Seriously though, I like the idea but what happens if someone holds up a photo of a friend or family member who's face automatically unlocks the door? It would be pretty easy to get a suitable image from a Facebook profile, for example.
In fairness, technology that can reliably tell subtle differences between faces should be adaptable to differentiate between a face and a static image of a face that doesn't even blink never mind change expression (though I suppose you could still fool it with a high res video...). They also mention the option of passcodes as an additional security level. These could still be compromised of course, but so can actual keys.
Personally I'll stick with keys for actually letting people in, but the ability to see who's visiting when I'm out, and leave them automated messages if I'm busy would be neat.
Can't help thinking there's a novelty market for a simple stripped down version that lacks the long range connectivity but simply uses the facial recognition to trigger different cheesy ring tones to identify different friends and family members.
A friend blew my mind with this a while ago when I was trying to track down a commit which broke something. This short guide he wrote gives step by step instructions for using it with your tests: https://gist.github.com/jordelver/5998870
It feels like there aren't as many people doing interesting things and exploring new ideas on the web anymore but maybe I just don't know where to look.
I don't think that saying if someone has access to your computer then you're screwed anyway is really an excuse.
You talk about lulling users into a false sense of security but do you have any idea how many Chrome users assume that their saved passwords can't just be viewed in plain text with a couple of clicks? I had no idea until I read Elliott's article and I immediately turned the feature off and deleted all my saved passwords.
If a technical person with a bit of knowledge and a few minutes has access to your computer then yes, you're a bit screwed.
If the broadband engineer comes round to investigate your connectivity issues and you (sensibly) watch over their shoulder while they fiddle with your browser settings, looking away for 10 seconds shouldn't result in them having ALL your passwords.
It's about ease & simplicity of breaching the "security" for non-technical people as well as techies.
I had never given much thought to the implications of saving my passwords in Chrome so thanks for pointing this out.
Now I'd like to remove my saved passwords but visiting chrome://settings/passwords and removing them one at a time will take forever; can anyone tell me how to remove them in bulk?
Thanks, the UI doesn't make it very clear that you can select rows so I missed that.
I use 1Password religiously but until now I'd been lazily saving passwords in Chrome as well to avoid the hassle of entering my master password. I feel slightly ashamed that I just assumed Chrome stored them "securely" and didn't give it any more thought.
For client projects I'm a big fan of Lighthouse (https://lighthouseapp.com/). It has a great balance of advanced features and ease of use for non-techies.
* Tickets can be created and updated via email
* Using the GitHub service hook, you can tag commit messages so that they appear as comments on a ticket as well as change the state of the ticket (For example: "Refactor widget behaviour [#123 state:resolved]")
* You can setup milestones (with or without a due date) and assign tickets to them
* Bulk editing of tickets
* Markdown in ticket description and comment fields
* You can easily create "buckets" of tickets based on search terms and filters
* Bugsnag and Airbrake can be configured to automatically create tickets for new exceptions in your app
* Probably some other great features that I've forgotten to mention
I was once contracting at a company which developed software for the police and other emergency services. The server rooms all had electronic card readers on the doors so that only people with the right security clearance could get in.
One day there was a power cut which meant that all the card readers stopped working and we couldn't open the server room doors. After ten minutes of scratching our heads and worrying about the UPS batteries running out, someone had the bright idea of dragging a desk next to the door, moving a couple of ceiling tiles and climbing over the partition wall.
The guy didn't get fired but I'm not sure if that particular vulnerability was ever fixed.
Exactly. This is like me, as a back-end developer, writing a blog post explaining why I don't use Squarespace.
What would be useful is if the author offered some more lightweight and semantic alternatives, such as Neat (http://neat.bourbon.io) or Semantic UI (http://semantic-ui.com).