This can already be done with ordinary WiFI hardware. Here is one of multiple papers about it:
How much easier will "device free localization and identification" be with 5G's higher frequencies and beamforming antenna arrays?
Consider, why else would people be writing papers like these?
I don't like the way 5G is pitched to the public. It feels icky. All the marketing is like "this will change the world and bring internet to rural areas plus you'll be able to watch netflix on your phone omg can you believe that!"
But in a few years they'll suddenly be saying "Awe golly shucks whaddya know, who knew 5G radios can also be used to spy on your aging parents breathing habits... how convenient! Now we can send an ambulance before you even call!" etc.
I'm far from being a tech Luddite but if this stuff continues to go the way its going without any public discussion and oversight and strict concomitant regulation then we humans will effectively lose all of our autonomy—we'll cease to be humans and become automatons who are scared of our own shadows.
Essentially, this tech has the potential to relegate the traditional authoritarian police state, the Stasi et al back into the kindergarten class—we won't know what's struck us if or when this happens.
There are evil techie shits in this world who dream up evil stuff like this, we normal techies need to rally against them before it's too late.
This is a prime example of why the study of ethics has to become a major and significant part of all science and engineering courses. It won't change human behavior but mandating it into courses will ensure that everyone understands the implications of their research and work.
That's to say that in future no techie would ever be able to use the Nuremberg Defense after they've caused the shit to hit the fan.
If you want a change, work on and fix the political system. Get laws passed that will prevent this, and get oversight put in place that would prevent the under-the-table surveillance that seems to be more and more previlant.
Especially when sinister mass surveillance approaches tend to be big, dumb, and not caring about accuracy because it is incidental to their goals. We have been screaming at them about how fighting cryptography only hurts yourself and that their use of facial recognition at scale is illiterate but they don't care.
I used to be mildly pro-5G and vocally contra people contra to it, on the grounds that all the objections I've seen were a variation of "I don't understand what non-ionizing radiation is". But I see I didn't think far enough about what's possible with that tech - therefore I failed to apply my usual heuristic ("anything that's technologically possible and economically feasible will be attempted, no matter how immoral it is").
I'll be reevaluating my position on this (for what little it's worth now). Thanks for bringing it up!
At one point the mobile carriers were just planning to just flat-out steal the unlicensed band: https://en.wikipedia.org/wiki/LTE_in_unlicensed_spectrum
I haven't heard any arguments about how 5G is going to come to rural areas, however. I think the backhaul requirements are pretty heavy. So in Manhattan, probably going to work out quite well. In the middle of nowhere? We'll see about that.
Presumably it will come there by being built? Rural is a crap market that only sort of gets serviced, I don't see how anyone can make a good faith argument that rural users should hold out for... I don't even know what. There's political momentum around 5g which means that there's money on the table for a rural 5g rollout. Why would any industry player waste their time laying cable in the countryside more than they have to? 5g in cities is promising not for the reasons you mentioned but simply because it's a work around for local monopoly laws.
Alot of this kind of technology is implemented without your consent, take facial recognition in airports. You have to go through the process with no easy alternative.
The comment 'if you have nothing to hide, then you have nothing to worry about' is so old and such a weak argument. People have fought for years to defend the freedoms of people and it is being thrown away and disregarded by corporations and governments.
And along the way, we were always saying “ooh, this will be used against us someday”. Well of course all this will be built and “used against us”. How you gonna stop progress?
We've been playing this game since decades and the pace has been accelerating (and keeps on doing so). There is no way to stop this because the state always plays the long game, and the odds are rigged against us.
 Jacques Ellul "The Technological Society" (pdf) https://archive.org/details/JacquesEllulTheTechnologicalSoci...
 James C. Scott "The Art of Not being Governed" (pdf) https://libcom.org/files/Art.pdf
 James C. Scott "Seeing Like a State" https://yalebooks.yale.edu/book/9780300078152/seeing-state / pdf: https://libcom.org/files/Seeing%20Like%20a%20State%20-%20Jam...
For example, states like to make their subjects “legible” to the state in specific ways, so deliberately becoming illegible is a defense mechanism.
Personally, I have been enjoying that the facial mask has surely been making facial recognition more challenging, though of course this is short-lived.
