ID-Corner – The Identity Corner

Unlock Your Phone … With Your Face

Posted on March 17, 2023April 27, 2021 by 3D

Steve Jobs was an amazing technological revolutionist with his creation of Apple and its many products; most notably, the iPhone. With a new iPhone being released just about every year, it can become difficult to keep up with the next best thing from Apple. One of Apple’s most popular accomplishment is the iPhone X.

Facial Recognition: How does it work?

Aside from the iPhone X’s larger infinity screen, it’s the biggest selling feature that it focuses on for the advertisements is its ability to use a picture of the user’s face in order to unlock their phone. The big question is, how exactly does it work? Biometric facial recognition for Apple’s iPhone X uses infrared and visible light scans to identify the user’s face. This isn’t the first time we have been introduced to this type of technology. Regardless, this facial recognition has been what everyone has been talking about since the release of the phone. Most likely due to the fact that Apple removed the “Touch ID” system altogether.

Apple published a white page that explains the technology behind the Face ID a little more in depth. The white page claims that this biometric technology has a low false rate; however, there are been cases of users able to bypass the Face ID on a phone that is not theirs. So, the claim of a low false rate is debatable on the matter of what Apple constitutes as “low.”

The Face ID technology utilizes a “TrueDepth camera.” The TrueDepth camera uses 30,000 infrared dots to create a depth map of the user’s face as well as producing a 2D infrared image. The data collected from this process is then used to create a plethora of 2D images and depth maps; each with their own unique signature, and then sent to the Secure Enclave.

How Strong is Face ID’s Security?

Apple claims that the TrueDepth camera will randomize the images and customizes a random pattern unique to the specific device in use. At which point, the bionic processor will transform the data into an algorithm, and then compares that data to the information given to the Face ID. This is a great idea in theory, but the implementation of it is flawed. First off, the new face ID method is not a reliable biometric source. Most people invest in iPhone because they generally have a fantastic security system. Unfortunately, the Face ID may not be as secure as you think.

Nothing in this world is unbeatable. No matter how great you are at writing code, there’s going to be someone out there that’s better at hacking it. This same concept goes towards biometric passcodes like Touch and Face ID. However, every time someone is able to “beat the system” and fake their way past the Touch or Face ID, Apple is right there to correct and strengthen their security with their ID recognition systems. However, seeing as iPhone X is still fresh and new, the biometric scanning system is still highly vulnerable to potential hacks. There are ways to get around the Face ID already that Apple still has not fixed. Methods such as finding a picture of the phone user on social media have been proven to work in unlocking a phone, thus, granting the hacker access to all of your personal information.

Even though Face ID is relatively vulnerable to hacks, there is no evidence in favor of either Face ID or Touch ID to have stronger security than the other. In the end, the pin code will always be the most secure method to keep your information safe.

It’s Okay Though

Everything that is new goes through a “bug fixing” period. Nothing is ever perfect the first time. Therefore, even though some of the features of the new iPhone X may be flawed, those flaws will more than likely be addressed by the developers. In that event, the developers will do their best to fix the issues that they can and release a new device. If you currently have or are deciding on purchasing an iPhone X, understand that although the Face ID feature might be a neat trick; although, it hasn’t been proven to be as secure as Apple makes it out to be. Just keep in mind that the pin passcode is safe and reliable as long as you update it frequently and utilize random number sequences.

At the end of the day, Face ID is essentially the same as Touch ID since Touch ID has roughly the same potential of being hacked as Face ID does.

The FreeBSD Project

Posted on February 20, 2023April 27, 2021 by 3D

Berkeley Software Distribution created their own version of what they liked about Unix. They could not use the Unix name because that would have infringed on the trademark of Unix, but they were essentially creating their own version of Unix to ensure that they could have the best results from their own vision of how it should have worked. This was directly descended from the BSD that they created first, and this was an open source version of the program that ensured others could expand on it. Anyone who was working with BSD at this time was submitting their own information on their experiments with their system, and they created a community for open sourcing that became influential in many other parts of the computing world. There is a security team that works on this project, and it will work on the security of everything that has been built using their basic programming.

How Did It Start?

Students at Cal were able to improve on the original AT&T Unix when they were given a license by the company. This was the beginning of this massive company, and it would give birth to many different improvements that would help to influence other companies who were working on the same things. DEC was working on a version of Unix, and these companies were attempting to roll out their improvements as fast as possible. While Unix was taken up by Compaq and then HP, the Free BSD Project has remained a Berkeley institution that still works on storage and programming to their day. There are many operating systems that are working out of the Free BSD platform, and that is why the company must provide the security support that they do. They know that they are valued by their customers, and they provide the same service they did when they started.

