Posts by ade328

Obviously a tout, get Ed Sheeran onto them!

It's Business folks, not Security...

Whatever system, we all know that it is only the $$$ impact that will changes things, and nothing else! For example, the entire fraudulent activity of card-not-present (CNP) scenarios is supported by the insurance industry. That "were all insured, so don't worry" is supported and paid for by us all! It’s called APR rates.

As many experienced security professionals on this this board know, there is no perfect security, and good enough will do when everybody pays toward the 5% (nominal %) fraudulent activity.

So when will change come? When online fraud and loss exceeds that which underwriters are prepared to cover...? No! They just put premiums up, it's business! And that’s all it is folks, business - nothing to do with security. That is where many security professional get in a knot, including myself.

Biometrics, I sense there will be a sting in the tail! And consumers will be the ones to pay for it.

Nothing is indispensable, especially so, those who believe they are!

I do not believe the view "it is this indispensable tool" I am pretty sure alternatives for every Faceboook feature exist! The one thing Facebook has been successful at, tapping into the human 'Tribal' nature that drives us to herd and want to fit in! - it is preferable to be at the table than on the menu!

But, indispensable, No!

Time to change the model... 18 months window before decline sets in!

Facebook have not understood the GDPR regulations 100%. Moving the 1.5B non EU users has absolutely no impact - GDPR only enforces compliance on information held by EU 'data subjects'. Assuming the remaining 700 Million or so remaining (2.2B user base 2017) users are covered by the new rules - Facebook is obliged to delete or modify personal data on request - the terms of use are not perpetual!

So the next question, will a large majority of EU based 'Data Subjects' request personal data be deleted ? Will all the non Facebook users request all 'ghost profile' data be deleted? The second set of users is likely to dwarf the 700M regular accounts... What affect will that have on Facebook advert revenues?

Change to a subscription model Facebook, protect users data, broker consensual sharing or even selling of data - adopt a new model to survive.

Anybody here know how how GDPR will impact these records? Not the Facebook users that have implicitly given consent by accepting the 'terms of use', but the records Facebook is storing on 'data subjects' which have given have no such consent!

Given all that I understand about Biometrics I would applaud this stance as Biometrics are inherently not secure – time will tell! Oh, but my mistake, there is no stance here - it is a delay in jumping off the fence! So either the UK government does not know or (cynical me) it is mindful of upsetting the potential tax revenue from the impending Biometric frenzy.

That opening paragraph was any easy shot ;-)

The fundamental flaw with Biometrics is that we all have only *one profile! Finger print, Retina Scan, DNA or other… Once a Biometric profile is out, it’s gone forever as an authentication factor. Unique but not Secret! Which means Biometrics can be used for identification not authentication!

Biometrics can be used as a secondary factor for Authentication but never ‘the’ factor.

Ade