And rational, smart employees can still be gamed with the simplest of tricks, e.g. "What the Thinker thinks, the Prover will prove." -- Robert Anton Wilson https://www.seriouswonder.com/raw-what-the-thinker-thinks-th...
There's no talent shortage for 5G.
I see no talent shortage for special forces that go in foreign countries to maim and kill all in the name of freedom and democracy.
while the reality is that if it is difficult (and expensive) to deliver internet to rural areas using 3G/4G, it will be more so with 5G with its higher frequencies...
I am somewhat concerned that even that overview paper lists law enforcement as potential future customers. The target audience is clearly well-defined.
I'm not contesting that these technologies and services aren't also going to be used for dubious purposes but the idea that they have no social value is a meme for privileged people who earn enough to be dismissive of the potential savings.
Nothing about predicting an emergency is incompatible with privacy. It could be done by your own device under your own control without disclosing the data to any third party. The only necessary third party communication would be the call for help, which itself would only happen in an emergency and not under normal conditions.
But that isn't how these things are implemented. Instead they typically upload your sensitive personal information to a corporation, which not only has no benefit to you, it commonly gets used against you as they use it to influence your behavior in ways that increase their profits (i.e. increase your costs).
Having a high resolution radio thing which is completely under your control can be an interesting feature. Having a high resolution radio thing which is in your living space but under someone else's control is an outrageous privacy violation that most people would strongly object to if they understood the implications. Which makes it little surprise that the purveyors prefer that people not understand the implications.
Plus, why would you need omnipresent biometric surveillance to do what localized monitoring could do just fine? By all means, use local mm wave radar if that's useful, but why impose large area biometric surveillance onto hundreds of millions of people without transparent opportunities for consensus?
A statement that requires qualification to be meaningful. Medicare, Medicare HMOs, and Medicare/Medicaid dual coverage add up to giving elders better healthcare coverage than any other demographic in the US.
A few years ago, I worked for a small startup looking to use wearable devices to detect early changes in gait as a means to effectively deliver early intervention techniques. The science around the topic is solid - there is good research backing which parameters of gait are most predictive and what therapies are most effective for any given scenario.
The problem we always encountered was compliance. Customers (senior living facilities, insurance agencies, etc) want to know that the devices are being used. Seniors are notoriously slow to adopt tech, and adding another device to daily life is the last thing most seniors that we spoke to wanted to deal with.
We got to interview with YC for this idea but were rejected. Skimming the companies from that batch I later found
They use back-skatter technologies to provide a compliance-free fall monitoring system. After spending two years in the problem space, I knew a superior solution when I saw it.
Give them an apple watch, it'll do a better job as an emergency device, without compromising everyone's privacy, and at a fraction of the cost.
Anyway. The main character had an easy way of breaking it: toss some gravel in one of your shoes. It'll disrupt your natural walking pattern in a randomized way without you having to even think about it.
The AI identifies anyone who has an abnormal gait (e.g. due to a handicap or physical deformity) as likely attempting to evade the system and therefore flags them as a bad credit risk.
(he makes most of his books available for free download)
Very possible today; it can be accomplished by using the accelerometer almost everyone has in his/hers cellphone. No camera needed, and who wouldn't give apps the permissions to access the accelerometer?
Of course if you're the only one with gravel maybe that would stand out. Which is why we need to get everyone on the same gravel-based onion network :P
Western developers who work for such surveillance tech (and that includes "mere advertisers" like Google and Facebook) should really go get an honest taste of life as an ordinary citizen in authoritarian countries like China or the rich Middle East.
Did you use the bus a lot when they only took cash? Hope you carry small change because the driver won't take a 20. Hope you like waiting whilst someone counts out coins. Hope you enjoy watching an argument when someone is 10pence short of fare etc etc etc.
Contactless payments are in general significantly easier and quicker. I reckon the time for 10 people to get on a bus now is less than half what it used to be on average.
I include myself in this, I signed up for my auto-renewing subway pass as soon as I could. I worry about this culture of acceptance of convenience over privacy, and I don't feel there is much I can do to stop it even in my own life. All of my friends have Venmo for example; am I going to be the one person they can't easily split bills with? and look like a tin-hatter all the while?
They don't really need your name to reasonably prevent fraud / reuse, they don't even check your name/id. GDPR says you shouldn't collect PII without good cause, yet noone cares to do anything about it.
Or ask for government to allow and prohibit such systems. But then you will have to give government the key. You will have to trust one entity.
