Apple Syncs iPhone Security to Your Heart


Incorporating biometric features into iphone or devices of daily use certainly has its merits as well as demerits. It does certainly raise security to the next level wherein one's unique biometric identity becomes one's identitiy in the world of technology. Since biometric identities are unique, we would probably be heading in a direction where we would no longer require a password, access cards or even a key.

The uniqueness of biometric signatures that provide security and privacy to technology is the demerit as well. If I lose a key or if my password gets compromised, I can procure a new key/password and ensure that my security and privacy is safeguarded. However, What if my biometric signature/identity is compromised? Will I be able to change the way my heart beats, my finger print or the signature of my Iris?

What if I forget my phone which bears my biometric identity in a bar? Security by obscurity is not really the best way to secure a product. Most proprietary softwares and products evaluate security by obscuring the technological implementations from the real world. However, an engineer with enough knowledge and expertise in reverse engineering can quite often reveal information pertaining to technological implementations and even methods to break security standards implemented in products. iPhone Jail break softwares are indeed good examples of reverse engineering techniques unmasking methods to overcome security techniques in place. More notable is the work of reverse engineering artists who recently busted face detection technology (Source : Reverse-engineering artist busts face detection tech ).

Technology is advancing so fast that we cannot determine all possible security implications of every product or technology that comes in to market place. Many protocols, technologies and implementations have fallen with the passage of time and with advancement in more sophisticated technology. Unless the true implications of biometric devices, their ethical concerns and security issues are addressed, we are moving in to a future where there is no room for error. With systems implementing biometric technologies, Can we allow any probability/room for error, identity loss or identity leak/exposure?

Can humans create systems/machines that are 100% fool proof, secure and ethical in the way data is handled? As long as I cannot state an answer (yes) with a 100% probability, I would re-evaluate every technology that uses biometric identity. The point of my speculation is not to discern the merits of the technology, but merely ensuring that wide spread commercialization of such technology does not result in loss of focus on SECURITY. As Ross Anderson explained in "Why Cryptosystems Fail", not all software engineers are security engineers and have the required skills to implement and analyze the required level of security.

Comments

Popular posts from this blog

Problems with Equifax Breach Disclosure

Potential DoS Vulnerability with Android System

iOS Credential Leakage