Identity is so crucially important to our society that it's surprising we haven't come up with a better way to handle it. Current systems are awkward while existing technology could offer a dramatic increase in security and cleanliness.
Let's start with computers. Each person has usernames and passwords -- sometimes dozens of each. Usernames must be unique to the user. Passwords must be gibberish according to whatever standards the website chooses to require (mix of capital and lowercase letters, must have numbers, must/must not have special characters). Security is decreased if the same passwords are used on multiple websites, and some mandate that passwords be changed periodically.
Some websites (Facebook, for example) conveniently allow you to use your email address as a username in order to decrease by one the number of strings you need to remember. The browser can do some of the work as well by remembering information. But these just mitigate a few problems in a system which fits our needs in the most basic way possible.
Because passwords can so easily be forgotten the system necessarily includes a way for people to prove their identities through "security questions" and social security numbers. Unfortunately those questions rely on information which isn't really a secret -- with a little knowledge about someone even their social security number can often be guessed.
Humans are uniquely identified in enough natural ways that we shouldn't need to rely on artificial means such as usernames and passwords. Voice patterns, signature dynamics, fingerprints, and retinal blood flow patterns are all unique identifiers but even a photograph of your face will get very close to unique identification. Some of these can be forged (for example your voice can be recorded) but a combination of several identifiers quickly becomes harder to hack than a text password.
Furthermore, it is increasingly common to see webcams and microphones built right in to monitors, laptops, phones, and tablets. If you're online, odds are that the device you're using has all the hardware it needs to verify your identity. Analysis of a voice is easy enough, as is taking a picture of a face or an eye. Signature dynamics could certainly be captured on a touch screen (and note that smartphones and tablets are a rapidly growing share of the computing market). And fingerprint scanners can already be built into laptops or even USB sticks.
You may be concerned that this essentially amounts to using the same login information everywhere -- one sketchy website and suddenly your bank accounts are empty. There are several ways around this problem.
One solution is to have a different phrase for each website. Since your voice is the identifier this does not need to be a secret (that is, forgettable) password; to log in to Google you could say "Google." This means that even if your voice is lifted by www.stealmycash.com, they haven't got enough information to log in anywhere else. This only works to a certain extent, though, as with enough samples they can interpolate your entire voice (as was done for the hologram Tupac).
The more secure option is to have verification done by a central authority, something like an OpenID. Rather than logging in with each website individually, you hit the "Log in with Google" button and let Google, which you trust, handle the verification.
Of course there's no way to make it completely foolproof -- identity theft will always exist -- but to me it seems that the entire premise of a login could be significantly more convenient and intuitive without losing security.
Real life presents a similar situation. Just about everything you carry on your person serves the same purpose. Your drivers license, passport, credit cards, bus pass, and even keys have no function other than to explain who you are in a very specialized way. Replacing all of these with visual, auditory, or fingerprint identification is perhaps unrealistic, at least in the foreseeable future. Airports and other large establishments certainly have the resources to implement fingerprint or voice recognition software but mom and pop shops may not have the means to acquire so much new hardware. At the very least, however, we can do some consolidating.
For example, it would be logistically trivial to combine your drivers license and passport into a single card and eliminate the booklet altogether. In fact passport cards already exist, though they are not approved for air travel (this is a bureaucratic problem, not a technological one I'm sure).
Any sort of membership card or pass can easily be added as well, since this passport/license both uniquely identifies you and contains an RFID chip; any door that could be opened with your work ID can be programmed to accept your passport code instead.
RFID credit cards exist as well, though there are concerns over security. But whether or not the RFID technology is linked to financial information, it's increasingly the case that no more than one card is necessary to access your money (and why not combine that into your passport as well?).
Banks already allow you to set up default accounts; my old check card was linked to two checking accounts and a savings account. At the ATM I was able to specify where I wanted a withdrawal to come from and online I set one account to be the default that would be accessed when the card was swiped. A credit line could in principle also have been added to that card, even multiple lines, with no additional problem.
And online settings could even allow conditional default accounts; it would not be complicated to set it up so that making an airline purchase would automatically be charged to your SkyMiles card while groceries would go on your other card which gives better rewards for those.
This could even be done across multiple banks!
These specific options are not available but the technology to implement them is. None of this is more complicated than moving money between accounts, which can already be done online in real time.