People create things like cars. But they trust society to regulate those instruments. Don't blame the creator.
Most payments require at least two factors, e.g. you must be in possession of a card AND know the PIN. Or you must be in possession of a phone AND have it unlocked with your passcode or FaceID, etc.
It works well but it’s not perfect.
Biometrics like unique vein patterns give you two factors in one. You must be physically present and alive, otherwise your veins would have no blood flowing and there was nothing to capture and secondly your vein pattern must match the “fingerprint” which is you. That’s much stronger authentication than many other schemes and if it was linked to some sort of payment method and potential even identity service then you could not only pay with your biometric but you could also pay for age restricted goods such as alcohol since it would be physically impossible for someone else to use your hand to buy stuff.
It’s possible for a kid to use your card and pin or phone and passcode though. So there’s the case for biometrics in the future.
Also something like a vein driven biometric would also solve the problem of proving that the person was physically at the point of sale and could hugely reduce disputes and fraud.
There’s loads of value in these new biometrics if they turn out to work well.
A couple of more general objections:
First, you're assuming that biometrics can't be faked. This is not a safe assumption to make -- most biometrics can be faked: DNA, fingerprints, even facial recognition. It is entirely possible that gait recognition and vein patterns also fall into that category.
In a world where biometrics can be faked, they are strictly worse security than a near-range NFC device, because your biometrics get broadcast all over the place all the time, you can't turn them off, and you can't easily change them if they get compromised. Think about why social security numbers are so bad for security. That same reasoning is why stuff like fingerprints are not a good authentication method except as a (very limited) second-factor.
Second, security is only as good as its weakest link. Even if biometric authentication was more secure than an NFC chip, it doesn't matter, because you can't get rid of the NFC chips. Biometric authentication like gait analysis fails for people in wheelchairs, it fails for people wearing dresses, and it fails for anyone who stubs their toe or gets new shoes with different support. Regular people will need to regularly fall back on another authentication method, which is probably still going to be NFC.
Biometric authentication works well when it's provided as an authentication shortcut. The real authentication on my phone is the password, but because I'm not too worried about my phone security, I let myself bypass that password with a (less secure) fingerprint reader.
nice, this will finally solve that extremely awkward present-but-dead user flow.
The latter just gives you as a consumer more fraud protection, something which can’t be stolen or forgotten and something which is more convenient. For example you can go to the beach without your wallet. I personally think there is a future in here which is a win for both parties.
Let's hope that is the future they're after.
Most people I know now access their phone with fingerprint and can transfer fairly significant amounts of money from a banking app on that phone by doing a second authorisation with the same fingerprint.
I'm honestly surprised that I've yet to read an account of this attack vector being exploited, but it doesn't seem safe to me.
No, password is 1 factor. An input device <> YOUR input device which you had to specifically configure/authorise to enable for NFC based payments or banking on your app. You cannot log in with your FaceID on any iphone which has your bank’s app installed and then do payments. You must have the app on your device and initially authenticate with much stronger credentials before your phone is then permitted to use FaceID subsequently. This is only allowed on the premise/assumption that you would have never done it on a stranger’s device and therefore your personal device or to say the possession of it is seen as an additional factor after initial setup.
Remember, biometrics are not supposed to be a replacement for passwords, they are supposed to be an extra auth factor.
And terrible consequences if it is used badly, AND IT WILL BE USED BADLY.
Basically is the barcode tatoo of the Nazis. Something that serves to identify you when they want(on the street, bus station, even using telescopes or 500 Megapixel aerial cameras) without you giving your consent, all the time, but automated with computers.
I have actually worked on systems like that, IKEA for example tracks their customers with cameras, and it is extremely creepy.
I am from Spain and I was drinking moderate alcohol since I was 11 years old, like wine and Cider on the table with my parents. not a big deal.
Most of my friends did the same and none of them is alcoholic. On the contrary, we did not need to get drunk in order to feel adult, like all the UK, french, American and german kids(18-22 years old) drinking and fucking in Magalluz like there is no tomorrow because they were repressed all their lives.
Your comment portray two main ideas:
1.This is good because "Think of the children".
2.All the problems are technical.
Idea number 1 is consequence of a puritan idea of the world, that is debatable.
Idea number 2 is the CSI idea, totally wrong. Having worked in security, most security problems are not hackers cracking codes from their computers, but social engineering.
