Bitcoin Forum
October 21, 2017, 11:28:12 PM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: HumanIQ has a technically flawed design?  (Read 671 times)
iamnotback
Sr. Member
****
Offline Offline

Activity: 336



View Profile
February 27, 2017, 08:47:00 PM
 #1

Please check my analysis. Did I misunderstand something in their design or in my quick research below?

Re: ☑ [ANN] ☰  [ ICO 06|04|2017 ] ☰ Humaniq — Discover the unbanked

Regarding the upthread post wherein I alleged that Ethereum can't scale (and tangentially I also alleged smart contracts on a Turing-complete blockchain are another DAO attack waiting to happen), I was asked to provide some more details.

(Additionally I have recently explained that the 10s (coming to 100s?) of ICOs being launched every year now because of this Ethereum smart contract nonsense which enables rapid prototyping of 1000s of hair-brained ideas that will probably never achieve any serious adoption, because again Ethereum can't scale and another smart contract attack means all smart contracts become untrustable, means we likely have a coming ICO graveyard where our ecosystem has died. Thanks to greedy developers who want to cash out after making a fancy presentation and thus don't develop first and launch without an ICO and really don't have much incentive to develop anything at all after they raise $millions to party with, especially young guys who have a lot of energy for conferences, dinners, parties, fancy hotels, etc.. What happened to my generation of startups where we developed them from our bedroom while living at our parents' hose.

The low marginal cost of preparing the snazzy website, whitepaper and perhaps even a barely functional smart contract demo is minimal, perhaps < $5000 or even less. Yet these ICOs can easily raise 100s or 1000s of BTC. So the supply of ICOs rises to meet the demand from gullible speculators who all "want to buy earlier than each other" so they all end up buying ICOs, thus none of them buy earlier than each other and the ICO developers walk away with the Bitcoins and the speculators will be left penniless in the coming ICO oversupply graveyard because all the demand will have been transferred to ICO developers who don't buy in the aftermarket.)



NEW PROBLEM!

There is also an inconsistency in the HumanIQ design as expressed on pages 6 and 19-22 in the white paper and the wallet features section of the website.

Firstly, you claim that users will only need to use their face and voice and do not need to deal with passwords. But then you tie the user to one device and also to signing keys stored on their mobile device. So if that mobile device is lost, stolen, or accessed even momentarily by a hacker (even if they just extract the keys and device ID perhaps even remotely and don't perform the attack over the user's mobile device), then the attacker only needs to fool the face and video identification system in order to steal the user's funds. They could for example exchange them for Bitcoin and be gone.

Face and video identification systems are theoretically reasonably easy to fool with synthetic methods, and I expect that to be true even against automated challenge-response:

https://engineering.cmu.edu/media/feature/2016/12_01_facial_recognition_eyeglasses.html
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.461.7360&rep=rep1&type=pdf#page=6 (see Figure 9)

Secondly, if user loses his device he has lost his keys. So the only way those keys could be recovered (again meeting your requirement that users don't have to ever mess with keys or store them in a paper wallet) is if some centralized service is storing the keys and can perform a recovery process that identifies the user. But again the attacker can game this recovery process, perhaps unless it is administered by a real human interrogator. And the centralized service becomes a huge attack surface for a hacker to steal all the users' keys (Bitcoin exchange failures show it is a serious risk). And of course as you admit on page 20 of your whitepaper, then it means the biometric identification is not decentralized on the blockchain, but a centralized service. Centralized blockchain concepts will never scale out. The world won't trust a system that depends on one centralized service. Sorry.

HumanIQ is ostensibly obviously lacking the skills of a qualified, experienced CTO on its team. Afaics, the HumanIQ design is irreparably/insolubly flawed and has apparently not been properly vetted by an appropriately skilled technical person.

Note it is possible to utilize face and voice biometrics stored on a blockchain to prove that the users are all unique within the false positive tolerance of multimodal biometric identification, e.g. perhaps to within a few percent false positive rate for synthetic attacks (at current state-of-the-art) and even better if supplemented with real human interrogation (which would be retroactively objectively verifiable from the blockchain data in the future as the state-of-the-art advances). But for automated logins and identification of users ongoing usage of the system, the false positive rate is currently too high because it would be the theft rate. I suppose you were looking at service providers such as the following and just assumed the EER rates were acceptable without reading the research:

https://www.onefacein.com/faq.html
http://www.voicetrust.com/solutions/voice-login/
https://playground.bioid.com/BioIDWebService/LiveDetection
https://www.keylemon.com/oasis
https://www.quora.com/What-are-the-best-face-detection-APIs/answer/Ben-Virdee-Chapman

So I also do not understand why the white paper implies we can't store a (hash of a) video on a blockchain. Surely we can.