Changing From AT&T

The Free BSD team was asked to change from coding that came from AT&T after a lawsuit against another company, and they became completely independent after that happened. They were able to offer more to their customers because they did not feel the constraints of the old AT&T code, and they have been working ever since to build their own server base that will work for their customers. They have built an expanding system that will be useful in a number of operations, and they remain open source because they want to give their customers the best chance of improving on what they have. The Free BSD Porject has improved more every year than any other company simply because they are providing a community of support where the software will improve much faster because there is no bureaucracy involved. They have moved past corporate America to the community model that is found all over the Internet today.

Open ID: The Perfect Idea with Not So Perfect Results

Posted on January 23, 2023April 27, 2021 by 3D

OpenID was a great idea in the beginning. However, not everything that was intended to be a good thing turns out perfectly. OpenID was meant to save users time and browse the web more efficiently. OpenID made a promise to users that they would have the ability to explore new websites without having to create a new account with a new website while also having a single, consistent identity throughout the World Wide Web.

It was a promising idea, but…

With more than 50,000 websites that supposedly support the use of OpenID with more than a billion of users, hardly anyone actually utilizes it because of the fact that it was complicated to implement. Each website uses OpenID differently, which ultimately confuses the masses. Therefore, people may have it but rarely use it.

Facebook is the main catalyst to why OpenID has been pushed under the rug. Facebook Connect does nearly the exact same task as OpenID. The difference is that Facebook does it considerably more effectively. People recognize and are familiar with Facebook, therefore, making it much easier to understand.

OpenID may sound as if it’s “knocking it out of the part” with its 50 something thousand supported websites and a billion or so users. However, Facebook has numbers doubled that. What’s most impressive is that Facebook has been around less than half as long as OpenID. Facebook’s main advantage is its brand. Practically everyone with an internet connection has a Facebook account these days. With Facebook Connect, you can create a new profile on whichever website you’re trying to join utilizing your Facebook details, and you have this ability to do so with well over 250,000 websites.

Lack of Security Detail

Another issue that OpenID poses is its lack of security detail. The way a user chooses to authenticate their ID is completely in their hands. Therefore, there is no set level of security. This can pose problems while using the OpenID because it can potentially put users at risk of having their ID hacked. However, there is a lot of development going on with the OpenID Provider Authentication Policy Extender, or PAPE for short. These new developments will assist website owners to detect the providers they can trust by assessing their means of authentication the user utilizes in order to gain access. Hopefully, these new developments will help form a strong security protocol with OpenID.

For now, Facebook is in the lead with their ability to allow internet users to use their Facebook information in order to sign into or sign up with new websites. However, the is potential for OpenID to at least become equal with Facebook. We’ll just have to see how their new developments pan out.

A Brief History of the Creation of Bots

Posted on December 29, 2022April 26, 2021 by 3D

A bot is a software application that uses scripts and the internet to carry out automated tasks. One of the main purposes for the creation of bots was to make the lives of humans simpler. They are able to successfully complete tasks faster and more efficiently than a human can. Bots were created on messaging platforms such as the InterBot Column. This enables a bot to send messages to internet servers to make actions applicable to what one is trying to do.

Types of Bots

There are many different types of bots that have been created. Some of the main ones are Travel Bots, Emergency Bots, Interbots and Socialbots used for social business. Travel Bots are the bots that control flight or hotel websites. These bots have people enter information about when their travel plans are and then it does its best to find coordinating flights. A travel bot also helps to find a hotel to stay at while you are on vacation or travelling.

Emergency bots are used for emergency calls and security. They are beginning to use these emergency bots in 911 call centers and even some other call centers such as suicide prevention. Emergency bots are also contributory to border security. These bots are being used in the form of drones to watch the borders of the United States. They can help with the safety of public figures when travelling, preventing human trafficking or trafficking of any kind and safely allowing military personnel out of the country and into other countries. Interbots are bots that talk to one another. These bots make it possible for businesses to communicate with anyone more efficiently. And last but not least, there are socialbots. Socialbots serve as automated customer service representatives. They allow businesses to save time by using these bots as a resource. Socialbots also boost company efficiency. The timely manner it takes for a bot to respond versus a human is a lot shorter. This being said, bots lead to customer satisfaction which reflects highly on the business.

What will the future hold for Bots?

