The future of security: Facebook friends, Google rings, and a computer just for Twitter
Facebook today introduced a feature called "Trusted Contacts," which allows users to designate some of their (Facebook) friends as backups in case their account is compromised. This is meant to add a new level of security to users' accounts, requiring so-called "close friends" to determine whether someone requesting access to our account's information is who they say they are. The bar for friendship used to be whether or not someone would trust another person with their house keys, or children, or health -- now a true friend is someone who controls access to a Facebook account.
Given that friends are always kind, mature people who act with each other's best interests at heart, and would never, ever screw with somebody else's social media accounts for the "lulz," (which I'm told is a popular term on the Internets these days), Trusted Contacts makes perfect sense. Who better to serve as gatekeeper to a compromised account than a friend? Sure, other systems rely on automated, company-to-user communication, but those are far from perfect. It's much better to rely on the goodness' in a human's heart than a cold, uncaring machine.
Jokes aside, the release -- or rebranding, as the functionality has existed in some capacity since 2011 -- of Trusted Contacts is merely the latest example of a company trying to rethink security in an odd, almost-unbelievable way. Here are a few other initiatives that, despite being kinda far-fetched, are real attempts to make security more than a username, password, and your mother's maiden name:
Google wants you to wear a password-bearing ring. The search-slash-"moonshot" company has been experimenting with physical "keys" for some time, and is said to have a working prototype of a password-bearing ring that it hopes people might actually wear. Details about the ring itself are sparse; Google principal engineer Mayank Upadhyay compared the ring and a USB stick with a similar functionality to using a credit card at an ATM in March, but did not explain just how Google's rings would make this possible.
Twitter wanted newsrooms to devote a computer to nothing but the service. Enough of this "People use multiple computers" or "Twitter accounts can be accessed by more than one person" crap. Obviously the only way for Twitter accounts to be kept safe is for each account to be tied to a specific device that isn't used for any other purpose. Ever. Think of it as Twitter's version of Facebook Home, except the service isn't going to make devices any more appealing than a computer that can, you know, do something besides Tweet.
Twitter actually suggested that newsrooms do this after the AP's (and the Guardian's, and the BBC's) Twitter accounts were hacked by the Syrian Electronic Army and used to Tweet a (false) report about explosions at the White House shortly after the Boston Marathon bombings.
Apple (might) build a fingerprint scanner into future versions of the iPhone. One of the most-rumored aspects of the next iPhone -- and, potentially, the first iWatch -- is the addition of a fingerprint scanner. Apple is said to be using technology it purchased alongside AuthenTec for new, more secure payments and multi-user features on the next iPhone.
Instead of relying on the traditional username-password combo, a fingerprint scanner would theoretically allow Apple to identify users by having them press the Home button (or wherever else they might stick such a scanner) and hope that the scanner is able to successfully read the thumbprint 100 percent of the time.
[Image courtesy CPOA]