is better that neither of them control the direction of any processes that involve peoples identities.

ianfJune 1, 2016 1:32 PM


@ Mark sez […] “Google loses no money by passing anything "commercially sensitive" on to the NSA etc., apart from the operation costs of running such a system.

We could discuss those claims/ counterclaims in all eternity, and not come nearer the character and extent of logrolling of Google & the NSA. From my peripheral vantage point, the latter OWNS the infrastructure on which the former operates – so what difference does it make if they leech off the data before or after it had been collated? Very little diff, anyway.

I'll give you an IRL counter example from another field that you seem to care about: aggregation of medical history. The local GP clinic that I am inscribed to, not wholly free, but heavily subsidized by the county/state, is electronically data-entwined with other health service providers (both communal and private). Once going between them required a paper trail, now all that is done virtually (only need to flash my lashes to confirm the ID tattooed on the inside of my eyelid at taxpayers expense).

A few times I've been asked by doctors to opt-in to some new (state-supervised research) databases, that are then available within certain operational and regional constraints in the system (for instance: in case of emergency, the blood group, medicine intake, and similar low-level personal intel is made available to all ER crews, but not my other med history. For statistical surveys, the records are anonymized, and so in. So it's a staggered form of data sharing (whether they adhere to it or not I don't know)). I realize that, with each iteration of my participation, both actual use of services, and opted-in data storage, the state gets to know all about my health, incl. prospects for longevity – so they can adjust their long range budget projections accordingly. I also read now and then how it is abused by unauthorized nurses etc (mostly in cases of B-class celebs who came down with "socially traumatic diseases"). But then I ponder on the alternative… were I to opt-out, l'd merely remove the state's nominal, and temporary access to the data by one degree of virtual separation… ergo, not much added privacy for myself that I can see.

You asked “is 65535 happy with this?”

I don't know about 65535, but in view of the above, happiness doesn't enter into it. Any closer deliberations merely underscore how much of a pawn one is in such collective benefit systems for which there are no practical alternatives (and, to be truthful, healthcare-wise, a M.D. ex of mine OBVIOUSLY wasn't that alternative either).

Peter ShenkinJune 15, 2016 10:09 AM

"What's creepy now is perfectly normal two years later."

Same is true in reverse. Slavery, gay marriage, maybe (TBD) eating meat.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.