As bots are continually being developed, in the future they will become even greater tools of power. For example, bots are being used for self-driving cars. These automated bots that are functioning by Artificial Intelligence works with systems to function self-driven cars. In May they began trials to test the data of the project in the UK. They are acquiring data to find better ways to develop the product. Who knows, maybe they will create another high tech gadget while running tests. Although it will take nearly 13 years for these developments to become official, they have begun and no matter how long it takes they will be successful at some point. Bots are the future, and the future is looking bright.

Why Businesses Should be Transparent about Data Collection

Posted on December 8, 2022April 26, 2021 by 3D

Trust is the foundation for success in business. Without trust, an individual cannot know if a company is telling them the truth. Consumers never trust a business that suppresses or manipulates personal information. If a firm has proven their data is secure, they submit it back to the company without reluctance. What’s next for Our Personal Data? The ongoing concern is how to monetize personal information while keeping it safe. Is the outlook for personal data, selling intelligence to online companies for a profit? Will data become a currency of the future?

Consumers know their personal information is being collected. As long as data sharing contributes to better products and services, customers enjoy the technology. A leading research firm, Gartner estimates there are over 5 billion connected “things” worldwide. The company forecasts that number to quintuple by 2020. Data privacy must be accelerated beyond targeted advertising. Consumers have the fundamental right to know what information is shared and where it is locked away.

Ethics and Targeted Advertising

With advancements in digital technology, companies accumulate vast amounts of consumer records. Connected products foster data collection. Most users realize their fitness equipment, and home thermostats collect personal data. However, they do not comprehend how much of their individual intelligence is being collected. Google’s Nest Thermostat adjusts home temperatures without user intervention. The device records how hot or cold you like your home, based on location and family routines. This information is then saved in the cloud for future use and targeted advertising.

Transparency must be the objective of companies collecting personal information. Experts agree, there needs to be a “privacy by design” business model. Consumers need the flexibility to balance their privacy settings. Business performance relies on the viability of their data. Great companies know where to uncover value in the data they compile and how to maximize that knowledge for profit. Digital advertising has grown into an intricate method of technology, targeting the most receptive consumers.

There are enormous opportunities for abuse. The Cambridge Analytica scandal emerged in March 2018. The Ensuing public outcry over how companies harvested data has changed Facebook forever. Other than the consumers affected, hardly anyone remembers the 56 million credit card identities stolen from Home Depot. Large-scale data breaches are becoming just another headline.

Quantum Computing

Enormous volumes of incoming data flows have allowed companies to confront the most complex challenges. Companies must have clean, trustworthy information. Authorization to access personal data should carry significant controls. As an example, doctors, environmental protection personnel and screened government employees should have unencumbered access to their systems.

The RSA public key cryptographic system is one of the most universally used encryption methods. The RSA scheme is used to protect emails, bank transactions along with the most sensitive personal data. Arvind Krishna, Director of IBM Research, has warned: “quantum computers will be able to instantly break the encryption of sensitive data protected by today’s strongest security.” Krishna says this could happen in as little as five years.

Since the 1980s, quantum computing has been acknowledged to be an excellent structure for handling massive amounts of numbers. However, building a quantum computer was not feasible. Advancements in materials and physics have produced significant discoveries. Large commercial quantum computers are now viable. The recent regulation passed by the European Union is a step in the right direction. The “General Data Protection Regulation” has revamped the way companies can interact with their users and how businesses collect personal data.

OpenBSD project

Posted on November 14, 2022April 26, 2021 by 3D

The OpenBSD Project started when a member of the NetBSD program was asked to resign from his position. This man named Theo de Raadt was able to move his own version of the BSD license to his home in Calgary, and he began to coordinate his own project. He believed very much in the open sourcing of the project, and he wanted to give his customers something that served as an improved version of the NetBSD that had worked on. He knew that he could update his system faster on his own, and that is where he came up with what we know as Open BSD. This is a storage system that is secure, and it has been coded perfectly at every step. Someone who is watching from the outside will find that this is a precise system that is open to input.

Open Source And Imput

The open source of the OpenBSD Porject has contributed to many of its bes timprovements, and all these pieces of input are poured over carefully by Mr. de Raadt. He knows that his product depends on the accuracy that he creates in his coding, and he has worked quite hard to build a reputation for the accuracy of his coding. This gives him an upper hand on other companies that are spitting out as much content as fast as possible, OpenBSD is a quality controlled product that anyone may use knowing that is will perform perfectly when they begin to use it. Someone who has an improvement to suggest has it checked, and the storage system and operating system have grown quickly because everyone who uses it finds that it works the first time out.

