Amazon's Latest Gimmicks Are Pushing the Limits of Privacy (wired.com) 49
At the end of September, Amazon debuted two especially futuristic products within five days of each other: a small autonomous surveillance drone, called Ring Always Home Cam, and a palm recognition scanner, called Amazon One. "Both products aim to make security and authentication more convenient -- but for privacy-conscious consumers, they also raise red flags," reports Wired. From the report: Amazon's latest data-hungry innovations are not launching in a vacuum. The company also owns Ring, whose smart doorbells have had myriad security issues and have been widely criticized for bringing unprecedented surveillance to traditionally semi-private spaces. Meanwhile, the biometric data that Amazon Go will collect is particularly sensitive, because unlike a password you can't simply change it if a hacker steals it or it gets unintentionally exposed. Amazon has a strong record for maintaining the security of its massive cloud infrastructure, but there have been lapses across the sprawling business. The stakes are already phenomenally high; the more data the company holds the more risk it takes on. "Amazon has a major genomics cloud platform, so maybe they hold your DNA and now they're going to have your palm as well? Plus all of these devices inside your house. And your purchase history on Prime. That's a lot of information. That's a lot of personal information," says Nina Alli, executive director of Defcon's Biohacking Village and a health care security researcher. "When you give away this data you're giving a company the ability to access and manage you, not the other way around."
[...]
Additionally, while companies like Apple and Samsung have brought biometric fingerprint and face scanners to the masses by making sure the data never leaves the device, Amazon One takes the opposite approach. Kumar writes that "palm images are never stored" on Amazon One itself. Instead they are encrypted and sent to a special high security area of Amazon's cloud to be converted into "palm signatures" based on the unique and distinctive features of a user's hand. Then the service compares that signature to the one on file in each user's account and returns a match or no match answer back down to the device. It makes sense that Amazon doesn't want to store databases of people's palm data locally on publicly accessible machines that could be manipulated. But the system could perhaps have been set up to generate a palm signature locally, delete the image of a person's hand, and send only the encrypted signature on for analysis. The fact that all of those palm images will be going for cloud processing creates a single point of failure. "I'm worried that people could read your palm vein pattern in other ways and construct an analog. It's only a matter of time," says Joseph Lorenzo Hall, a longtime security and privacy researcher and a senior vice president at the nonprofit Internet Society. "Both the home drone and the palm payment are going to rely heavily on the cloud and on the security provided by that cloud storage. That's worrying because it means all the risks -- rogue employees, government data requests, data breach, secondary uses -- associated with data collection on the server-side could be possible. I'm much more comfortable having a biometric template stored locally rather than on a server where it might be exfiltrated."
An Amazon spokesperson told WIRED, "We are confident that the cloud is highly secure. In addition, Amazon One palm data is stored separately from other personal identifiers, and is uniquely encrypted with its own keys in a secure zone in the cloud."
[...]
Additionally, while companies like Apple and Samsung have brought biometric fingerprint and face scanners to the masses by making sure the data never leaves the device, Amazon One takes the opposite approach. Kumar writes that "palm images are never stored" on Amazon One itself. Instead they are encrypted and sent to a special high security area of Amazon's cloud to be converted into "palm signatures" based on the unique and distinctive features of a user's hand. Then the service compares that signature to the one on file in each user's account and returns a match or no match answer back down to the device. It makes sense that Amazon doesn't want to store databases of people's palm data locally on publicly accessible machines that could be manipulated. But the system could perhaps have been set up to generate a palm signature locally, delete the image of a person's hand, and send only the encrypted signature on for analysis. The fact that all of those palm images will be going for cloud processing creates a single point of failure. "I'm worried that people could read your palm vein pattern in other ways and construct an analog. It's only a matter of time," says Joseph Lorenzo Hall, a longtime security and privacy researcher and a senior vice president at the nonprofit Internet Society. "Both the home drone and the palm payment are going to rely heavily on the cloud and on the security provided by that cloud storage. That's worrying because it means all the risks -- rogue employees, government data requests, data breach, secondary uses -- associated with data collection on the server-side could be possible. I'm much more comfortable having a biometric template stored locally rather than on a server where it might be exfiltrated."