Things that happened to us: The boss of a company telling us to improve the security of the company, then this boss using sticky notes with the passwords. Someone telling his-her lover. Prostitutes being hired as spys. Bad people disguised in order to access the system. People on payroll coming from bad guys giving access.
In the real world, most problems are not technical. If a kid wants access pornography or alcohol, he will find a way. Like drugs, if demand exist, supply will appear.
The For Convenience part is essential: FaceID is a liability to security. It improves usability of the security, which means people will actually use it, but it does not improve the security itself.
It does mean that you can use a longer passcode (encryption key) because you only need to enter it on reboot and after enough negatives. (You can also squeeze both top buttons to disable FaceID)
Don't. Any corporation is an unaccountable leadership change away from a total 180 on privacy, and they absolutely will do it if they start to miss their growth targets consistently.
Right now they are trustworthy, and I'm happy to hand them my money and use FaceID.
Though I'm an optimist in general; I do expect morality of Apple as a corporation. They have shortcomings there, particularly around iCloud backups and China.
I wouldn't say I'm naive, I research this stuff a lot, and Apple in particular is a different breed than the likes of Microsoft. Microsoft being a distinctly amoral corporation like a lot of others, as evidenced by not being able to do an offline install of Windows 10 after you've taught it your wifi password (you have to turn off your router or take the computer out of range). Amazon is an example of an even more fucked up corporate organism.
Capitalism has morphed into something awful after we stopped expecting morality. I think your pessimism is useless, and serves as an indulgence.
> I think your pessimism is useless, and serves as an indulgence.
Nah, it's a defense mechanism, and a simplification of my life. One less thing to worry about. I got enough things to worry about, so this actually saves me mental load and reduces the number of dependencies in life.
They are publicly traded companies and if the value in the data can be legally leveraged, it will be done at some point. The same happened with Google. I think you are just influenced by their marketing, which is admittedly pretty good.
I think expectations towards any morality are shaped by experience. But in any case, why should I make myself dependent on Apples morality? Personally I wouldn't do that for convenience. FaceID just doesn't solve any problems I have.
To be clear, Apple does not give itself access to the biometric data. I'm not trusting them with it, I'm trusting them not to take it.
And yes, there exist companies that don't try to eke out every bit of information possible about you. Google was doomed from the start because of their business model. Microsoft can start respecting users any time, they're choosing not to. It's good business to, I don't give a damn what the stock market says today.
For consumers, not so much. (consumers are already protected from fraudulent charges, and decreases in fraud will not pay off monetarily for them).
Vein biometrics aren’t any more “two” things than most other biometrics.
Also, on the net I'm free to use my card, no squiggle required. I do have to provide PII beyond what's on the card, but nothing that is really secret to anyone but me.
also, ever notice those new stair gates with the large screen ads on elevated MTA stops lately? wonder what kind of sensors are running in there.
It's not just that ticket scanning solves the problem at low scale, it solves it permanently. At the point where the number of passengers on a train/subway scale to the point where it's infeasible to ask each of them to scan a card, it's also scaled to the point where you need to build new trains and more terminals -- at which point scanning paper cards becomes feasible again.
I'm wracking my brain trying to come up with a scenario where tickets don't work better than gait recognition, and I can't come up with one.
It's not that tickets are enough, it's that they're better.
When the profit to be made is from ubiquitous surveillance, and doing it for public transport ticketing is just a convenient justification.
>It's not that tickets are enough, it's that they're better.
Especially if you want any sort of anonymity/privacy in public...
"How many Amazonian trees are cut for yearly need of tickets in London?"
The power draw from a camera is probably always going to be higher than the power draw from a short-range NFC reader. And the NFC reader is also probably always going to be less delicate and last longer, which is good because the environmental downsides of throwing away paper are negligible compared to the downsides of sticking electronic components in a landfill.
The way you prevent hoppers is you add a full gate that only turns once a person is authenticated. And then separately you authenticate at the gate using a sensible system like an NFC chip or swiped card.
Now, maybe the plan is to get rid of all of the gates then automatically bill hoppers later, so it won't matter if they board without a ticket. Let's ignore the fact that this would require a city-wide database of biometric data for everyone using the subway. Even assuming a city can pull that off, you really don't want to be using an authentication mechanism that can be circumvented by a burqa/hoodie/mask and a dress/crutches/pebble. So gait analysis isn't even particularly good for after-the-fact identification of hoppers.