Security

Security is a major factor in the development of the OpenBSD Project, and the improved security has allowed a number of people to use this system without a second thought. They are pleased to know that Mr. de Raadt watches over the items that are built with this system, and they find that he is alerting anyone to problems that have been uncovered with security. It is much safer to use OpenBSD because of the meticulous nature of the founder, and these people will continue to recommend this system because of the personal service they get. Many other storage and operating systems are controlled by large companies that do not offer personal service, and they are beat out in this area by the small business that is known as the OpenBSD Project. This simple outgrowth of a disagreement at NetBSD has ensured that there are more options on the BSD market where people search for their storage and operating needs.

Google’s Cloud Identity Management Services for Developers

Posted on October 17, 2022April 26, 2021 by 3D

Big technology players are vying to be the first over the finish line for universal security. It’s a vast global market with billions of devices and users as the end game. Google is taking advantage of its dominating internet position by setting comprehensive security standards. Google’s cloud security initiative has been constructed to satisfy the growing demand by consumers, for better security in their digital lives.

Tech giants realize security must come first with any modern code being created. Companies are rushing to bring legacy systems up to industry guidelines. Customers must depend on their screens, no matter if it is a mobile device or desktop. Without complete confidence at login, consumers will turn off in pursuit for alternatives.

Google’s cloud identity management service will be an ongoing company effort. Millions of apps accessing Google’s cloud platform have a fresh collection of identity management tools. Googles new security initiative offers identity protocols for app builders with a drop-in service.

Introduction to Google’s Cloud Identity Management Services

Google’s Cloud Identity Services adds management functionality and identity access for clients and business partners. The protocols aim is to secure user accounts better going forward. Google is just a small number of tech giants that can develop a set of protocols which the entire digital industry must consider following.

The moniker for the new service is Google Grade Authentication. CICP wants app builders to use Google as a partner in their pursuit for security. Google wants to be the security foundation. Developers can utilize vast information resources from the internet giant. Apps can be shielded from being a takeover target. App builders, associated with Google security, can scale their offerings to a global market.

Google has made several announcements this year to boost identity and security protocols. Administrators now have a comprehensive lineup of third-party apps to rely on, along with Google. A significant boost to the service is context-aware identity management. The protocol authenticates a user’s location and the context of the request.

Developers and CICP

Google’s next stage of their cloud identity service is in Alpha release. The company has designed identity and access management as an ongoing service. There are a number of components and benefits to the service. Google, along with other tech giants are finally taking identity management seriously.

User authentication is based on Firebase, a mobile and web application Google purchased in 2014. Developers can integrate user identity specifications, based on the SAML and OpenID industry standards
There is wide-ranging support for the new service. Developers can incorporate their apps into several client-side platforms, including Android, IOS and web access. Along with server-side platforms Node.js, Java, and Python.
CICP is self-contained. Developers drop the service into their application to take advantage of Google’s security capabilities.
Once the service reaches general release, two-factor authentication will be possible. Multi-factor authentication for mobile devices has become more reliable. Mobile devices are now more dependable than in the past. Hardware includes GPS, microphones and advanced sensors to keep track of users.
The CICP service integrates Google’s threat intelligence protocol. This helps to identify accounts that have been acting with a suspicious nature or have been compromised.

CICP satisfies the security demands of mobile device makers and web-access applications on a global scale. Apps having thousands of logins daily, cannot allow accounts to be compromised. Hackers no longer attempt to break into software by rewriting code or brute force attacks, they log in.

The Development of Virtual Reality and Travel

Posted on September 23, 2022April 26, 2021 by 3D

Everyone has that moment where they want nothing more than to be elsewhere. Whether it is a specific place, such as a state, country or local business, there are times when you wish nothing more than to be there. Some may ask, “Why not just take a trip?” And the reason one can’t “just take a trip” is because life gets in the way. The struggle of finding flights, hotels, and especially the cost is the reason most people are reluctant to travel. Now with Virtual Reality and Travel, a more non-expensive way of visiting anywhere you want is possible.

When virtual reality was a newer system in 2009 it was being studied by undergraduates at a University in Massachusetts. What inspired them was the process of choosing a University to attend. They did not like the idea of choosing a college just based off of research and some pictures. Also, the pictures did not fully show everything on the campus and what surrounded the University. They decided that Virtual Reality would be the tool to give future students a larger insight on the college and some of the city. Their final creation was a website called YouVisit. This website allows one to access almost any college in any location and see it through virtual reality. It is like a 360 degree video. From these three undergraduates creation, the technology of Virtual Reality has expanded immensely. Virtual Reality has gone from showing college campuses to showing entire cities and artifacts such as New York City and museums in foreign countries.

Who uses Virtual Reality?

