im all for the something you have + something you are , pb&j relationship, but i dont think lathering biometrics on top is a good idea,far too many spy movies have shown Tom Cruise doing the MOST for pictures of eyeballs and fingerprints for me to ever trust this type of auth
And yet, as a service member that was part of the 2013 OPM data breech, my finger prints (and an estimated 5.5 million other peoples) were part of the dataset that was stolen.
So… What’s your point about “Global Internet”? If my data was stolen, and sent to the “Global Internet”(The fuck does this even mean?)… There’s no functional difference to an exposed password.
im all for the something you have + something you are , pb&j relationship, but i dont think lathering biometrics on top is a good idea,far too many spy movies have shown Tom Cruise doing the MOST for pictures of eyeballs and fingerprints for me to ever trust this type of auth
The main issue with biometrics is that you can’t change them. If your fingerprints or retina are compromised you’re fucked.
Unless I meet you in person, I’m not going to get your biometrics. The point of these is to protect your accounts from the global Internet.
https://xkcd.com/538/
And yet, as a service member that was part of the 2013 OPM data breech, my finger prints (and an estimated 5.5 million other peoples) were part of the dataset that was stolen.
So… What’s your point about “Global Internet”? If my data was stolen, and sent to the “Global Internet”(The fuck does this even mean?)… There’s no functional difference to an exposed password.
It doesn’t need to be physical breach. If it’s stored somewhere it can (and might) be accessed by someone else and reconstructed.
And still useless unless they also steal your phone. You are still safe from the hackers on the other side of the planet