Samsung Galaxy S3 Face Unlock Tricked By Photograph

AlistairCharlton writes with a story about an Android Face unlock security system that could use some tweaking. "Android's Face Unlock security on the Samsung Galaxy S3 can be tricked into unlocking the phone by showing it a photograph of the owner. In a test carried out by IBTimes UK, we found that the Galaxy S3 cannot distinguish between a photograph and a real person, leading us to suggest users should select a more secure way of locking the phone, such as with a PIN or password."

Can you see it?

[alexbgreat]

This is my shocked face...

What's the Slashbox for?

[Anonymous Coward]

You can put your weed in there!

Re:

[icebike]

Obligatory:
http://www.youtube.com/watch?v=HqVBKO_QM3o [youtube.com]

Not Intended to be Industrial Grade

[nahdude812]

Face unlock is not intended to be industrial grade security. By its nature it has to be tolerant to unlocks (it would suck if you couldn't unlock your phone after a haircut or beard trim, for example). It's intended to prevent casual perusal by someone who finds the phone sitting around. They've added some little things like requiring some movement in the face (eg, blinking), so it's mildly surprising that a static photo can trick it. But it's not especially worrying either - again, it's meant to be one step above slide to unlock.

It's almost like stating that the standard "slide to unlock" is insecure because anyone can slide that button! The statement is true, but it misses the point.

Also, a quote from Samsung taken directly FTFA:

"Therefore, users with sensitive information on their phone are advised to use higher-protection security features, such as pattern, pin, or password unlock."

Re:

[Rhodri Mawr]

They've added some little things like requiring some movement in the face (eg, blinking), so it's mildly surprising that a static photo can trick it.

Given that my son's camera consistently detected the Mona Lisa blinking, I'm not surprised at all.

Re:

[Missing.Matter]

From the quote, if something as simple as a pin password is "higher-protection" then let's just call this face unlock feature what it is: a pointless gimmick.

Re:

[errandum]

The phone will lock for 30s after 3 failed attempts or so, so you'd still have a hard time with a pin.

But any android phone has offered the option for a password for the last year, so the whole thing is moot. Want security, pick a strong passsword.

Re:Not Intended to be Industrial Grade

[KhabaLox]

Want security, pick a strong passsword.

Exactly. That's why I use a picture of Rainer Wolfcastle for my Galaxy.

Re:Not Intended to be Industrial Grade

[liquidsin]

just use a picture of your balls; in theory it should be easier to keep would-be hackers from getting a picture of your balls, and it's only slightly awkward to shove your hand down the front of your pants every time you'd like to use your phone.

Re:

[Splab]

I keep my phone in front left pocket, so not that far away, but crotch dialing would be an issue :)

Re:

[Jarik C-Bol]

Sir, I hereby award you the internet for the day, as you have made me laugh heartily at your witty commentary. Someone mod this person +1 funny.

Re:

[CCarrot]

just use a picture of your balls; in theory it should be easier to keep would-be hackers from getting a picture of your balls, and it's only slightly awkward to shove your hand down the front of your pants every time you'd like to use your phone.

Intriguing thought. However, since I don't believe it uses any flash or other mode of subject lighting, you'd actually have to haul your balls out into the daylight instead, or use some sort of in-place ball lighting apparatus, which could get...interesting...in public places.

A bit less convenient But I suppose you'd have a nicely tanned sack! :P

Re:

[Kittenman]

just use a picture of your balls; in theory it should be easier to keep would-be hackers from getting a picture of your balls, and it's only slightly awkward to shove your hand down the front of your pants every time you'd like to use your phone.

Intriguing thought. However, since I don't believe it uses any flash or other mode of subject lighting, you'd actually have to haul your balls out into the daylight instead ...

I think if you do this, other people get the flash, rather than you.

Re:

[SpaghettiPattern]

just use a picture of your balls; in theory it should be easier to keep would-be hackers from getting a picture of your balls, and it's only slightly awkward to shove your hand down the front of your pants every time you'd like to use your phone.

Like the idea! Like the idea!

I see however a problem in that the phone surely needs a face to recognize. I therefore would suggest to mimic the famous 70-s hippy image of a phallus with sunglasses and cigarette. We should form a company whereby we complement each other!

Re:

[FlopEJoe]

You'd be surprised at how many pictures of my balls there are out there.

