When your password leaks:→ Change your password→ Problem solved
-
@capitainesam So maybe you combine biometrics with password/passkey?
One of the foundational stories of cyberpunk illustrated a defense against biometrics fraud. The hackers targeted a victim that used fingerprint login. They managed to get a copy of the victim's fingerprint and used it.
Then the victim's security system kicked in - because the victim always deliberately *failed* the first finger login and used their *second* finger login...
@dancingtreefrog @capitainesam ngl i wish of a registring a fingerprint which instead of unlock would just block it completely.
-
@capitainesam Thanks for the reminder; I'm overdue to rotate my retinas for this quarter.
@manchicken@defcon.social @capitainesam@mastodon.social remember to change the colour too!
-
@dancingtreefrog @capitainesam ngl i wish of a registring a fingerprint which instead of unlock would just block it completely.
@erindesu @capitainesam I've heard of Android apps that could do that, something phone owners could activate when under duress. Sorry, I don't know the names of any of them!
-
@erindesu @capitainesam I've heard of Android apps that could do that, something phone owners could activate when under duress. Sorry, I don't know the names of any of them!
@dancingtreefrog @erindesu @capitainesam It's called lockdown mode and I think that's a standard android feature now (not OEM-dependent) available as an option after long press of a power button
-
@dancingtreefrog @erindesu @capitainesam It's called lockdown mode and I think that's a standard android feature now (not OEM-dependent) available as an option after long press of a power button
@ananas @erindesu @capitainesam Ah, thanks! I knew Apple has that capability.
-
When your password leaks:
→ Change your password
→ Problem solvedWhen your biometric data leaks:
→ You can't change your face
→ You can't change your fingerprints
→ The compromise is permanent
→ Your biometric data is in breach databases foreverThis is why facial recognition for age verification is dangerous.
@capitainesam I know a man who could change your face - works for ICE
-
When your password leaks:
→ Change your password
→ Problem solvedWhen your biometric data leaks:
→ You can't change your face
→ You can't change your fingerprints
→ The compromise is permanent
→ Your biometric data is in breach databases foreverThis is why facial recognition for age verification is dangerous.
@capitainesam unless your profile photo is fake your face data leaked already. I am not sure I understand the concern about face biometrics in a world where we all expose this readily on social media.
-
When your password leaks:
→ Change your password
→ Problem solvedWhen your biometric data leaks:
→ You can't change your face
→ You can't change your fingerprints
→ The compromise is permanent
→ Your biometric data is in breach databases foreverThis is why facial recognition for age verification is dangerous.
@capitainesam Well yes, but you constantly leak your biometric data anyhow. That's why one should _never_ use it for authentication.
-
When your password leaks:
→ Change your password
→ Problem solvedWhen your biometric data leaks:
→ You can't change your face
→ You can't change your fingerprints
→ The compromise is permanent
→ Your biometric data is in breach databases foreverThis is why facial recognition for age verification is dangerous.
@capitainesam boosted, because of the importance of the message.
-
When your password leaks:
→ Change your password
→ Problem solvedWhen your biometric data leaks:
→ You can't change your face
→ You can't change your fingerprints
→ The compromise is permanent
→ Your biometric data is in breach databases foreverThis is why facial recognition for age verification is dangerous.
@capitainesam It’s not all bad: when my security questions got compromised, I got a puppy! (I didn’t want to change my dog’s name)
-
@manchicken@defcon.social @capitainesam@mastodon.social remember to change the colour too!
@tragivictoria @capitainesam good call!
-
@capitainesam So maybe you combine biometrics with password/passkey?
One of the foundational stories of cyberpunk illustrated a defense against biometrics fraud. The hackers targeted a victim that used fingerprint login. They managed to get a copy of the victim's fingerprint and used it.
Then the victim's security system kicked in - because the victim always deliberately *failed* the first finger login and used their *second* finger login...
@dancingtreefrog
Why copy? Just get the finger. With or without the human hanging on it. -
When your password leaks:
→ Change your password
→ Problem solvedWhen your biometric data leaks:
→ You can't change your face
→ You can't change your fingerprints
→ The compromise is permanent
→ Your biometric data is in breach databases foreverThis is why facial recognition for age verification is dangerous.
@capitainesam @EUCommission @HennaVirkkunen Stop biometric identification. It Will turn in a disaster for money (young) people. Caught for life.
-
When your password leaks:
→ Change your password
→ Problem solvedWhen your biometric data leaks:
→ You can't change your face
→ You can't change your fingerprints
→ The compromise is permanent
→ Your biometric data is in breach databases foreverThis is why facial recognition for age verification is dangerous.
🧵 So what can you do about it?
Discord isn't the only platform pushing biometric surveillance.
More platforms will follow. "Age verification" is just the beginning.
Here's what I'm doing about it:
-
🧵 So what can you do about it?
Discord isn't the only platform pushing biometric surveillance.
More platforms will follow. "Age verification" is just the beginning.
Here's what I'm doing about it:
I'm building @Snugg - social media that will NEVER require:
Facial recognition Fingerprint scans Biometric data of any kindWhy? Because we chose a business model that doesn't need surveillance.
-
I'm building @Snugg - social media that will NEVER require:
Facial recognition Fingerprint scans Biometric data of any kindWhy? Because we chose a business model that doesn't need surveillance.
Subscription model = we serve users, not advertisers.
No ads = no need for behavioral tracking
No tracking = no biometric data to "verify" you
No biometric data = nothing permanent to breachSimple.
-
Subscription model = we serve users, not advertisers.
No ads = no need for behavioral tracking
No tracking = no biometric data to "verify" you
No biometric data = nothing permanent to breachSimple.
We're launching March 2026.
Features:
End-to-end encryption (messages + metadata) Chronological feed (no algorithm) Open source (auditable code) Fediverse compatible (ActivityPub) €5/month (founding members get lifetime discount) -
We're launching March 2026.
Features:
End-to-end encryption (messages + metadata) Chronological feed (no algorithm) Open source (auditable code) Fediverse compatible (ActivityPub) €5/month (founding members get lifetime discount)If 700+ of you care enough to boost the problem,
Maybe some of you want to be part of the solution?
Founding member waitlist (first 500 get lifetime 40% discount):
https://snugg.socialNo biometric data. Not now. Not ever.
-
@capitainesam unless your profile photo is fake your face data leaked already. I am not sure I understand the concern about face biometrics in a world where we all expose this readily on social media.
-
@capitainesam Don't use biometrics to unlock phones. Police and criminals can grab your hand or aim the phone at your face to unlock your phone regardless of your wishes. They have to ask you for password/PIN; they don't have to ask to simply stick your finger on the phone screen or point the phone at your face.
@dancingtreefrog
This might help, it's shake and lock feature to be exact:
https://f-droid.org/packages/com.paranoid.privacylockAndroid advanced security also has this feature, but it adds blocking non-Play app installs and updates.
