The Register® — Biting the hand that feeds IT

Feeds

FBI preps $1bn biometric database

"If someone steals and spoofs your iris image, you can't just get a new eyeball." Paul Saffo, technology industry observer Quality science fiction has often provided the prism through which we view, for good or ill, the effects of technological and scientific evolution on human life in all its moral and ethical disarray. No …

This topic is closed for new posts.
Ian
Stop

computer says "no"

As with most IT systems, it's not just the database or the ID cards that are the problem (although they are a pretty big problem), it's the faith people put in what the computers tell them.

Little Britain got it so right with the "The computer says 'no' " sketches.

The people are an integral part of any system. What is Jane actually going to be able to do when confronted with John denying her access to services (or liberty) based on what the computer 'says'. John's operational 'procedures' won't allow him to listen to any protests that 'the computer' might just be wrong. Jane will be asking "can I go home now?" and John's answer will be "the computer says 'no' ".

I have absolutely no faith in any government's ability to put in place working procedures across multiple agencies to ensure that data quality/accuracy problems can be dealt with rapidly, fairly and accurately. They're going to concentrate on the sexy technology and conveniently forget about the processes and checks/balances to wrap around it.

Ken Hagan

Experience is a harsh mistress, but fools will learn from no other.

Biometrics have two properties that make them really bad for any application where accuracy matters. They are irrevocable and they are published to the world whenever their owner is out in public.

Government databases have two properties that make them really dangerous. They leak like sieves (because politicians always frame the laws so that nobody goes to jail for incompetence) and your presence on the database tends to be compulsory.

As a society, we are about to pass through a troublesome period during which everyone suffers horribly whilst the electorate learns these simple facts.

Gaius

identity theft on crack

Surely if an iris can be scanned from 15 feet, identity theft becomes trivial? Just lean out of the window with your scanner and hey presto, as many iris patterns as you want. A year later handheld fake eyes with LCDs to display any scan will be available to them as knows, and a year after that they'll be on sale to the general public as hilarious novelty items.

Simon
Pirate

Why don't all the bloody governments...

stop covering up what they really want to do in the guise of some kind of mega-identification database and

tattoo everyone at birth,

then they'll have a real biometric that refers directly to the unique key field in their db.

Because this is what it really is about.

Sign up to the No2ID campaign to stop this abuse of reason before it’s too late.

http://www.no2id.net

Stu Reeves
Thumb Down

waste of money

Just like other super hitech, billion pound technologies, it will be defeated by simple technology.

Facial recognistion at 200yrds & Iris at 15ft.

Big Sunglasses and a bushy beard anyone?

Ash

NO2ID

Ineffectual hippy whingebags.

The trouble is, no matter how many people sign their petitions, no matter how many holes are found in the scheme, their mind is set, and the unwashed masses believe everything the govt say about it.

Assume the position, folks. We're getting the shaft.

I. Aproveofitspendingonspecificprojects
Thumb Up

Missing Innaction

I am all in favour of these big friendly giants.

I think the idea behind losing all the data discs they can involves gathering all the fingerprints they need when they finally locate them.

The longer they are missing the more filthy criminals will get their dirty hands on them and the more crooks they will be able to identify.

I think I got that right didn't I? That's the reasoning behind the giant databases in the first place, some kind of a sting operation? Is that right?

Andy Worth

Minority Report

Oh just to be pedantic....In Minority Report he doesn't use a stolen eyeball to access the secure area, in fact he uses his OWN eyeball after they have been removed and swapped. He then proceeds to drop his eyeball which rolls down into some sort of grate.

Anonymous Coward
Thumb Down

Untried technologies?

It may surprise everybody, but there has yet to be a large scale test of the uniqueness of fingerprints. While finding duplicates in (apart from identical twins) will be rare in the small criminal databases, once you are using the entire population of a country (300M in the case of the US) duplicates will be come inevitable. This is especially so as the automated systems do not compare actual prints, just mathematical abstractions.

As for the other techniques all but iris photographs have huge problems. For example, schemes based on gait (walking) are screwed when someone changes their shoes or is walking on a slippy surface.