Re:Not Intended to be Industrial Grade

[localman57]

It's not necessarily pointless, depending on who your attacker is. Against a sufficiently advanced and determined attacker, nearly all security attempts are pointless, because all can be broken, even if a rubber hose must be used. If your goal is to simply prevent someone from casually picking up your phone and browsing through your inbox, it might be worthwhile. Additionally, if the "gimmick" aspect leads some people to use it who would not otherwise use a PIN (which is very un-gimmicky), there may be some value in it.

Finally, I see this as potentially very useful as a two-factor authentication for cases where the person who has the phone doesn't know to whom it belongs. e.g. they found it in a bar. If brute-forcing the face recognition is somewhat difficult, it could be added to a pin code for extra security. All of this assumes that there isn't an easily exploited backdoor or weakness via USB or other interface.

Re:Not Intended to be Industrial Grade

[crakbone]

Actually I see this as preventing the casual phone check by a police officer. It becomes a locked container and they then legally have to go to more extremes to open it. In some cases a warrant.

Re:Not Intended to be Industrial Grade

[CCarrot]

Actually I see this as preventing the casual phone check by a police officer. It becomes a locked container and they then legally have to go to more extremes to open it. In some cases a warrant.

Or they just hold it up 'Is this your phone, sir? Oh look, it's unlocked...'

Re:

[Barlo_Mung_42]

Good point. Plus it probably doesn't work if your eyes are all red and swollen from pepper spray.

Re:

[viperidaenz]

and covered in blood from the boot in the face received after successfully being subdued by the pepper spray

Re:

[Captain Hook]

WHOOSH

Failure to detect geek movie reference

Re:

[mcgrew]

It's not security at all, it's convenience. I stopped buying those old "candy bar" phones because you either had to unlock it with a key combination before you could answer it, or risk butt-dialing 911 while you're buying weed. But now the flip phones I like are going out of style, everybody and his dog wants a phone that won't fold and won't fit in a pocket. For an Android/iPhone this would be great... if I could find one I could comfortably fit in my pocket.

With a flip phone, pull it out and open it (quic

Re:

[hedley]

A buddy was out with a lady friend, not his gf, and the unlocked candy bar butt dialed his gf. Awkward for him since she tuned into the conv.

cue the Dr Hibbert laugh on that one :)

H.

Re:

[quacking duck]

With a flip phone, pull it out and open it (quick thumb motion) and say "hello?" With a modern iPhone/Android you have to fiddle with it to unlock it. This just removes the "fiddling with it" part, like the flip phone's cover did; pull it out and answer.

Answering an iPhone is also just a quick thumb motion. Passcode is only needed to dial out (except if emergency call button is pressed) or access apps. I imagine Android is similar.

And though placing your thumb on the right spot on the touchscreen might add a fraction of a second over flipping a physical cover, in normal use many people check who's calling first (call display assumed), so they'd need to look at the screen anyway unless the caller has been set to a custom ringtone (which are limited to a sma

Re:Not Intended to be Industrial Grade

[icebike]

Face unlock is not intended to be industrial grade security. By its nature it has to be tolerant to unlocks (it would suck if you couldn't unlock your phone after a haircut or beard trim, for example). It's intended to prevent casual perusal by someone who finds the phone sitting around. They've added some little things like requiring some movement in the face (eg, blinking), so it's mildly surprising that a static photo can trick it. But it's not especially worrying either - again, it's meant to be one step above slide to unlock.

It's almost like stating that the standard "slide to unlock" is insecure because anyone can slide that button! The statement is true, but it misses the point.

Also, a quote from Samsung taken directly FTFA:

"Therefore, users with sensitive information on their phone are advised to use higher-protection security features, such as pattern, pin, or password unlock."

Further this is a standard feature of ICS, and nothing to do with Samsung. Its on all the HTC phones that ship with a front facing camera and ICS installed.
Want to blame someone, blame Google for adding this silly feature to Android.

Re:

[complete loony]

Forcing the user to turn their face around a bit so you can check their features against a 3d model might work. But would be more difficult to implement, and probably more error prone.

Re:

[Marillion]

Exactly, that's true of any "fuzzy" system. Fuzzy includes fingerprint readers, retina scanners, voice prints. You name it, it has to allow for a a degree of fuzziness. They make for great Hollywood visuals, but nothing else.

