I sometimes wonder, How much data am I generating? Meaning: how much data do I generate just sitting there in a chair, doing nothing except exist as a cell within any number of global spreadsheets and also as a mineable nugget lodged within global memory storage systems — inside the Cloud, I suppose. (Yay Cloud!)
Last year, Google began experimenting with hardware-based schemes for user-authentication, while Apple added two factor authentication to iCloud and Apple ID users. They began sending a verification code to users via a mobile number registered in advance.
Security pundits know that two factor authentication is more secure than simple passwords. As a refresher, “Factors” are typically described like this:
The Google project may be just another method of factor #2. In fact, because it is small (easily misplaced or stolen), it simplifies but does not improve on security. I suggest a radical and reliable method of authentication. It’s not new and it’s not my idea…
Back in 1999, Hugh Davies (no relation to Ellery) was awarded a patent on a novel form of access and authentication. It capitalizes on the human ability to quickly pick a familiar face out of a crowd. Just as with passwords, it uses something that you know to log in, purchase, or access a secure service. But unlike passwords, the “combination” changes with every use, and yet the user needn’t learn anything new.
Hoping to commercialize the technique, Davies joined another Brit, Paul Barrett, and formed Passfaces (originally, Real User Corporation). Incidentally, it is quite difficult to research Passfaces and its history. Web searches for “face recognition”, “access”, “authentication” and “patent” yield results for a more recent development in which a smart phone recognizes the face of authorized users, rather than users recognizing familiar faces. (Google, Samsung and Apple are all beginning to use face recognition on mobile devices). In fact, the Passfaces method is quicker, uses less resources and is far more reliable.
I have long been disappointed and surprised that the technique has never caught on. It is a terrific method with few drawbacks. Used alone, it is better than other methods of 1 or 2 factor authentication. Add a second factor and it is remarkably secure and robust.
How it Works:
When accessing or authenticating (for example, logging into a corporate VPN or completing a credit card purchase), you are presented with a tiled screen of individual faces. I prefer a big 15×5 grid = 75 images, but Passfaces uses sequential screens of just 9 faces arranged like the number pad on an ATM.
Just click on a few familiar faces. That’s all! Oddly, Passfaces discourages the use of known faces. Their research, with which I respectfully disagree, suggests that users should train themselves to recognize a few faces from the company’s stock library. In my preferred embodiment, users upload a dozen photos of people they know at a glance—preferably, people that they knew in the past: A 3rd grade music teacher, a childhood friend who moved away, the face on an oil painting that hung in the basement until Dad tossed it in the fireplace. Now, add the boss who fired you from your first job, the prom queen who dumped you for a football jock, and that very odd doorman who stood in front of a hotel in your neighborhood for 20 years. Photos of various quality and resolution, but all scaled to fit the grid. Some are black & white, perhaps scanned from an old yearbook.
Using my preferred example of 75 faces, suppose that 5 or 6 of the images are from your personal shoe box of old photos. The rest are randomly inserted from all over the internet. How long would take you to click on 3 of the 5 or 6 familiar faces in front of you? (Remember: They are old acquaintances. Even a spouse would have difficulty picking out 3 faces from your early life—as they looked back then). Surprise! You will click them instantly, especially on a touch screen. You won’t need even a second to study the collage. They jump off the screen because your brain perceives a familiar face very differently and faster than anything else.
Of course, the photo array is mixed in different ways for each authentication and it incorporates different friends from your original upload. In fact, if a user sees the same faces in the next few transactions, it is a red flag. Someone has spied on the process, perhaps with a local camera or screen logger. In legitimate use, the same faces are not recycled for many days and are never shown together on the same screen.
Facebook uses a variant of this technique when their servers sense your attempt to login from new equipment or from another part of the country. They show you individuals that you have friended, but that were uploaded and tagged by other users. If you cannot identify a few of your own friends, especially the ones with which you have frequent social contact, than it’s likely that your login attempt deserves more scrutiny.
I don’t know why Passfaces or something like it has failed to catch fire. Perhaps the inventor refuses to license the method at reasonable cost or perhaps he cannot find a visionary VC or angel consortium to more aggressively promote it. If I had invented and patented facial-array authentication, I would attempt to market the patent for a short time focusing on very large network companies like Microsoft, Google, Cisco or Akamai. If I could not license or sell the patent quickly, I would hesitate to go it alone. (I have tried that route too many times). Instead, I would place it in the public domain and profit by being the first, and most skilled practitioner at deployment. I would train and certify others and consult to organizations that use or commercialize the technology.