As for iris photographs, so far not one terrorist has escaped but left their eyeballs at the scene of the crime...

JeffyPooh

It's okay...

$1B isn't enough. That's bad because they're about to put a lit match to a petrol-soaked wad of taxpayer-owned money. What's good is that the system will not work even with a trillion dollars. So all it will ever be is an amusing project to watch unfold, like a train wreck in ultra slow motion. Very expensive entertainment, but at least it's not my money...

This post has been deleted by a moderator

Andy Bright
Pirate

I'm going to steal the Director's DNA

and drop it off at 1000 bank robberies..

Christoph
Go

Wonderful news

This will greatly improve government efficiency!

They will no longer need to wait for you to get on a tube train, or to carry a table leg down the street. They can mis-identify you from 200 yards away and send the armed police out.

Oh, and the Science Fiction angle? How could a government database go wrong? There was a short story some time back (60's?). I can't remember the author or title. Someone was accused of having an overdue library book - "Kidnapped", by Robert Louis Stevenson. It somehow got on the computer that he had kidnapped Robert Louis Stevenson. Since the kidnap victim was dead, this carried a mandatory death sentence. The governor tried to stop the execution but the computer would not let him (and threatened him with punishment).

s. pam
Coat

The Eyes Say Nay

So if you have had retinal surgery, cataract lens replacement, and at least 2 other surgeries they'll be completely b*ggered trying to read your eyes. having worked in a MoD Top Secret lab with retinal scans, the list above is hardly complete as to what will cause this to fail. Besides, you could just go to your local undertaker and snarf a few 'balls and put them in a pair of glasses and they'd be ID'ing dead people. Fools!

JeffyPooh

DNA samples

Many DNA samples are taken from the inside of ones' mouth using a cheek swab. The PCR technique amplifies (replicates) even the smallest DNA sample. What this means is that your sample could exactly match someone else's sample... ...and both would match the bovine members of a certain herd of particularly delicious cattle from Iowa. Moo.

David Mery

@Christoph

It's "Computer don't argue" (1965) by Gordon R. Dickson. It's online at http://www.atariarchives.org/bcc2/showpage.php?page=133

br -d

yeah, right.

UK sold them some swampland?

This sounds remarkably like the UK ID scheme (or fiasco-in-the-making). I wonder which wunderkind managed to sell the Americans on this particular fools errand?

Steve again

Non-US governments delighted

According to a recent article about this in the NZ Herald newspaper, the New Zealand government (and probably all non-US governments) are absolutely delighted by the biometric data requirements the US is going to demand from visa applicants - earlobes are particularly mentioned, probably for their joke value. This is because current and forseeable law prohibits the NZ government from collecting most of this information itself but it will have access to the FBI database so if it can just encourage everyone to holiday in Hawaii or California . . .

Of course strictly speaking, NZ (and UK and Brunei and 24 other countries) citizens don't need visas for a holiday in the US but we are still subject to the "US-VISIT" program which, according to its website, exists "to match your identity against the data captured by the State Department at the time the visa was issued to ensure that you are the same person who received the visa."

Anonymous Coward
Anonymous Coward

The UK is leading the world ..

The UK is leading the world in demonstrating why this is a REALLY, REALLY bad idea - not deliberatly, of course. The root problem with all those scams, sorry, schemes is the government telling you "trust us". Well - I have yet to hear a good argument why..

I don't know if anyone had kept up with the flood, but I'm starting to get the impression that everyone is now dumping their data loss 'bad news' because it'll then be over in one go. "A good season to announce and bury bad news", to paraphrase a too honest marketing girl working for Labour.

Imagine losing a database with precise pointers at the metrics you need to change if you were to hack an identity. Ak, OK, so a retinal print is stored in this format, so to "update" the record we need to do x/y/z. Thanks for those CDs, they came in really handy..

You're all referring to the Minority Report as an early example - may I add a better (earlier) one? In "The Net" with Sandra Bullock they were already playing with identity theft and creative adjustments of someone's record. About the only two things that are NOT happing today are IP numbers (octets) above 255 and viruses that dissolve so cleanly. One because it's out of spec, the other because nobody bothers :-).