Re:

[girlintraining]

"Therefore, users with sensitive information on their phone are advised to use higher-protection security features, such as pattern, pin, or password unlock."

Yeah, because it's terribly difficult to see the finger smear left on the display after the unlock code is entered.... o_o Hmm, it looks like a backwards Z! Actually, in studies of it, they've discovered people tend to make geometric shapes or reversed alphabet characters as their unlock code... There's a fairly good chance that if you try the top 20, you'll unlock the phone. So there's that too...

Re:

[quacking duck]

I've long suspected swipe-passcodes are theoretically less secure than 4-number PIN, if for no other reason than the swipe leaves a single trail (only 2 possible paths based on finger smudge), whereas buttons you have thousands of possible numbers. Assuming the 4 numbers are all different of course.

Seems the math backs this up [wordpress.com].

Of course this all assumes the user started with a clean screen, entered the passcode/pattern, then immediately locked it and gave it to someone to guess. In real life other interacti

Re:

[cyberchondriac]

Most people use their phone after unlocking it though, which adds more smears to the screen, obliterating the pattern . Depending. If they only unlock to see if they have messages or emails though, and there are none, and they lock it again, then yeah, it's a dead giveaway.

Re:

[GNUALMAFUERTE]

And it says so right when you go to configure it.

(I don't own an S3, but a Galaxy S i9003 running community-made ICS - CyanogenMod9)

From the face unlock configure screen (when you try to enable it):
"- Face unlock is less secure than a pattern, PIN or password
- Someone who looks similar to you could unlock your phone."

Most fingerprint readers, even those sold to open your fucking door, can be tricked with a black-and-white picture of the right fingerprint, who is surprised that a novelty feature still in bet

Re:

[RockDoctor]

Shock! Horror! Users don't RTFM. Sky Falls.

Re:

[errandum]

it's not stupid at all, you don't have to slide your finger on the screen!

With a 4.8 screen, imagine how much work you'd have to put into that every single day... It's a godsend, I tell you, a godsend!

Re:

[Compaqt]

> how much work you'd have to put into that every single day.

Well, no, actually I don't.

I know the size of your screen.

I just need to know how fat your fingers are so I can calculate F and W.

Re:Not Intended to be Industrial Grade

[kqs]

Take a simple PIN for instance. Pair it up with the setting to erase the device after ten fails. Then an attacker gets the device and looks for fingerprints. One smudge on the device -- trivial. Two smudges and a four digit PIN can mean a 10 in 16 chance of getting the result. Three smudges, a 10 in 27, and four smudges, a 10 in 256 chance.

If someone uses a longer PIN, it becomes harder to guess things.

How do you get 256? 4 smudges means a 10 in 24 chance (4*3*2). Three or two smudges are even easier though I don't recall how to calculate the odds.

Compare to face unlock which protects a lost cell phone pretty well, but gives little protection against your friends. I know which attacker I care about more.

Re:

[viperidaenz]

I have two reasons for enabling "slide to unlock" on my phone. 1: to stop pocket dialing. 2: to stop my son from dialing 111 if he gets my phone. He's two now and has figured out how to unlock already, dial numbers and start angry birds. It would take him another few years to figure out he has to point the phone at me or a photo of me.

Re:

[YttriumOxide]

I have two reasons for enabling "slide to unlock" on my phone. 1: to stop pocket dialing. 2: to stop my son from dialing 111 if he gets my phone. He's two now and has figured out how to unlock already, dial numbers and start angry birds. It would take him another few years to figure out he has to point the phone at me or a photo of me.

My 14 month old daughter can now "slide to unlock" my wife's phone, bring up the address book and press the picture of her dad. She calls me at work at least twice a week. She's a little behind in the speaking department though, so no matter how much I try to get her to say something, she'll remain silent or offer a non-specific squeak/grunt at best (no cause for concern yet, but we're hoping her language skills pick up soon).

So yes, I completely agree that the face recognition would be useful here - my w

Re:

[nahdude812]

no cause for concern yet, but we're hoping her language skills pick up soon

You're more than right; at this age an occasional and almost accidental "dada" or "mama" is appropriate. It's pretty intriguing that she is able to operate the phone well enough to unlock it and call you. My son is 13 months old, and I go out of my way to make sure he doesn't have access to my phone since at this age, they tend to explore the world with their mouth (not surprising, the tongue is the highest nerve density in your body, you can feel detail with it that you can't with any other part of your

Re:

[viperidaenz]

That's one reason I got a Motorola Defy, its apparently IP67 rated.