It is now known that Virtual Reality is used for seeing college campuses and overheads of places around the world, but believe it or not, it is being used for even more. Businesses are always looking for ways to get ahead. The North Face clothing line has used Virtual Reality to set them at a technological advantage. The North Face relies on the durability of their clothing to be successful. They have a lot of clothing for outdoor activities and for cooler weather. When it comes to these two categories, nobody wants their product they purchased to be flimsy. Through a picture, one can’t truly see how durable the clothing is. Therefore, The North Face began using Virtual Reality to show people wearing their clothing while doing numerous things, such as climbing mountains. This is an extremely smart idea, and is also beneficial towards their business. Other places of businesses also use Virtual Reality. For example, hotels use this system. They are able to show prospective residents a clearer and more realistic picture of what they can expect when residing at their hotels. This is really good for your business because if you can show that your hotel has features others might not have, customers would be more likely to choose your establishment simply because they do not have to “take their chances” of what your hotel will or will not include. Conclusively, virtual reality is a jump in videography and beneficial to providers and consumers.

OpenID: Forget all of Those Passwords

Posted on August 31, 2022April 26, 2021 by 3D

Sometimes it can be annoying to have to remember several different passwords to the numerous websites that you visit frequently. Due to this reason, that is why OpenID exists.

What is OpenID?

OpenID gives users the ability to access multiple websites with only one password. Users have the option to calibrate information with their OpenID that they will allow communicating with certain websites. Thus, eliminating the need to use a different password each time you log in to a different website.

This doesn’t mean that those websites you frequent are no longer password protected. OpenID simply allows the website to confirm your identity to the website that is being accessed. It’s sort of like the fingerprint scanner on your iPhone that allows you to unlock it without using your passcode.

In order to log in with an OpenID, the user must obtain an OpenID identity. Identities are granted through OpenID providers, which are in abundance. Once you receive an OpenID identity, it will be in a URL format, which looks like this username.example.com, or like this: example.com/username.

How do you use it?

Once the user has created an OpenID identity with their provider of choice, they will be prompted to sign into the provider’s web page with their OpenID. At which point, the user has the freedom to grant their most frequently visited websites access to their OpenID in order to confirm their sign on identity. Thus, removing the need to input their password each time they log into their favorite websites.

Where did OpenID come from?

OpenID came about around the middle of 2005. It was developed by an open source community whose sole goal was to correct a problem that was unable to be easily rectified by the pre-existing forms of identity technologies. Since it was created within an open source, OpenID is not owned by any particular person, organization, or company.

Practically anyone has the ability to either be a user of an OpenID or become an OpenID provider. The best part about this is that it’s absolutely free to do so, and the user will not be subjected to pending approval by any organization or company.

OpenID may not be for everyone, but it is an option that is available to heavily active internet users who access multiple websites each day. There is also a representative for OpenID known as the OpenID Foundation. This foundation offers a legal presence for the open source model while also providing the community with infrastructure and promotional aids to further expand the adoption of OpenID.

GNU – General Public Licence

Posted on August 4, 2022April 26, 2021 by 3D

The GNU is one of many licenses that is used in the software world to ensure that software programming may be distributed and protected correctly. Someone who is working in the open source world will benefit quite a lot from the GNU because of the way that is uses its rights. This is a copyleft license that will ensure the user can distribute only under the original license terms. Someone who is working under the GNU will not be exploited by software companies because their work can only be distributed in the same manner as the original program. This is much safer for many different people who are working on the fringes of the industry, and there are companies such as the Linux kernel that are doing quite well under this license because it is much safer for them over the course of the years to be free to distribute as their original programming was.

Any Later Version

There is an Any Later Version clause in this license that ensures that someone who is developing their software may have it apply to any later version of the same program. Someone who needs to be protected because of the development of multiple versions will use the GNU because they know that it is much safer than trying to get a new license every time something comes up. There are many people who get turned around because they are talked into business deals after their first license, and they could be exploited easily. The Any Later Version clause will ensure that all these companies are treated properly long after they have come out with their first version of their software. They are hoping to operate free of big companies, and they depend on this license to safeguard them and their intellectual property.

The Free Software Community Grows

The free software community has been using the GNU for some time, and they have had a hand in ensuring that the license is updated. It was updated last in 2007 to ensure that software companies could not exploit people using the patents of products against their owners. These companies had to be stopped from using the software that was created without servicing later versions. The changes that were made to the GNU ensured that all large software companies had to honor the free software developers who created these programs, and they were forced to allow these companies to upgrade as many times as they wanted. There was no money in it for large software companies, but the GNU allows these two communities to co-exist as the free developers are protected so that they may do their work without the fear of profits overriding their good judgement and decency.