I’m not paranoid. Tinfoil hats aren’t my scene.
But watch out! In just the past month, the internet and smartphones have come up with five new and surprising ways to steal or expose our personal data.
Of course, these new concerns can now be added to all the old ones. Companies like Google and Facebook still track you and harvest personal data. Hackers still want to steal your data. And the National Security Agency is still out there doing its thing.
And now, these five new trends reveal that your security and privacy could be compromised in ways you probably never imagined.
Researchers at Japan’s National Institute of Informatics (NII) announced recently that your fingerprints could be stolen from photos of your fingers , and the prints could then be re-created and used to bypass biometric security systems.
Smartphone cameras have gotten so good, so high-resolution, that the ridges and valleys that make up your unique fingerprints could be copied and used to foil fingerprint security schemes.
This is a special threat for Japan, where flashing the “V sign” or “peace sign” with the hands is a common gesture in photographs posted online.
Skeptics are skeptical. For starters, the “researchers” were hawking a ridiculous “solution” to the problem — a clear titanium oxide film with a specific pattern printed on it that you would somehow place on your fingers to cover your prints before taking a selfie.
Also: Conditions have to be just right. The fingers must be in focus, the lighting must be perfect, the distance from the camera must be about nine feet and the photographer must use a very high-end smartphone. (And such phones typically focus on the face, not the fingers.)
The high-resolution versions of photos like these of the author’s own hands could be used to copy fingerprints.
But I think the skeptics are wrong. You should worry.
First, fingerprint-photo theft has already been demonstrated. Two years ago, a German named Jan Krissler re-created the fingerprints of German defense minister Ursula von der Leyen from publicly available photos and made a 3D mold of her finger that could unlock a smartphone.
Second, the technology already exists. No additional research is necessary.
Third, fingerprints are forever and cannot be changed, so stealing fingerprints isn’t like stealing a password, which can be changed.
Fourth, smartphone cameras keep getting better. It’s only a matter of time before most people carry cameras at least as good as the best found in the iPhone 7 or the Samsung Galaxy S7.
And finally, hackers can use online photos as the starting point, rather than targeting specific people. It could be difficult to target a specific person, because you’d have to go looking for high-quality photos of that person’s fingers. But if your starting point is all the high-resolution photos of fingers on, say, Google Images, then you could potentially harvest hundreds of thousands of prints efficiently.
