Android gets biometric voice unlocking Google is deploying what it calls Trusted Voice to allow Android users to unlock phones using their voice, according to reports. The feature is filed under the Choc Factory's Smart Unlock feature which sports easier unlock mechanisms like Trusted devices, places, and faces. Once activated, it would allow punters to unlock …
"What could possibly go wrong.
Let us see:
The Google patent
https://encrypted.google.com/patents/US8402533
states that remote servers can indeed be a part of the system, in order to allow themselves a broader patent. But Google Voice usually uses Google's remote servers.
If the Voice Unlock does indeed use Google servers, could the answer to "What could possibly go wrong?" be "Police subpena Google for voice print to unlock suspected criminal's phones during investigations, claiming that user did not have an assumed right of privacy since they always know that voice recognition is serviced by Google network servers"?
We'll wait for the other shoe to drop with this one.
Pattern unlock (and to some extent PIN) not that secure --- many screens show some residue of the patters. Face unlock is fun gimmick (although I think I need to know why my eldest son can unlock my phone and not my youngest!) but not good enough to secure your phone.
Who's for an implanted RFID chip?
+1 for the Tasker ref. You can do other stuff as well - keep the phone unlocked if it is in certain locations (GPS) or if earphones are plugged. Redirect calls from certain numbers (boss? mistress?) if you are at home ... lots of great stuff, with such a good visual scripting interface that you can use it to get (certain sorts of) kids interested in scripting and programming ...
However, here's the use case for a smartwatch, or at least something wearable that includes an RFID with enough range that it can automatically unlock your phone your presence but it instantly locks if it moves more than a couple meters away from you.
To prevent theft of the phone and wearable item together, the wearable should break the pairing relationship if removed. Ideally the watch can be programmed to 'recognize your wrist', perhaps via chemical secretions in your sweat and the pattern of your pulse at rest, then it can be re-paired with your watch once it is put back while making it and the phone valueless to thieves and coercion useless (no way to reach rest pulse under coercion)
A much underrated satire, Demolition Man where they LoJacked every citizen of San Angelos. So the police department figures that their fugitive criminal would be hard press to get any money, since all transaction is based on the biometric chip on the hand. John Spartan is quit put off by this draconic development but added that Simon Phoenix only need to rip off some unfortunate soul's arm to get what he needed.
"Pattern unlock (and to some extent PIN) not that secure --- many screens show some residue of the patters."
That really depends on the length of the patterns/digits. Not that I'd even call it secure by any measure, mine is rather long. Still, copy the encrypted flash to a model system with RAM vice Flash, and have at the decryption. Won't take long.
As for the RFID chip, well that depends. Personally, I don't find it reassuring that someone might relieve me of it using violent invasive procedures. Just give them an unlocked device and report it stolen. On these devices, it's all Security Theatre as any real measures are still beyond the stock device (e.g. EDS on Android needs root, and yes, it's installed on my tablet but just to annoy whoever might like to see inside).
The fix is obvious, but if they can't implement it yet, then they need to wait on voice authentication. The phone should NOT use the same password, but rather show some random text that you have to read. Not perfect, but at least it would beat the most obvious countermeasure of the recorded login.
Whatever happened to the non-EVIL and competent google of so few years ago?
Yesterday, our in-house Apple expert discovered that if he says "Call <name>" to his iPhone, that it automatically dials that number and then, when answered, puts the speakerphone on without confirmation or audio feedback. Whether it's locked or not.
I'm pretty sure there must be an option there somewhere (and if not, disabling that annoying Siri thing), but this kind of stuff is stupid to have the possibility of unless there's a clear indication that the phone is listening. You've only got to enable that option by accident (easily done on a touchscreen in your pocket over time or if you have a co-worker "borrow" your phone) and you can be in trouble.
This post has been deleted by its author
"All biometric information is inherently insecure as a "password". It should never be used to unlock or otherwise access anything. Ever."
Google have access to everything on most people's androids without any biometric or password so most people are ignorant or don't care.
This post has been deleted by its author
Not true. It depends on the ratio of the intra to inter-variance of the parameter being measured. Finger-prints are unique, but the parameters that measure them are finite. If you can measure accurately a fingerprint, it can be better than a password of some aribitrary complexity. If your fingerprint parameters can only differentiate 10 different prints then you have a problem.
The issue with speech is the parameters have a lot of intra-variance such that when you speak you map onto other peoples patterns. Its not necessarily that your voice matches, its the parameters that represent the voice that overlap.
This post has been deleted by its author
... must be the best way?
Or maybe even 2 - one for the ear region to automatically unlock voice op phone and one in fingertip for ease into car and all that other personalised stuff in car.
Why, even the data and metadata might be used by third parties to reduce (increase?) auto insurance.
Two implants seems better coz think of the loss of usabilities should a finger get cut off - one can still use t'other.
Maybe the rfid could self destruct if the body organ it was implanted in stopped being so lively?
Just streaming of conscious stuff thats all.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