As with any credit card/passport/identification, this super-card is not something that you would want stolen. A giant picture on the front of the card can impede fraudulent use. And as long as we're making use of technology we might as well include a GPS chip small enough to fit within the card.
(If this is getting a little too Orwellian for you, keep in mind that you probably already have GPS functionality in your phone.)
Of course the most secure solution would just be to eliminate the card entirely in favor of something which cannot be lost, such as an RFID implant (not so different from what they use in animals). This of course requires RFID readers anywhere you need to use your credit card, though in principle that's no different from a card scanner. The final step would be one past that where you actually use biometric identification everywhere, not just online; the hangup here is that it requires the distribution of a LOT of hardware.
| This blog is no longer being updated. You're looking for Cooking with Charles. |  |
Wednesday, May 30, 2012
Tuesday, May 29, 2012
Sangria
Rather than have two blogs I'm absorbing Cooking with Charles into Thinking with Charles. This blog exists for me to write about whatever. Sometimes I want to write about food, but probably not often enough to maintain an additional space to do so. You'll also notice that old Cooking with Charles posts have been imported here.
One of my goals for this summer is to figure out how to make a good sangria. I perused several recipes online until I found one I liked the look of, though I did not adhere to it particularly closely. Here's the recipe I used, which is a half batch due to the size of my pitcher. To use the whole bottle of wine, double this.
As the recipe recommends, I let the fruit and sugar sit in the rum and triple sec for a few hours before adding the wine. I mad to mush the fruit down a little bit to get it all to be covered. Before serving I poured in the wine and stirred it up. I did not serve it over ice, though all of the ingredients were cold.
When I fished out a piece of pear later in the evening it wasn't particularly boozy so I don't know that letting the fruit sit in the rum had much of an effect. In the future I'll probably just combine all of the ingredients at the same time then let it sit for at least an afternoon, maybe overnight, to really let the flavors blend.
I used the sugar because it appears in most recipes but I don't think it belongs. Most of it did not even dissolve (you can see it at the bottom of the pitcher) but the drink was plenty sweet. It's hard to tell how sweet it would have been had I followed the recipe more closely; I left out the orange juice but did use triple sec which is very sweet.
This drink was good, but I intend to experiment more with sangrias this summer to really get a feel for them. There are a lot of potential ingredients -- fruits, beverages, herbs, and so on -- to try out. At the very least I'd like to have in my repertoire a good recipe for red wine and another for white.
UPDATE: After drinking the first batch (short work with so many helpers) I repeated this with the second half of the bottle. I used the same recipe, minus the sugar, and reused the same fruit. All ingredients were added at once. The mix sat in the fridge for about 24 hours before being tasted. The sangria itself was about the same -- still plenty sweet -- and the pear chunks were very boozy and delicious.
One of my goals for this summer is to figure out how to make a good sangria. I perused several recipes online until I found one I liked the look of, though I did not adhere to it particularly closely. Here's the recipe I used, which is a half batch due to the size of my pitcher. To use the whole bottle of wine, double this.
|
 |
As the recipe recommends, I let the fruit and sugar sit in the rum and triple sec for a few hours before adding the wine. I mad to mush the fruit down a little bit to get it all to be covered. Before serving I poured in the wine and stirred it up. I did not serve it over ice, though all of the ingredients were cold.
When I fished out a piece of pear later in the evening it wasn't particularly boozy so I don't know that letting the fruit sit in the rum had much of an effect. In the future I'll probably just combine all of the ingredients at the same time then let it sit for at least an afternoon, maybe overnight, to really let the flavors blend.
I used the sugar because it appears in most recipes but I don't think it belongs. Most of it did not even dissolve (you can see it at the bottom of the pitcher) but the drink was plenty sweet. It's hard to tell how sweet it would have been had I followed the recipe more closely; I left out the orange juice but did use triple sec which is very sweet.
This drink was good, but I intend to experiment more with sangrias this summer to really get a feel for them. There are a lot of potential ingredients -- fruits, beverages, herbs, and so on -- to try out. At the very least I'd like to have in my repertoire a good recipe for red wine and another for white.
UPDATE: After drinking the first batch (short work with so many helpers) I repeated this with the second half of the bottle. I used the same recipe, minus the sugar, and reused the same fruit. All ingredients were added at once. The mix sat in the fridge for about 24 hours before being tasted. The sangria itself was about the same -- still plenty sweet -- and the pear chunks were very boozy and delicious.
Subscribe to:
Posts (Atom)