An Amazon spokesperson told WIRED, "We are confident that the cloud is highly secure. In addition, Amazon One palm data is stored separately from other personal identifiers, and is uniquely encrypted with its own keys in a secure zone in the cloud."
amazon started shit with alexa (Score:2)
Re:amazon started shit with alexa (Score:5, Insightful)
It's the USA, the surveillance heaven. I miss the days when the children of the KGB only had their eyes, their ears and their expensive tape recorders to spy on us.
Compared to the Googles, the Amazons and the Facebooks of today, the "totalitarian" state of the real 1984 is a joke.
Re: (Score:3, Insightful)
If you can publicly complain that you live in a totalitarian state without fear of reprisals... you probably don't actually live in a totalitarian state.
Re:amazon started shit with alexa (Score:5, Informative)
If you can publicly complain that you live in a totalitarian state without fear of reprisals... you probably don't actually live in a totalitarian state.
Dear Citizen,
What the fuck, are YOU going to do about it?
Welcome to Corporate Arrogance. Not sure why you ever assumed we actually give a shit about your "complaints".
Fuck You Very Much, and Have a Nice Day.
Hugs and Kisses,
- The Overlords you welcome with every I Agree
Re: (Score:2)
Probably, but you never know...
https://en.wikipedia.org/wiki/... [wikipedia.org]
Re:amazon started shit with alexa (Score:5, Insightful)
Most people who lived in totalitarian states complained publicly without much fear of reprisal. The few that actually did something to the state ended up reprised. Kinda like an Edward Snowden we used to know.
Re: (Score:1)
Your attempted trivialization of totalitarian states is shameful.
This is patently not true. Not in the totalitarian state I lived in (which was during my lifetime already comparatively mildly policed), nor in any other.
You couldn't say much wrong publicly in fascist Germany or Spain, nor in communist Soviet Union. To this day you can't say much in China (or newly also Hong Kong), North Korea or Russia before getting arrested, disappeared, poisoned or killed.
US for all its faults is nothing like them.
Re: (Score:2)
If you can publicly complain that you live in a totalitarian state without fear of reprisals... you probably don't actually live in a totalitarian state.
Either that or they simply don't give a shit.
It's not if the cloud is hacked, it's when (Score:2)
Readers here push forward technology, but this is a festering wound of privacy leaking slime.
Opt out by not feeding data to net aggregators, Ring, Alexa, Amazon, Microsoft Teams (turn on real time transcription to see creepy) by not buying data aggregation products and
not enabling blue tooth or wi fi on your mobile devices when not at home.
Re: (Score:1)
Bad advice: without bluetooth your COVID tracker program will not work. You have no right to turn bluetooth off. People are dying.
Already other services are lined up... (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
Just pay with your other hand, and then your foot, until you run out of limbs. Should be good for at least a few months.
Corporate Vacuum (Score:5, Informative)
Quality (Score:1)
Cool tech (Score:4, Interesting)
**Full Disclosure** I work in physical security at Amazon, key cards, alarms, security cameras, that stuff. I also worked for five years in the AWS Security Operations Center. I have nothing to do with either of these products.
I've worked in physical security for around 15 years and biometric scanners were always a nightmare. Finicky, touchy, needing regular calibration, and they failed so often you always needed at least two spares for every five readers. RSI Handkey readers were the worst, and when I heard that Amazon was working on a hand scanner I was skeptical to say the least. To my amazement 1) the thing actually works, 2) it works well, 3) it doesn't need regular recalibration, and 4) it's durable enough for retail installation.
I'm not really clear on what people are worried about r.e.the "privacy implications". Unlike a credit card it can't be stolen,copied or falsified. Of course it's going to be used to track your purchases, did you think your credit/debit card wasn't already being used that way?
Re:Cool tech (Score:4, Insightful)
Re:Cool tech (Score:5, Interesting)
I'm not really clear on what people are worried about r.e.the "privacy implications". Unlike a credit card it can't be stolen,copied or falsified.
