Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: internet

Quoted: “IBM’s first report shows that “a low-cost, private-by-design ‘democracy of devices’ will emerge” in order to “enable new digital economies and create new value, while offering consumers and enterprises fundamentally better products and user experiences.” “According to the company, the structure we are using at the moment already needs a reboot and a massive update. IBM believes that the current Internet of Things won’t scale to a network that can handle hundreds of billions of devices. The operative word is ‘change’ and this is where the blockchain will come in handy.”

Read the article here > https://99bitcoins.com/ibm-believes-blockchain-elegant-solution-internet-of-things/

“This week, the viral aggregator ViralNova was acquired for $100 million dollars. Meanwhile, the Pitchfork spin-off film criticism site The Dissolve ceased operations with an internet_meaningful blogpost entitled “The End.” The divergence between the missions and lifecycles of these two media projects that both launched in 2013 leave me wondering, “WTF is value?” It is certainly not creating #niche content for ‘intelligent audiences.’ Over the past two years, we’ve learned that there isn’t any actual monetizable ‘cultural value’ in building a content farm with an authoritative voice or domination of a niche area. Instead, it is more important to chase quantifiable human metrics by shoving lowbrow content in front of Facebook users. This is exactly what ViralNova has done better than most content farms–it figured out the current system and #growth_hacked the hell out of it.” Read more

“We lack ‘true agency’ on the Internet. That is to say, all of the data we create online and all of the operations we execute are handled for us by centralized servers, most of which sit in massive data centers operated by corporations and government institutions. We depend on these servers for everything.”

Read more

Last year, Google began experimenting with hardware-based schemes for user-authentication, while Apple added two factor authentication to iCloud and Apple ID users. They began sending a verification code to users via a mobile number registered in advance.

Security pundits know that two factor authentication is more secure than simple passwords. As a refresher, “Factors” are typically described like this:

  • Something that you know (a password — or even better, a formula)
  • Something that you have (Secure ID token or code sent to cell phone)
  • Something that you are (a biometric: fingerprint, voice, face, etc.)

The Google project may be just another method of factor #2. In fact, because it is small (easily misplaced or stolen), it simplifies but does not improve on security. I suggest a radical and reliable method of authentication. It’s not new and it’s not my idea…

password_key

Back in 1999, Hugh Davies (no relation to Ellery) was awarded a patent on a novel form of access and authentication. It capitalizes on the human ability to quickly pick a familiar face out of a crowd. Just as with passwords, it uses something that you know to log in, purchase, or access a secure service. But unlike passwords, the “combination” changes with every use, and yet the user needn’t learn anything new.

Hoping to commercialize the technique, Davies joined another Brit, Paul Barrett, and formed Passfaces (originally, Real User Corporation). Incidentally, it is quite difficult to research Passfaces and its history. Web searches for “face recognition”, “access”, “authentication” and “patent” yield results for a more recent development in which a smart phone recognizes the face of authorized users, rather than users recognizing familiar faces. (Google, Samsung and Apple are all beginning to use face recognition on mobile devices). In fact, the Passfaces method is quicker, uses less resources and is far more reliable.

I have long been disappointed and surprised that the technique has never caught on. It is a terrific method with few drawbacks. Used alone, it is better than other methods of 1 or 2 factor authentication. Add a second factor and it is remarkably secure and robust.

How it Works:

Passfaces-1When accessing or authenticating (for example, logging into a corporate VPN or completing a credit card purchase), you are presented with a tiled screen of individual faces. I prefer a big 15×5 grid = 75 images, but Passfaces uses sequential screens of just 9 faces arranged like the number pad on an ATM.

Just click on a few familiar faces. That’s all! Oddly, Passfaces discourages the use of known faces. Their research, with which I respectfully disagree, suggests that users should train themselves to recognize a few faces from the company’s stock library. In my preferred embodiment, users upload a dozen photos of people they know at a glance—preferably, people that they knew in the past: A 3rd grade music teacher, a childhood friend who moved away, the face on an oil painting that hung in the basement until Dad tossed it in the fireplace. Now, add the boss who fired you from your first job, the prom queen who dumped you for a football jock, and that very odd doorman who stood in front of a hotel in your neighborhood for 20 years. Photos of various quality and resolution, but all scaled to fit the grid. Some are black & white, perhaps scanned from an old yearbook.

