cicada-platform
cicada-platform copied to clipboard
the-laughing-monkey
Deceased users
Sorry to have to ask this, but we need to consider all scenarios.
Let's say a user becomes deceased, and their will is to grant their account balance to their spouse, children, etc. How is that transaction requested and validated?
As a secondary question, if a user is murdered and the offender somehow has access to their password (many people keep a physical or digital list of their passwords), How do we prevent the offender gaining access to their account?
Also, How do we prevent spoofing of biocryptics?
Could someone create a mold of a finger, or a high resolution image of an iris to fool the system? In a scenario where a family member passes, the user could keep the device active and potentially fool the biocryptics allowing them to unfairly gain coins for two accounts.
Might be far-fetched, just trying to think of what could be possible.
Interested to read what everybody has to say for legacy of deceased users, but I share the concern about the safety of biometrics. I don't yet understand much of the distinguishing verification layer of "biocryptics" over regular old biometrics, but increasingly I read security professionals who are disillusioned with biometrics over forms of security like passwords. The major argument in that direction is that once an attacker has the pattern of someone's fingerprint or iris there is little recourse. It can't be changed like a stolen password. And this is an increasingly serious danger as technology like photography and 3D printing improves and get cheaper.
On Fri, Aug 4, 2017 at 1:30 PM, Adam Rolfson [email protected] wrote:
Also, How do we prevent spoofing of biocryptics?
Could someone create a mold of a finger, or a high resolution image of an iris to fool the system? In a scenario where a family member passes, the user could keep the device active and potentially fool the biocryptics allowing them to unfairly gain coins for two accounts.
Might be far-fetched, just trying to think of what could be possible.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/the-laughing-monkey/cicada-platform/issues/8#issuecomment-320321734, or mute the thread https://github.com/notifications/unsubscribe-auth/AGogBkMpu56gFCr8PDyLkLP9ckH2jO-bks5sU2NjgaJpZM4OuCg6 .
-- Edgar Bounds | 662.292.0114
You know what uses biometric authentication but you can also change it if it's stolen? Your sassy little password dance: https://stackoverflow.blog/2017/03/30/stack-overflow-unveils-next-steps-computer-security/
Something like this could be a good idea. It's implausible to me that anyone could engineer dancing as bad as mine.
On Fri, Aug 4, 2017 at 5:40 PM, Chris B [email protected] wrote:
You know what uses biometric authentication but you can also change it if it's stolen? Your sassy little password dance: https://stackoverflow.blog/ 2017/03/30/stack-overflow-unveils-next-steps-computer-security/
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/the-laughing-monkey/cicada-platform/issues/8#issuecomment-320368371, or mute the thread https://github.com/notifications/unsubscribe-auth/AGogBvpA78VkX7cwnviZgCoezCFH0Olkks5sU53kgaJpZM4OuCg6 .
-- Edgar Bounds | 662.292.0114
Maybe using biocryptics as the default gatekeeping and enabling change to simpler passphrase (eg. left at will) use after group vote approval... Other problems would start, but it would make most problems solvable and could be used to ensure 'new biocryptic hash' is available after surgery or any stuff.
The group to vote would have to be:
- close and/or pre-approved to this individual
- maybe mixed with a common group for these tasks (ideally local, per district) too.
Some minimum number to ensure difficulty to pass attacks or large-group corruption to eg. seize property should be computed per group size and functionality.
This kind of abnormal use of gatekeeping could trigger some auto broadcast warning for each interested user of group.
For basic income, not used coins should disappear after some time of not being used..
