dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
506

antdude
Matrix Ant
Premium Member
join:2001-03-25
US

4 recommendations

antdude

Premium Member

Electronic DNA Could be the Secure Login of the Future

»www.theguardian.com/tech ··· e-future from »www.hardocp.com/news/201 ··· _future/ ...

"How your electronic DNA could be the secure login of the future -- Unique habits can be used to prove users' identity – but may also reveal if they are drunk, or have had sex, researchers say..."

I don't like it.

ashrc4
Premium Member
join:2009-02-06
australia

1 edit

ashrc4

Premium Member

from linked article »oxford-biochron.com/what ··· s-e-dna/
quote:
"Front end analytics show real human interaction with a site and all its components, not just the normal view of “here’s where your visitors came from.” What a site is really worth is about to be handed an new calculator – and questions about what you’re paying for with Google or Facebook won’t be a question ever again.
This may help shift the emphasis from getting customers interests through ads and generating revenue to specific site navigation methods based on active user input/mood/desires to generate potential product interest. The website selling the data to advertising...amazon etc will like it.

The whole article is huge. A lot is going to happen from this. From banking add-on to help verify you to your account to security indentification of attackers and their ability to scan IP usage for trouble makers and then boot you off when your fingerprint comes up on a block list.

Blackbird
Built for Speed
Premium Member
join:2005-01-14
Fort Wayne, IN

4 recommendations

Blackbird to antdude

Premium Member

to antdude
Some quotes from their FAQ:
quote:
... Our solutions monitor behavior alone because that is unique enough to identify a specific user. And once that user is identified, the website they’re using engages with them as usual. ... When we establish a user’s e-DNA, we store that as an anonymous data set – something like “User XYZ”. When a client installs our service to develop their users’ e-DNA, we may find that their “User123” matches our “UserXYZ.” When that happens, they are immediately recognized.
...
We embed a small java script in your website or online ad. Once installed, the site or ad relays user behavior directly to our servers. ... there is no perceptible delay to the user. All calculations are usually performed in less than 750 milliseconds while the user is engaging with your site. They wouldn’t even know it’s happening if we didn’t tell them. ... All Oxford Biochronometric software functions and e-DNA assignments occur within OBC servers. The content you access (website, ad, etc) will have the code running and sending the behavior to our server. That means there is no app or software to download...
Hmm. Specific-user identification... functional transparency to the user... cookie-less tracking of a user... data kept up on the 3rd-party server... script-based tracking that can even be placed in ads... what could possibly go wrong from a user-privacy standpoint?

Chubbzie
join:2014-02-11
Greenville, NC
Hitron CDA3
(Software) OpenBSD + pf

Chubbzie to antdude

Member

to antdude
Building upon the human component & mechanics... looks like a pile of swiss cheese to me. Regardless of what is said in the article(s) I would think your e-DNA could be easily subverted. How does it handle those with mental illness for example dissociative identity disorder? If I get a big 'ol smack to the noggin and have amnesia would my e-DNA identity be lost?

I was hoping this actually meant each individual's true DNA being stamped on all traffic and auth requests... lol.
HELLFIRE
MVM
join:2009-11-25

2 recommendations

HELLFIRE to antdude

MVM

to antdude
...funny how the article jumps from a form of electronic identity to "ways and means to target advertising to you."
Shut this down NOW and shut it down FAST!

Regards
dave
Premium Member
join:2000-05-04
not in ohio

2 recommendations

dave

Premium Member

What's wrong with you? Don't you know the entire point of your existence is so you can be advertised at?
19579823 (banned)
An Awesome Dude
join:2003-08-04

19579823 (banned) to antdude

Member

to antdude

quote:
I don't like it.
I dont either........ JUST DONT DO IT IS ALL....... If it need be get offline
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to dave

MVM

to dave

Re: Electronic DNA Could be the Secure Login of the Future

...and half my existence is ensuring said advertisements never make it to any of my 5 major senses
Don't ask about the other half...



Regards
Davek
join:2014-07-17

4 edits

Davek to antdude

Member

to antdude
They are claiming they know who is at the keyboard just by the client's page being loaded and the user perhaps scrolling the page, perhaps not, then clicking log in? Seems more than moving the mouse and clicking could provide. They must have a log in routine you have to go through. Anyone find any details on that? I don't see where it's explained or demonstrated on their site.

A little "Click this button and we'll tell you who you are" on their webpage would be a nice proof of concept that seems to be lacking.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran to antdude

Premium Member

to antdude
quote:
Once a user’s e-DNA is established, no matter what device they use, password they enter, or site they visit, if the content their visiting has our software installed, we can verify exactly who the person is.
I'm not really sure how this is accomplished without rummaging through local files on the device, and even then, I'm skeptical.

For example, I've never visited DSLR on my mobile, and if I did I probably wouldn't log in. Imagine DSLR has this eDNA script installed. How are they to link desktop-sivran with mobile-sivran? Because I visit Security? This global identification claim sounds dubious at best.
Davek
join:2014-07-17

Davek

Member

That's why I wonder if they are using some sort of log in routine that is complex and behavioral in nature. Imprinting a device only gets you the device, no better than a cookie. To get the user they need something unique. Loading a page and clicking "log in" hardly seems enough. Moreover, they seem to imply device and place is irrelevant. I could go to another state, open some other person's laptop, go to DSLR, click "log in", and DSLR would know it's me?

So what the heck are they doing?

Blackbird
Built for Speed
Premium Member
join:2005-01-14
Fort Wayne, IN

Blackbird

Premium Member

said by Davek:

... So what the heck are they doing?

Possibly exaggerating their effectiveness comes to mind...

ashrc4
Premium Member
join:2009-02-06
australia

ashrc4

Premium Member

said by Blackbird:

said by Davek:

... So what the heck are they doing?

Possibly exaggerating their effectiveness comes to mind...

Countless others are going to very successful at establishing a real-time awareness of the user, within a 5 year timeframe.

mmainprize
join:2001-12-06
Houghton Lake, MI

mmainprize to antdude

Member

to antdude
I am not sure i am cool with this tech.

But i could see how each person has habits and if the OS is watching many of them, over time it can be easy to tell if it is really you operating the PC. If it thinks it is not you it must test you to verify.

rfhar
The World Sport, Played In Every Country
Premium Member
join:2001-03-26
Buicktown,Mi

rfhar to antdude

Premium Member

to antdude
If they are using JavaScript to do this someone will figure a way to get your e-dna for his own benefit and maybe empty your bank account.

ashrc4
Premium Member
join:2009-02-06
australia

ashrc4

Premium Member

Realtime task verification... Just point to a url and complete task used as a 2nd factor authenticater.