The nation-state hackers who stole 5.6 million+ records of US government employees (cough China cough) also took 5.6 million+ fingerprints. But it's no problem: those people can just get new fingerprints and revoke their old ones right?
Biometrics are things that you can't recall, can't change, and that, by definition, are not secret. Authentication tokens are things that you can change, recall and keep secret.
“The fact that the number [of fingerprints breached] just increased by a factor of five is pretty mind-boggling,” said Joseph Lorenzo Hall, the chief technologist at the Center for Democracy & Technology. “I’m surprised they didn't have structures in place to determine the number of fingerprints compromised earlier during the investigation.”
Lawmakers, too, were upset about the latest revelation. "OPM keeps getting it wrong," said Rep. Jason Chaffetz (R-Utah). " I have zero confidence in OPM’s competence and ability to manage this crisis."
As fingerprints increasingly replace passwords as a day-to-day security measure for unlocking your iPhone or even your home, security experts have grown concerned about how hackers might leverage them.
OPM says 5.6 million fingerprints stolen in cyberattack, five times as many as previously thought
[Andrea Peterson/Washington Post]
(Image: Fingerprint, Saurabh R. Patil, CC-BY-SA)
“For the first time ever, there’s a comprehensive map on where local police departments have partnered with Amazon’s Ring,” CNet’s Alfred Ng writes.
“The Palantir user guide shows that police can start with almost no information about a person of interest and instantly know extremely intimate details about their lives.”
They might be the shiny new thing, but AirPods aren’t for everybody. Maybe you’re looking for a new sound or you understandably lost those tiny buds during a brisk run. If so, here’s 10 headphones and earbuds that break out of the Apple mode with a return to quality and wearability. Klipsch R5 Bluetooth Neckband […]
When it comes to passwords, there’s no such thing as paranoia. You want them secure and complex, and you definitely don’t want to repeat them on all your accounts. The trouble is, the internet seems to keep growing. And so do those accounts. Just one lockout from an important email or banking site is enough […]
With the rising temperatures on tap this summer, the climate is going to be a frequent topic of conversation, and those conversations won’t be happy ones. Luckily, there’s a way to do a little climate change of your own – in a safe and sustainable way. When it comes to personal air conditioners, EvaPolar is […]