Using my preferred example of 75 faces, suppose that 5 or 6 of the images are from your personal shoe box of old photos. The rest are randomly inserted from all over the internet. How long would take you to click on 3 of the 5 or 6 familiar faces in front of you? (Remember: They are old acquaintances. Even a spouse would have difficulty picking out 3 faces from your early life—as they looked back then). Surprise! You will click them instantly, especially on a touch screen. You won’t need even a second to study the collage. They jump off the screen because your brain perceives a familiar face very differently and faster than anything else.

Of course, the photo array is mixed in different ways for each authentication and it incorporates different friends from your original upload. In fact, if a user sees the same faces in the next few transactions, it is a red flag. Someone has spied on the process, perhaps with a local camera or screen logger. In legitimate use, the same faces are not recycled for many days and are never shown together on the same screen.

Facebook uses a variant of this technique when their servers sense your attempt to login from new equipment or from another part of the country. They show you individuals that you have friended, but that were uploaded and tagged by other users. If you cannot identify a few of your own friends, especially the ones with which you have frequent social contact, than it’s likely that your login attempt deserves more scrutiny.

I don’t know why Passfaces or something like it has failed to catch fire. Perhaps the inventor refuses to license the method at reasonable cost or perhaps he cannot find a visionary VC or angel consortium to more aggressively promote it. If I had invented and patented facial-array authentication, I would attempt to market the patent for a short time focusing on very large network companies like Microsoft, Google, Cisco or Akamai. If I could not license or sell the patent quickly, I would hesitate to go it alone. (I have tried that route too many times). Instead, I would place it in the public domain and profit by being the first, and most skilled practitioner at deployment. I would train and certify others and consult to organizations that use or commercialize the technology.

saira.maskI used this approach in promoting my own patent which describes an economic barrier to spam (after failing to exploit the invention with my own company). Later, I started with this approach in my research on Blind Signaling and Response and on Reverse Distributed Data Clouds. I recognized that rapid adoption of transformative technology like facial grid authentication, can be thwarted by defensive IP practice.

« Branching somewhat off topic, a developmental biologist at Imperial College in London, has published a proof that Saira Mohan has the world’s most beautiful face, irrespective of the observer’s race. That’s Saira at left. Her mother is French/Irish and her father is Hindoo.

__________
Philip Raymond is Co-Chair of The Cryptocurrency Standards Association [crypsa.org] and
chief editor at AWildDuck.com. He consults to cloud storage vendors in areas of security, pri–
vacy & network architecture, but has no ties to Passfaces or the authentication community.

Have you ever made a list of pet peeves? I’m not referring to the behavioral quirks that couples develop over years of cohabitation. That’s part of every relationship and it is only addressed through give and take and a lot of patience. Rather, I refer to the little things that have become institutionalized all around us—and yet, we know that they are just plain idiotic. The problem is that they are too small to be picked up by the national news and too common to believe that they can be avoided.

Let’s say that you are driving along a road that comes to an end by forming a ‘T’ at the side of a much busier road. The cross street is busy, but it’s not divided. You plan to make a left turn after clearing a string of high-speed cars approaching from the right.

Conditions are good and there are no obstructions. There is no one coming from the left. Looking to the right, you can see a mile down the road. There are 4 cars speeding toward you, a long space and then a major throng of cars that will tie up the intersection for minutes. You get ready to drop the hammer as soon as that 4th car passes the intersection. You are patient, in a good mood and your car is well tuned.

Traffic Intersection

What’s the dumbest thing that the driver in car #4 could do? Does he have the power to ruin your day and raise your blood pressure while trying to be a nice guy? He sure does!

He can hesitate—slowing just enough to get honked by the parade behind him and just enough to close your window of opportunity. If you are in a hurry to get somewhere, he will ruin your morning faster than you can mime “Move your friggin’ tailpipe!!”. He is oblivious to the fact that his gesture of good will has backfired.