This is the exact reason biometrics are currently unworkable for general use. When Amazon's database gets hacked (and it will) you can't change your palmprint. At best it's part of a multi-factor authentication. Even then it's a poor thing to rely on.
Re: (Score:2)
This is the exact reason biometrics are currently unworkable for general use. When Amazon's database gets hacked
It looks like Doctor Victor Frankenstein was way ahead of his time -- he excelled in swapping hands and random body parts on people. Only had one complete success though, but then again practice makes perfect.
For a biometric example, I always liked "Demolition Man"; I thought the eye scanner scene was great. "See? Here's my eye -- look, it's really me!"
Re: (Score:2)
For a biometric example, I always liked "Demolition Man"; I thought the eye scanner scene was great. "See? Here's my eye -- look, it's really me!"
Even at the time that movie was made, high-end scanners already had the ability to detect a lack of life. It was a cute scene, but bore about as much resemblance to reality as... the rest of the movie really
Re: (Score:1)
Re: (Score:2)
Why do you cancel a credit card? Because it's been hacked, or stolen. If you palm has been stolen you have more worries than your credit account, and they can't copy your palm with anything remotely like technology that will be available in the next decade.
Re: (Score:2)
Why do you cancel a credit card?
I've cancelled at least two because of change in policies of the provider and the issuing bank.
Re: (Score:2)
So you changed your credit provider. Once this is deployed more widely than just Amazon facilities you'll be able to associate your palm print with whatever provider you want, and end that arrangement as well. If you want two different credit providers simultaneously use the other hand.
Re: (Score:2)
To Amazon and its employees I will only show one fingerprint - the middle one. In reverse.
Re: (Score:2)
Ah, so your problem isn't the technology, just irrational hatred. Got it.
Re: (Score:1)
If you palm has been stolen you have more worries than your credit account
Well, I do if this sort of thing is in widespread use. Otherwise, my only worry is that someone out there can pretend their hand turkeys are actually *my* hand turkeys.
they can't copy your palm with anything remotely like technology that will be available in the next decade
They can get a copy of the relevant data. Then spoof it. They might not be able to walk into an Amazon store and do it, but 1. this is not going to end there, and 2. once the information is stored in Amazon's 'secure' cloud it may as well be published on Wikileaks.
I'm really beginning to question this whole "I work in physical securit
Re: (Score:2)
They can get a copy of the relevant data. Then spoof it.
And what are they going to do with it? Can you crack the encrypted data stream between the register at a Go or 4 Star store and the data center? (If so they might have a very lucrative job offer for you.)
They can get a copy of your fingerprint or iris pattern much much easier (a good camera is all it takes), and yet those are considered to be secure for most uses.
once the information is stored in Amazon's 'secure' cloud it may as well be published on Wikileaks.
Really? How often does Amazon expose its secure data to the world? When was the last time that AWS was hacked? (Hint: It's a really small num
Re:Cool tech (Score:4)
My big problem with Alexa, Ring and now this is that it all needs "the cloud" to work. That means there is a database of all the palms that have ever been scanned somewhere - yet it's no ones business who places their hand on my hand scanner except maybe mine.
Inside Amazon, I'll bet there's a whole world of information that's on a "need to know basis". I'll bet there are places that only certain people can go too. Yet when it comes to my personal data, privacy etc, apparently it's okay for me to give it all up to someone who absolutely doesn't need to know it at all - they just want it for... whatever. I'm afraid, I don't like that, so don't want to play, thanks.
Also, onto the point about credit cards - it's true that my bank knows a lot about me because it sees my credit card usage. However, they're not trying to sell me stuff, so in some sense, that information isn't terribly useful to them. They're not allowed to sell it (because of regulation), and so, yes, I'm giving something up, but it's not likely to be used "against me" as such. Contrast to Amazon (and others) that are entirely unregulated, and apparently so far out of the reach of legal systems that they don't even need to pay tax (which is usually one of the things legal jurisdictions take most seriously). Giving Amazon anything means they can do what the hell they like with it - and quite probably are.