Re:

[hajus]

Wait.. what? Passwords don't change but implanted chips do?

2011 called

[SmurfButcher Bob]

...duh? really?

Re:

[Nerdfest]

Really. The really interesting part is that the face unlock feature has been around since the Galaxy S2.

Re:2011 called and it's old news

[noc007]

It's an ICS feature and has been compromised with this trick since it was released:
http://www.youtube.com/watch?v=BwfYSR7HttA [youtube.com]

Feature...

[N0Man74]

This is a "feature", not a "bug". In fact, it's a "safety feature".

Now there is no need for someone to kill you, skin your face off, and make a mask out of it to break into your phone (like in the movies). They can just take a photo of you from a telephoto lens. Sign me up!

Re:

[DarthVain]

Yes if movies taught me anything, biometric security will only cause evildoers to cut off your hand, thumb, eyeball to defeat the security. Sometimes when you're alive, sometimes not.

I mean if it is something I remember, at least they have to keep me alive! Of course if you don't tell they might take your daughters nose job away...

Re:

[bughunter]

This is a "feature", not a "bug".

Obviously. With all of the face-eating zombies in the news lately, Samsung thoughtfully permits you to unlock your phone with a backup of your face.

Re:

[93 Escort Wagon]

Now there is no need for someone to kill you, skin your face off, and make a mask out of it to break into your phone (like in the movies).

But we can still do it for fun, right?

What if the owner is really ugly?

[acidradio]

One concern is if the owner is really hideous looking. There is the risk that it could shatter the camera lens and then the phone would NEVER unlock!

even more dangerous...

[Anonymous Coward]

It would be even more dangerous if someone compiled a whole book of face photographs... i dunno, maybe they could call it a "face book" or something like this.

Re:

[KhabaLox]

i dunno, maybe they could call it a "face book" or something like this.

If they got enough photos they could call it The Face Book, since it would be definitive.

2D vs 3D

[gameboyhippo]

I agree that nobody should rely on this for security, but I think it would be more secure if it was a 3D camera instead of a 2D one. Then it could work more similarly to Kinect. But I suppose then that someone could take a picture of a person on their Nintendo 3DS and trick the phone that way. :)

Re:

[Anonymous Coward]

Sure, just throw a low quality 3d camera on for a simple unlock feature. I'm sure it's price will stay competitive. Really. No, seriously.

Re:

[PerfectionLost]

I'm sick enough of my kinect taking a couple minutes to figure out who I am.

Works fine for some of us.

[MasterOfGoingFaster]

I'm safe. My face cracks lenses.

No easy way to do this

[sideslash]

They could have the user do something like shake their head to prove that it's a 3D shape. And then somebody could write a tablet app that takes a flat photo and wraps it around a 3D, animatable head model. This could pretty much be a never-ending war of escalating sophistication.

As long as people know it's basically a toy and a way to keep honest people out, it will be OK.

Re:

[CCarrot]

They could have the user do something like shake their head to prove that it's a 3D shape.

I like this. Better yet, have the user be able to define or record an unlock gesture to go with the face recognition, like a nod, head shake, tilt to the side, look to one side and back, hair flip, stick out their tongue, put their hand on their nose, tug one earlobe, etc, etc, etc. One half of the recognition is based on biometrics, the other half to be based on a unique and expected movement pattern. Both are required to gain access to your phone.

(I just want to see one stock broker sticking his tongue

Never fool-proof

[ThunderBird89]

Unless they manage to squeeze in a high-resolution thermal imager too, to verify that the face is indeed living (and maybe map out the veins, but that would require a rather sensitive imager), no face-unlock will be 100% secure. Bit higher on the scale than a slider or a pattern unlock, but waaaay lower than a PIN/password lock.

Re:

[retchdog]

what's the difference between a pattern unlock and a PIN?

Re:

[ThunderBird89]

You can crack a pattern lock by looking at the glass and noting the path the finger travels across the grid. For a PIN, you have 4-8 or more distinct points on the screen, with no indication of the order. That means you're looking at at least 24 (4!) different combinations, and most phone OS-es lock out after 3-5, for increasing periods. So it frustrates cracking attempts more than a pattern unlock.

