Delta’s Biometric Digital ID Program Expands to 3 Major US Airports
(www.activistpost.com)
Comments (7)
sorted by:
Simple countermoves: Poison the public against it by using the media's crappy fact checking against them by:
Post on Facebook and X how the system didn't recognize you and you missed your flight because you didn't have ID with you.
Get your favorite hacker group to publicly post "Delta, we warned you to pay. The next data dump is the whole database" and then "leak" 1,000 names and images. Delta will deny they were hacked, but the damage will already be done because some people will only see the incendiary headline and some people will assume Delta is lying. And the news coverage will involve some security "experts" who will say the system is vulnerable, meanwhile the actual security experts will release their articles explaining why it is vulnerable.
Then you take down the data, post again "Smart move" and people will assume Delta paid and that any subsequent investigation is just a cover up.
Howls. The smartest thing to do. You should work for white hats. Great move.
The main reason I do not like Biometric Digital ID for anything (besides privacy) is because it is a huge security risk for the following reason:
If it does get compromised, you cannot change it.
If any other current mechanism of authentication gets compromised, it is easily changed by a person with the right credentials. Passwords can be easily changed. Hardware keys can be replaced. Fingerprints, voice recognition, and faces cannot be changed without effort.
I think you're failing to account for what compromised actually means in terms of specific security systems.
You're looking at it like a password which is compromised when someone else gets it and can use it, which necessitates a change of the password for only the compromised people.
But is a retinal scanning system compromised if someone scans my eyeball? No, because unlike a password which you type in with a retinal scan system they also need some way of fooling the scanner with a printed eyeball or image of one or a hack that lets them feed their own sensor data in, and at that point the entire system is compromised for everyone.
Digital security works both ways.. If you have a copy of the key, you can re-create the lock; if you have a copy of the lock, you can re-create the key. Once your biometric parts are scanned for security, they're reduced to a digital set of data. Once that data gets compromised, the 'key' can be recreated.. whether it be fake fingerprints, a mask, retina.. or any other biometric component.
In using any biometric security, you are trusting the system to keep your biometric makeup private.. It's one thing if your password gets leaked.. If your biometric data gets leaked, there is no changing it for the next use case.
Most biometric security systems only store the key in the form of an output of a one-way hash function where the input is the scan data. You cannot recreate the input from that output, nor can it be used as the key.
I just don't like electronic. It's too easily hacked.