Re: (Score:2)
I'll bet there are places that only certain people can go too.
Yep, that's what I do all day every day, make sure that people can't get to places that they're not supposed to but can get to the places they need to. It's actually a fun and challenging job and we need more techies in the profession.
they're not trying to sell me stuff
Yes, they are. They're using it to market (or not) financial services such as investments, retirement accounts, mortgages, etc. Even our credit union does it. If it were worthwhile for them to direct you to a car dealership rather than be content with just financing the pu
Re: (Score:2)
I'm in the UK - and so no, banks aren't trying to sell me anything - although I take your point about mortgages and whatnot - they could try to sell me financial products, that's true - but actually even that's pretty limited because financial products have to "fit" the customer - if my bank tries to sell me something that's not actually in my best interests they can get into regulatory trouble (all the way up to losing their license). So at the moment at least, banks are really waaay down the pile of peopl
Re: (Score:2)
Nope, it depends on guarding spaces and physical access to data. Customer privacy decisions are up to the policy makers, far above my pay grade.
What a dumbass.
I for one WANT an Amazon drone camera in my house (Score:1)
I'm not overly concerned about catching video of burglars inside my house, or recording a home invasion, but I do want to see what my dog is doing when I'm at work. If it occasionally catches me masturbating, well, that's kind of on them.
Pushing? On what planet? (Score:3)
They crossed it, and raped it to death, a long time ago.
The are just now going in for seconds on the goatse'd bloody dismembered body.
And I'll bet money that is only the distraction from their more evil actual plan [youtu.be].
No Reason To Worry (Score:1)
There just doesn't seem to be any reason to worry about this here. I mean the whole thing with palm prints is that (like fingerprints) you leave them on surfaces you touch.
So someone who wants your palm print has two options. One, just frequent the same places you do and wait until you touch something they can take a palm print of (they can assemble it from a bunch of partials) or they can try to hack amazon and then somehow reconstruct it from the palm print signature amazon has. Now, you almost surely
Re: No Reason To Worry (Score:2)
They aren't recognizing ridge patterns, so an attacker would have to take a picture with the same wavelengths the device uses. Still doable, though if it requires a flash or high intensity scanning beam hard to do covertly.
Re: No Reason To Worry (Score:2)
Ok, so even less need to worry because they literally can't use the info to infer your biometrics for any other biometric authentication device.
I suspect that's not going to be true and there is enough overlap between the ridge pattern that you could predict something that would work. I mean it has to work across different levels of tan or staining.
Re: No Reason To Worry (Score:2)
They have a patent for using IR at different polarizations. With polarization gating you can resolve deeper tissue features.
Re: No Reason To Worry (Score:2)
Biometric identification only makes sense as a username. Not is identification. Not security.
Passwords should still be used. A thumb print and then pin proves who you are and what you know.
Why do people keep trying to use identification as passwords is beyond me.
I use the thumb print on my phone that way !y phone knows it is me and unlocks. It isn't my password and it isn't my pin.
Re: No Reason To Worry (Score:2)
It depends hugely on context. Look, biometrics are a really great way for most people to unlock their phones because their threat model isn't evil hackers or even criminals but curious kids, snooping friends/lovers and to deter teen thieves.
They are also a pretty great way to do security in a context with human monitors. I mean we are literally using biometrics when we let the president walk into the White House and issue orders without a password...just ones mounted on our heads. It's totally reasonable
pushing limits (Score:2)
Pushing the Limits of Privacy
Note to editor: normally limits are understood to be pushed outward, not inward.
So if the drone gets taken over by the police... (Score:2)
... and you attack it, will that count as "assault on an officer" and get you locked away for life?
Re: (Score:2)
Hopefully. You should finally learn your proper place, citizen.
Drone vs cat (Score:2)
If this thing is flying around a house with a cat and the cat gets interested in it, it'll only be a matter of time before the cat gets it. Byebye, drone!
Cats: guardians of your privacy!