There is a very basic trust rule which is becoming more and more important these days: the only one you can be certain of is yourself. The rest is merely risk management.

Anonymous Coward
Paris Hilton

Computers Don't Argue

""Kidnapped", by Robert Louis Stevenson. It somehow got on the computer that he had kidnapped Robert Louis Stevenson."

As the other man points out, that's "Computers Don't Argue", a minor classic. The main character was called Walter A. Child, and he ended up being executed for the kidnap and murder of a child called Robert Louis Stevenson.

The same anthology also had a story in which there was a prison camp, and on account of convention and fear of what might happen if they transgressed, the prisoners guarded themselves; they manned the machine gun nests and swung the truncheons. They received instructions from an unseen voice that came out of a bunker. Inside the bunker there was no authority, just a computer playing back a large library of stock phrases. One day the voice stopped, and the prisoners went into the bunker and found that the computer was broken; so they turned it back on, and punished each other for going into the bunker. I think it was a metaphor.

It is my pet theory that the current iris recognition craze can be traced directly back to Star Trek II: The Wrath of Khan. I believe that politicians are a shallow lot, who are easily influenced by articles they read in the Sunday supplements, and films they see on television, and I cannot think of an earlier use of iris recognition as a security device in a Hollywood film, except perhaps the old Gerry Anderson film Doppleganger, although I am not sure in that case if the eye was just a means of hiding a camera, breathe in.

Anonymous Coward
Anonymous Coward

Um, yeah... I'm not buying it just yet...

For facial recognition and retina scanning to work optimally, doesn't the device actually have to be able to capture images in 3-D? Secondly, wouldn't that also require a database of every 2D imaged with estimated 3D values? At best that might yield 50-60% accuracy, but then to be able to query a database with millions of "suspects" (or citizens) in a semi-real time period?

Sorry, the technology doesn't quite exist yet. Some of it is very close to giving us the "illusion", but the technology required, to mimic something as complicated as the retinas, optic nerve & visual center of the brain, just isn't going happen any time in the foreseeable (no pun intended) future.

Hell, I'd sooner trust a completely computerized aircraft before I would entrust any government with something that has the potential of being abused like this.

Martin Usher

Earlobes aren't a joke

The standard picture for the US immigrant visa ("Green Card") used to be a three quarter face view with the earlobe clearly visible. "Pre-computer biometrics"

Do you get the feeling that this whole ID thing was cooked up a long time ago and any debates in legislatures and the like is just window dressing? Its like the science fiction stories with the global network taking over the world, taking over from individual contries, only its not some fantastic computer 'brain' but an effective network of law enforcement and security services. Oh boy, are we screwed or what!

Martin H Watson

Anagram

"RETINA DATA" is an anagram of"RETAIN DATA"

amanfromMars
Alien

Science Fiction is Future Fact Betas.*

"Its like the science fiction stories with the global network taking over the world, taking over from individual contries, only its not some fantastic computer 'brain' but an effective network of law enforcement and security services. Oh boy, are we screwed or what!"

Martin,

MeThinks in Real Life that would be some fantastic computer 'brain' with an effective network of law enforcement and security services.

Never been screwed by a SeXXXXy Spy, Martin? Don't answer that if it discriminates against you is Wise Counsel. :-)

* What do you reckon the Current Future Beta Program is, and who is Driving IT? And Programs cannot Grow without New Drivers for Immaculately Conceived Tools/Digital Keys.

Sovieted Alien Networking Treaties Alliance is such a Available Key built on the Respect of Trust and an Open Book Mind.

Anonymous Coward
Flame

Is it me or what ?

Has anyone tried fooling an iris scanner with a life sized photo of a registered iris ? Would this work?

John Lettice
(Written by Reg staff)

Re: Is it me or what ?

No. it's not you. There's been research into 'liveness detection' in relation to various biometric technologies, in order to make it harder for the readers to be fooled by pictures and dead bits. In the case of iris recognition you could maybe do checks on how the 'iris' was moving, on to ensure that it was in the middle of an actual live face.

This topic is closed for new posts.