Cross street drivers who let up on the gas are one of my three pet peeves. But today, I was reminded of another minor irritation. From now on, I will call it “Pet Peeve #4”.

I have a good friend in Germany. He is a high tech entrepreneur and tends to move about the globe. His businesses are in Australia and New Zealand, and he spent a long part of the past year in Shanghai. I never know where he will be. But he is currently in Germany and he knows that I am in America.

Realizing that we need to discuss an important matter, he asks me if I will be available during my weekday mornings, between 9 and 11 AM my time. Noting that he has already contemplated the time difference, I check my calendar. “Sure. That works for me,” I tell him… “Why don’t you set the schedule? Any morning this week is good.” He commits to have a colleague figure out the final date.

Taj Mahal_1Minutes later, I receive a Google Calendar link for my approval. It asks that our meeting be scheduled for next Wed from 21:30 to 22:00, India Standard Time. I was unprepared for the involuntary groan that arose from the pit of my stomach. Here, is an open letter to my buddy and the colleague who scheduled our conference to be held on India Time…

C’mon guys / gals… The Internet works on “Internet Time”, also known as UTC or GMT. It is effectively Earth time. It never changes with seasons, war, edict, accidents or daylight savings. It just moves forward as the universal heartbeat of the Internet.

clocksPlease don’t make me translate your Indian Standard Time. I will get it wrong. I always do.

And please don’t figure it out in “USA-Eastern Standard Time”. Here in the US, politicians shift Daylight Savings dates, sometimes splitting it by local counties. In some areas, they change it by only 30 minutes for border towns. (Yes! We are that nuts).

So please: Just tell me the time in UTC. It is the only time that should ever be cited when dealing with anyone that you can’t reach with a personal handshake.

P.S. Don’t take insult when I post your suggested meeting time (and this sarcastic response) to Lifeboat. Sure, you helped me to discover a new peeve—But you have also hit upon my funny bone!

Faithfully yours, ~Phil

Philip Raymond is Co-Chair of The Cryptocurrency Standards Association. He sits on the New Money Systems Board at Lifeboat and advises banks & brokers on new age currencies. Raymond was master of ceremonies and speaker at The Bitcoin Event in New York.

gooooogle

After Spencer Kimball left Google, he found himself missing some of the custom-built software the company uses internally. So he and a bunch of fellow ex-Googlers started building their own. And now they want to make it available to everyone to power the next Google or Facebook.

Specifically, Kimball wanted something like Google’s database system Spanner. Spanner is designed to juggle data between potentially millions of database servers, a tool that keeps Google’s services online even if several servers, or an entire datacenter, go offline. While few companies need to operate at quite the scale Google does, the ability to stay online even if many systems fail, and to automatically balance resources between servers, would be useful to many other companies. Read more

1*jK9tSvzX0SweZGgJG_d_3g

So it was great to get back to New York and be able to report on what is called the“New NY Broadband Program.” It involves a $500 million expenditure to help ensure that New Yorkers across the state have access to current-generation Internet capacity. There’s lots of potential in the plan, targeted at providing every New Yorker with access to 100 megabit per second (Mbps) service (10 Mbps uploads) by the end of 2018. Because New York expects a 1:1 match from the private sector for each grant or loan it makes, that means the state hopes to be deploying at least $1 billion on high-speed Internet access infrastructure.

Read more

“Can tech companies really offer better experiences than the taqueria, flower shop or dry cleaner down the street, while taking a cut for themselves? Not necessarily. Quality control is a challenge when the supervisor is just software.

Read more

David Auerbach | Slate

Illustration by Natalie Matthews-Ramo.
“Twitter’s strength is being the pulse of the Internet, the place where news gets broken in 140-character messages, where important topics start trending the second they enter the collective hivemind, and where politicians and celebrities and thinkers of all stripes can make announcements without the bother of a press release or the filter of the media. Yet this has always made Twitter Janus-faced: Is it a real-time news aggregator or a social network? More importantly, how will it make money?” Read more