Only slightly sarcastically: you’ve got it backwards here. If tickets are better then biometrics that’s why biometrics will win.
I would prefer not to replace "something you have and something you are" with just "something you are", I consider that a regression.
As an anon on Twitter likes to put it, it's inconvenient to rotate your face after a data breach.
Sprain an ankle? Walk on it, because you can't use the subway. Tear some ligament in your knee? No bus for you. Pull a muscle in your lower back? Sorry, Quasimodo, you're out of luck. Sciatica? Stop trying to steal services, you fraud!
At the least, these systems have to be backed by some other system that would need to be kept in place. So maybe just use that for everyone.
Of course gait recognition/biometrics isn’t going to replace ubiquitous NFC payments for transit, just as windows isn’t ever going to tailor its help messages depending on how hard you are gripping the mouse.
But sure, invest a bit of time into it, you never know. I believe the term is throw enough shit against a wall and see what sticks?
Good luck using gait recognition on crowds of thousands of people per hour, many being partially occluded, in a reliable manner. I can't see it comparing to RFID cards anytime soon. Best I can tell, current state of the art is still limited to a single individual, in the centre of the frame, in a perfect profile shot.
This comes off as a puff piece devoid of any critical thinking.
Deploy countermeasures: administer the silly walk!
Well, yeah. What would gait privacy even mean? That the law would prohibit you from using your eyes to notice that someone is walking a particular way? That's absurd.
1) This will develop to the point that someone sues over this, but gets smacked down because it's based on publicly accessible information.
2) It underscores that current jurisprudence is out of line with our intuitions about what constitutes norm-violating invasions of privacy.
3) Yes, it would be absurd to expect others to shield themselves from noticing your gait. But the problem is, like with all the other things we don't have an expectation of privacy in, it feels a lot more invasive when it's collected by a machine and aggregated in the large and correlated with every other data point about you. Jurisprudence, in America, doesn't seem to have a language for capturing that and so doesn't recognize it.
(Heartbeats, for that matter, are something humans don't directly observe by default in normal everyday encounters.)
In the U.S. Other countries, however, have decided that private individuals should not be subjected to having their face stored in a permanent record without their consent. Thus the photographer is required to take the extra step of anonymizing the photo (e.g. by blurring faces) before publishing.
So a scenario where if someone is sick, everyone who was near them in the last 3-4 days could be notified. Or this traceback could also find the person who infected them and where they did it. Just to make it more accurate, the phones could also be able to scan (e.g. with Bluetooth) which devices are nearby, at any time.
It would be technologically awesome, but obviously it's not something I want in the hands of the authorities of today's world.
China uses CCTV instead: https://www.reuters.com/article/us-china-health-surveillance...
not only do I not want it in the hands of authorities, I would want it even less in the hands of citizens who will go into paranoid neighbourhood watch mode. The ring doorbell is already the prelude to this. Ubiquitous surveillance by suburban soccermoms is an even more dystopian scenario than the Chinese Communist party
... I think you mean, "We're moving toward a world in which you can be identified by machines if you go out in public." (My friends can identify me pretty easily out there.)
We are choosing to move toward that world. We could choose something else. And just because other people are choosing it, doesn't mean you or I have to.
Personally I have gotten weary of every single company/organization I deal with collecting more information about me than they need to meet my needs... to such an extent that I now have started looking for opportunities to deny them that information (including simply avoiding them).
Imagine a sci-fi world where anyone can view anywhere in the past at any time and any depth. It would be disconcerting but it would put people on equal footings and prevent many forms of deception and abuse as well as making criminal trials binary but fair. Corruption would be harder to get away with when every backroom meeting could be audited and verified by everyone. It would force some very uncomfortable questions about social norms and laws as a society in withdrawl from expected hypocrisy.
Compare that to one with it just in the hands of authorities to abuse.
Obviously not the same but the analogy should be clear how even if both are disliked they are quite different and one is worse.
There needs to be boundaries for companies pursuing profit with immoral activities.
Though my main train of thought would be - if you sprain an ankle, hand, get a new larger phone etc - this would just compound your bad experiences in life. Though they do say trouble comes in threes, it's not something we should be enforcing by creating issues that would compound such common `edge cases`.