Re:

[retchdog]

fair enough, i didn't consider the finger-path problem.

Re:

[repvik]

That is, if the pattern does not loop back on itself. Unfortunately, last time I checked, that was impossible on Android phones.

Re:

[rkww]

http://people.csail.mit.edu/mrub/vidmag/ [mit.edu]

We've heard this with the Galaxy Nexus

[mikecase]

That said, this isn't meant to be industrial grade security. Compared to no security at all, this is a big step up. The likelihood that I loose my phone in the parking lot and someone who finds it has a picture of me to unlock the phone with seems extremely slim. More likely, this would be vulnerable to attack from people I know, but even then, it's better than nothing.

Solution

[mdarksbane]

Use someone *else's* face as your unlock.

Like Teddy Roosevelt.

And then put that picture as your login screen, so it'll log you in if you point at a mirror.

It'll still be a problem if Zombie Teddy Roosevelt steals your phone, but how likely is that...

Re:Solution

[XiaoMing]

Use someone *else's* face as your unlock.

Like Teddy Roosevelt.

And then put that picture as your login screen, so it'll log you in if you point at a mirror.

It'll still be a problem if Zombie Teddy Roosevelt steals your phone, but how likely is that...

So you now have a cell-phone that's only useful near mirrors.

Re:

[jgeiger]

Use someone *else's* face as your unlock.

Like Teddy Roosevelt.

And then put that picture as your login screen, so it'll log you in if you point at a mirror.

It'll still be a problem if Zombie Teddy Roosevelt steals your phone, but how likely is that...

So you now have a cell-phone that's only useful near mirrors.

And completely useless if you're a vampire.

Re:

[gsslay]

Like you don't have a picture of Teddy Roosevelt in your wallet?

Re:

[ignavus]

Use someone *else's* face as your unlock.

Like Teddy Roosevelt.

And then put that picture as your login screen, so it'll log you in if you point at a mirror.

It'll still be a problem if Zombie Teddy Roosevelt steals your phone, but how likely is that...

So you now have a cell-phone that's only useful near mirrors.

And you now have a cell-phone that can be broken into by anyone else who is carrying a mirror or who is near a mirror. They just have to watch you log in once ...

Re:

[kanto]

I'm reading these "ideas" and starting to think that /. should have a urin test for posters.

Re:

[Jarik C-Bol]

and at the same time, I think that anyone doing anything new with any sort of technology needs to post their idea on /. to be told all the ways they are doing it wrong, thus getting valuable feedback on how to improve it. Because from what I've seen, /. is a panel of experts on how EVERYTHING is being done wrong.

You're the one who brought up zombies, so...

[Cajun Hell]

What if my login screen uses a picture of a vampire?

Re:

[gman003]

Look, zombie or not, if Teddy Roosevelt wants your phone, HE WILL GET IT.

Re:

[CubicleView]

The silver surfer could probably unlock the phone as well.

This just in...

[jbrizz]

Face recognition recognises faces.

Possible solution...

[FridayBob]

Equip the phone with two or more cameras so that the user's face can be verified in 3D, thus making it a lot harder to fool the system with one or more 2D pictures.

So what?

[ettusyphax]

It can also be bypassed by anyone with a computer, and so can those other "security methods." Actually, calling them "security" is a bit of a misnomer - it's more like a temporary privacy screen. Next you'll be telling me my laptop is insecure because someone could chop off my finger and use it to log in to Windows with my fingerprint scanner - yeah, or they could use any one of a thousand boot discs that bypass the Windows log-on process entirely. The face scanner, like the finger printer scanner (when set

Um

[Jethro]

That... uh... so you're tricking the phone into thinking it's seeing you by showing you a picture of yourself which I assume looks like you?... it's not exactly supposed to be doing a retina scan.

Why not face unlock plus pin

[esten]

Since most pin/swipe patterns are limited in security why not combine face unlock with a pin. Add a little security without much hassle for user.

Solution: Silly faces!

[LordRobin]

There's an easy solution! Just cross your eyes and stick out your tongue when taking the security image! Of course, the people on the bus might think you're a little looney each time you unlock your phone, but that's the price you pay for security!

------RM

Re:

[gbjbaanb]

and what's more - you can't accidentally unlock the phone just be picking it up, which could be awkward if youy're on the bus and the person behind/next to you sees what you were doing with it before it locked last....