I used this approach in promoting my own patent which describes an economic barrier to spam (after failing to exploit the invention with my own company). Later, I started with this approach in my research on Blind Signaling and Response and on Reverse Distributed Data Clouds. I recognized that rapid adoption of transformative technology like facial grid authentication, can be thwarted by defensive IP practice.
« Branching somewhat off topic, a developmental biologist at Imperial College in London, has published a proof that Saira Mohan has the world’s most beautiful face, irrespective of the observer’s race. That’s Saira at left. Her mother is French/Irish and her father is Hindoo.
__________
Philip Raymond is Co-Chair of The Cryptocurrency Standards Association [crypsa.org] and
chief editor at AWildDuck.com. He consults to cloud storage vendors in areas of security, pri–
vacy & network architecture, but has no ties to Passfaces or the authentication community.
So it was great to get back to New York and be able to report on what is called the“New NY Broadband Program.” It involves a $500 million expenditure to help ensure that New Yorkers across the state have access to current-generation Internet capacity. There’s lots of potential in the plan, targeted at providing every New Yorker with access to 100 megabit per second (Mbps) service (10 Mbps uploads) by the end of 2018. Because New York expects a 1:1 match from the private sector for each grant or loan it makes, that means the state hopes to be deploying at least $1 billion on high-speed Internet access infrastructure.
Keith Kirkpatrick | Communications of the ACM
“‘There’s this whole realization that if news organizations are to attract an audience, it’s not going to be by spewing out the stuff that everyone else is spewing out,’ says David Herzog, a professor at the University of Missouri …‘It is about giving the audience information that is unique, in-depth, that allows them to explore the data, and also engage with the audience.’” Read more
Tanvi Misra | CityLab
“The idea is not just to teach city governments new techniques on harvesting open data to tackle urban problems and measure performance, but to replicate successful approaches that are already out there.“Read more
Posted in astronomy, big data, computing, cosmology, energy, engineering, environmental, ethics, existential risks, futurism, general relativity, governance, government, gravity, information science, innovation, internet, journalism, law, life extension, media & arts, military, nuclear energy, nuclear weapons, open source, particle physics, philosophy, physics, policy, posthumanism, quantum physics, science, security, singularity, space, space travel, supercomputing, sustainability, time travel, transhumanism, transparency, treaties | Leave a Comment on Article: Harnessing “Black Holes”: The Large Hadron Collider – Ultimate Weapon of Mass Destruction
Posted in astronomy, big data, complex systems, computing, cosmology, energy, engineering, ethics, existential risks, futurism, general relativity, governance, government, gravity, hardware, information science, innovation, internet, journalism, law, life extension, media & arts, military, nuclear energy, nuclear weapons, particle physics, philosophy, physics, policy, quantum physics, science, security, singularity, space, space travel, supercomputing, sustainability, time travel, transhumanism, transparency, treaties | 1 Comment on CERN-Critics: LHC restart is a sad day for science and humanity!
- Press release by our partner ”Risk Evaluation Forum” emphasizing on renewed particle collider risk: http://www.risk-evaluation-forum.org/newsbg.pdf
- Study concluding that “Mini Black Holes” could be created at planned LHC energies: http://phys.org/news/2015-03-mini-black-holes-lhc-parallel.html
- New paper by Dr. Thomas B. Kerwick on lacking safety argument by CERN: http://vixra.org/abs/1503.0066
Posted in big data, business, complex systems, computing, disruptive technology, economics, futurism, governance, human trajectories, information science | 2 Comments on Can Ethereum help eliminate corruption and bureaucracy in the developing world? Could Ethereum One Day Transform Law, Finance, and Civil Society?
Quoted: “Ethereum’s developers believe their project will lead to the proliferation of programs they call “smart contracts,” in which the terms of an agreement are written in code and enforced by software. These smart contracts could carry out the instructions of a complex algorithm based on data feed—such as a stock ticker. They could facilitate practically any financial transaction, such as holding money in escrow or dispersing micropayments among autonomous machines. They could be used to create a peer-to-peer gambling network, a peer-to-peer stock trading platform, a peer-to-peer social network, a prenuptial agreement, a will, a standard agreement to split a dinner check, or a public registry for keeping track of who owns what land in a city.
Gupta predicts that these smart contracts will be so cheap and versatile that they’ll do “a lot of things that today we do informally,” and take on a lot of the “donkey work of running a society.””
Read the article here > http://reason.com/blog/2015/03/19/here-comes-ethereum-an-information-techn
by Hal Hodson — New Scientist
GOOGLE is building the largest store of knowledge in human history – and it’s doing so without any human help.
Instead, Knowledge Vault autonomously gathers and merges information from across the web into a single base of facts about the world, and the people and objects in it.