[LINK] Computer Crimes...

Roger Clarke Roger.Clarke at xamax.com.au
Tue Jan 13 12:24:04 EST 2004 

"Chirgwin, Richard" <Richard.Chirgwin at informa.com.au>:
>Urban myth development >as it happens< ... just how far have we got with
>facial recognition systems?

For authentication (i.e. does this new picture match the one we 
stored?), not very far, unless you swallow snake-oil like the 
Minister for Customs is paid to do.  He's due to come out with a 
glowing report shortly, which I'm extremely sceptical about.

For identification (i.e. does this new picture match any of the ones 
we have on file?), nowhere at all.  Every pilot ever attempted has 
been a dismal failure, and most have been quietly withdrawn.

Below is an extract from a posting I sent to the privacy list yesterday.


>Holiday airline refuses to fly air marshals
>The Sydney Morning Herald
>January 7, 2004
>http://www.smh.com.au/articles/2004/01/06/1073268041533.html
>Original story Reuters, Agence France-Presse, Los Angeles Times
>
>[There was an accompanying photo of a South Korean student being 
>fingerprinted at an unnamed NY airport (there are at least three). 
>And another showed a photo of the screen that the border official is 
>looking at, showing two fingerprints and a single photo (presumably 
>the live one of the person in front of him rather than one from a 
>passport or a database).  The caption on the screen says "No Hit 
>Found".
>
>If that caption is meaningful rather than a mock-up, then the 
>stories that the public has been fed are false.
>
>We were told that the use of fingerprints at airports was for 
>comparison with a previous measure, specifically the measure taken 
>when the visa was applied for.  That's 'biometric authentication', 
>and involves a one-to-one comparison.
>
>The caption 'No Hit Found' implies that the new measure is being 
>compared against a database containing multiple entries, e.g. the 
>fingerprints of known terrorists (ha, ha).  That's utterly and 
>completely different, is called 'biometric identification', and 
>involves a one-to-many comparison.
>
>If that's what they're doing, then it's even more privacy-invasive 
>than the kinds of badly-designed and badly-controlled biometric 
>authentication schemes that have been foisted on an unsuspecting 
>public.  The false-positives will be massive, and will have serious 
>consequences for the unfortunates who get pulled out of the line, 
>especially if they appear to be non-local, have poor english, or are 
>stroppy bastards like John Gilmore, or me.
>
>Did I tell you that I doubt if I'll ever set foot in the renegade 
>state of the USA again?  The things I wrote 10 months ago seem more 
>reasonable than ever:
http://www.anu.edu.au/people/Roger.Clarke/DV/NotesCFP03.html ]

-- 
Roger Clarke              http://www.anu.edu.au/people/Roger.Clarke/
			            
Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                 Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au            http://www.xamax.com.au/

Visiting Professor in the eCommerce Program, University of Hong Kong
Visiting Professor in the Baker Cyberspace Law & Policy Centre, U.N.S.W
Visiting Fellow in Computer Science, Australian National University

More information about the Link mailing list