Follow-up with ENISA
I have sent another message to ENISA n view of the prospect of persistent cyberattacks from Russia as predicted in the article — “Cyberwarfare looms as Russia shells, invades Ukraine” https://www.theregister.com/2022/02/24/cyberwarfare_russia_ukraine/
…………………………………………………..
When facing a powerful adversary, it would not be wise to weaken the defence from within.
Further to my earlier message, let me today take up the issue of ‘False Sense of Security that is Worse than Lack of Security’ in view of the long-term prospect of persistent cyberattacks from Putin’s Russia in the sphere of identity assurance.
“We wrongly feel safer when we are actually less safe”. That’s a false sense of security. It’s often even worse than lack of security.
Well, you are hopefully with me in that there are two attack surfaces on biometrics -
1. false acceptance of biometrics to abuse (spoofing matters here)
2. weak or reused default password to abuse
because biometrics products are usually deployed with a default password in a two-entrance (in parallel) formation, not in a two-layer formation (in series).
People, who are not aware of this negative security effect of biometrics used with a default password and are trapped in a false sense of security, are often misled to believe that they can be indifferent to the weakness of their default password, largely misguided by the seemingly assuring pseudo-fact that “biometrics is there to help with security”.
Unsuspecting people would then have no incentive to give a thought to the weakness of the default password, which could eventually end up being the weakest and more often reused. The outcome would be a yet more pleasant paradise for adversaries.
You may well be aware that so many reputed tech firms and security people are pouring fuel on this false sense of security. It’s really alarming. ENISA could do something here in order to not let them destroy the defence from within against the attacks by dictators’ agents.
Ref: “Online Vote Precluding Citizens’ Volition and Memory” https://kokumai.medium.com/online-vote-precluding-citizens-volition-and-memory-eadcb06f5151
and “Striking Case of Misperception about Secret Credential” https://kokumai.medium.com/striking-case-of-misperception-about-secret-credential-54bdba0a9d7a
…………………………………………………..
Let’s keep our fingers crossed so that ENISA and its counterparts elsewhere will not hesitate to do the needful.
‘NO’ to Attacks on Democracy from within and without
Visit our corporate website — https://www.mnemonicidentitysolutions.com/
