I thought I'd look at the actual company after hearing about this. I'm just not a silicon valley person. Here's their how it works page - https://worldcoin.org/how-it-works .
It includes a projection graph that has a scale in 500m user increments and 2 years. Then you have the real data: over 6 months they've signed up 120k users. Or to put it another way - their real data doesn't even appear on the scale that their projections are displayed. They've basically extrpolated from 0 to 1.5bn. Oh and the graph lists sign ups per orb as if manufacturing the orbs is the limiting factor for signing people up to your shitcoin.
It also claims they're going to give out thousands of these orbs. But these orbs are the trusted hardware devices for generating unique hashes from biometric data. So if 1 of these thousands of devices falls into the hands of a hacker who can crack the hashing algo they're done. Not only will they have no guarantee that the users are unique, and probably they've also leaked huge amounts of biometric data. They actually mention this on their how it works page - don't worry guys, they'll make it hard to spoof! Honestly. It'll be tamper proof!
I kind of understand how you could try and argue that these devices are ok if you're going to have a small number of them extremely securely protected, but the plan is literally to manufacture 4,000 of these per month and hand them out to random people. Honestly, it's like they've just never had a conversation with someone who thinks critically about anything.
I don't think that's the rub. The issue is that with a hash and the algorithm, you can reproduce the hash. I think opponents to this are advising against having the retinal hashes in the first place, to eliminate their abuse in the future.
You don't need to invert it, if the hash is used to issue a token on a centralized system you can ping the centralized system. At minimum you can establish whether someone has an existing account, and at maximum you could identify that account.
To protect the device getting cracked, couldn't you just have it send a message if/when the device is opened in a way it shouldn't (e.g. for inspection) and thus make that key invalid?
Sure and maybe that slows people down a bit, but the second device they get their hands on they’ll be smarter. This isn’t a new issue, look at video games, look at blu ray and hd dvd, security against a sophisticated attacker with physical access is almost impossible. It’s rare for video games to last 1 week before being cracked, and that’s not even for something important.
It includes a projection graph that has a scale in 500m user increments and 2 years. Then you have the real data: over 6 months they've signed up 120k users. Or to put it another way - their real data doesn't even appear on the scale that their projections are displayed. They've basically extrpolated from 0 to 1.5bn. Oh and the graph lists sign ups per orb as if manufacturing the orbs is the limiting factor for signing people up to your shitcoin.
It also claims they're going to give out thousands of these orbs. But these orbs are the trusted hardware devices for generating unique hashes from biometric data. So if 1 of these thousands of devices falls into the hands of a hacker who can crack the hashing algo they're done. Not only will they have no guarantee that the users are unique, and probably they've also leaked huge amounts of biometric data. They actually mention this on their how it works page - don't worry guys, they'll make it hard to spoof! Honestly. It'll be tamper proof!
I kind of understand how you could try and argue that these devices are ok if you're going to have a small number of them extremely securely protected, but the plan is literally to manufacture 4,000 of these per month and hand them out to random people. Honestly, it's like they've just never had a conversation with someone who thinks critically about anything.