Old news - Also, not a real issue.

[Petron]

As seen on Youtube [youtu.be].

and not just Samsung Galaxy S3, but any phone with Android 4.0 (ICS) with face unlock active. My EVO 4g LTE can be fooled the same way, but what is the odds that some random person just happens to have a picture of me? It's more likely they could guess my pin/pattern.

Informed decision?

[astrodoom]

No information on the test they performed whatsoever, no shots of the photos used, no information on how they overcame (or if they did at all) the supposed blinking requirement. This news site has a low opinion of their readers to not even include the simplest information.

Last I checked....

[SIR_Taco]

Last I checked on my Samsung Galaxy SII (with ICS 4.0.3), the "Face Unlock" feature was aptly labeled as "Low Security, Experimental".

The only item marked as "High Security" is the password option.

I don't have an S3, but from what I've read the UI/OS version is pretty close at the moment (4.0.3 vs. 4.0.4). And I do believe, correct me if I'm wrong, that "Face Unlock" is still labeled the same.

improve with pin

[kipsate]

Security can easily be improved by the use of a 4 digit pin-code which is to be tattooed to the forehead of the owner and automatically read using OCR.

What't the problem?

[Fuzzums]

With the SII it also works. I took a picture with one phone and showed to the other phone to unlock it.
That works. No problem.

But I think it's also marked as insecure, so this wasn't really a surprise actually.

Swipe PIN is apparently better

[sl4shd0rk]

Seems to stump the FBI.

http://www.geekosystem.com/fbi-cant-crack-pimp-phone-pattern-lock/ [geekosystem.com]

Face unlock is not a security feature

[Anonymous Coward]

It's not a security feature and it should not be. It's there for convenience. nothing more.
It's just like slide to unlock, but all you have to do is look at the camera and voila :)

Use another body part.

[couchslug]

Use another body part.

"Goat Unlock"?

Fifth Element

[goodmanj]

Gimme the cassssh!

http://www.youtube.com/watch?feature=endscreen&NR=1&v=nah_3vO0uhM [youtube.com]

Use a print of...

[Zaiff Urgulbunger]

Use a print of goatse.cx and you'll always be safe in the knowledge that even if you forget to carry the print with you, you can still, at a push, access your phone! :D

Re:

[gmhowell]

Use a print of goatse.cx and you'll always be safe in the knowledge that even if you forget to carry the print with you, you can still, at a push, access your phone! :D

If your face looks like that, you've got more problems than mere phone security.

Re:

[Zaiff Urgulbunger]

No, I was actually thinking more along the lines of squatting down over the phone.... yeah, I guess it would be a bit of a stretch!

badum tishhh! ;)

Samsung: use an Infrared face detector like Siri

[sonamchauhan]

Apple Siri uses an Infrared light based face detection sensor on the current IPhone to reliably detect a human face is being held in front of it.

Using Face unlock in combination with such a sensor would defeat simple photo-based attacks.

Re:

[quacking duck]

Not quite. Siri has activated a number of times when the screen was still on and I put it in my pocket. Even if locked, e.g. I pull it out to check time, put it back in pocket before screen goes black. This hasn't resulted in a pocket dial yet, but it's at least possible.

double lolz

[slashmydots]

So instead of a password to get in, you can use a password OR a facial recognition system. What improved security!
But, the question is, can it recognize black people? (see HP's awesome facial recognition "oversight")

Beta?

[jampola]

At least on my Galaxy Note with the ICS 4.0.4 update and it clearly states it's in Beta in the menu options. Not sure if it's also at Beta status on the SGS3 but honestly speaking, only a fool would rely solely on facial recognition.

A quick fix comes to mind...

[Rooked_One]

and I don't even own a smartphone... Just make an extremely goofy face that you'd never have in a picture.

problem solved.

Re:=/= news Mythbusters

[Jeng]

On Mythbusters when checking out different security devices they found that you can fool a fingerprint scanner with a paper copy of the fingerprint.

http://en.wikipedia.org/wiki/MythBusters_(2006_season)#Fingerprint_Lock [wikipedia.org]

Someone is telling you

[Anonymous Coward]

that starting your post in the subject and continuing in the body is bad form.

By "someone" I mean me.

With this reply.

Don't do it.

Ever.

Re:

[Cosgrach]

My voice is my PASSPORT.

There, fixed that for you.