Please do point out any misunderstanding or mistake I have made in my analysis.



Note that although via deep learning of deep neural nets the state-of-the-art research on face recognition accuracy has reached as high as 99% (and do look at how close to indistinguishable the errors were even to a human observer such as yourself) and state-of-the-art research on voice identification has reached as high as ~1% EER (i.e. roughly 1% false positive with a 1% false negative if compared to a 2.33% EER on page 5), these performance figures do not include data sets where the attacker is trying to game the system. So refer to the links I provided above on synthetic attacks to get a better idea of the risk of theft with multimodal biometric face and voice identification. The state-of-the-art is advancing rapidly because a 2014 paper only cited a 7% EER, but the datasets and training criteria are not probably not comparable.

1% or even 0.1% rates of theft would still be unacceptable.
1508628492
Hero Member
*
Offline Offline

Posts: 1508628492

View Profile Personal Message (Offline)

Ignore
1508628492
Reply with quote  #2

1508628492
Report to moderator
1508628492
Hero Member
*
Offline Offline

Posts: 1508628492

View Profile Personal Message (Offline)

Ignore
1508628492
Reply with quote  #2

1508628492
Report to moderator
1508628492
Hero Member
*
Offline Offline

Posts: 1508628492

View Profile Personal Message (Offline)

Ignore
1508628492
Reply with quote  #2

1508628492
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1508628492
Hero Member
*
Offline Offline

Posts: 1508628492

View Profile Personal Message (Offline)

Ignore
1508628492
Reply with quote  #2

1508628492
Report to moderator
1508628492
Hero Member
*
Offline Offline

Posts: 1508628492

View Profile Personal Message (Offline)

Ignore
1508628492
Reply with quote  #2

1508628492
Report to moderator
AusKipper
Member
**
Offline Offline

Activity: 70


View Profile
February 27, 2017, 09:55:37 PM
 #2

If my understanding of HumanIQ is correct the whole concept is doomed to fail anyway.

I just dont think a de-centralized system is capable of vetting people for loans and i'm nearly positive it isnt any good at prosecuting those who dont repay them.

I wouldn't bother trying to show their technical stuff is no good when the whole idea is no good (IMHO).

I am happy to be proven wrong but for now I think we need those big evil corporations to give out loans because they have the ability to take those that dont repay to courts.

Unless I have what HumanIQ is trying to do completely wrong...

And yes, I will get around to leaving BTC soon i need to stop posting in new threads....


iamnotback
Sr. Member
****
Offline Offline

Activity: 336



View Profile
February 27, 2017, 09:56:42 PM
 #3

I just dont think a de-centralized system is capable of vetting people for loans and i'm nearly positive it isnt any good at prosecuting those who dont repay them.

You are thinking of WeTrust, as HumanIQ has nothing to do with loans.

There are too many ICOs. Nobody can keep track of them in their mind. That is why these ICOs are all going to fail and end up in an ICO oversupply graveyard with no buyers in the aftermarket. We are being saturated with too many ICOs. None of them can get enough mindshare. Our minds are overloaded.
AusKipper
Member
**
Offline Offline

Activity: 70


View Profile
February 27, 2017, 10:13:59 PM
 #4

I just dont think a de-centralized system is capable of vetting people for loans and i'm nearly positive it isnt any good at prosecuting those who dont repay them.

You are thinking of WeTrust, as HumanIQ has nothing to do with loans.

There are too many ICOs. Nobody can keep track of them in their mind. That is why these ICOs are all going to fail and end up in an ICO oversupply graveyard with no buyers in the aftermarket. We are being saturated with too many ICOs. None of them can get enough mindshare. Our minds are overloaded.

No I was definitely thinking of HumanIQ, I was watching a youtube video about it a month or 2 ago thinking the idea cant work.

According to their own website:

https://humaniq.co/

Quote
What is Humaniq?
It’s a new blockchain bank using Ethereum as a core platform for financial services such as loans, credit, remittance payments, and insurance, while using biometrics to replace passports and signatures, and an ICO and distributed ownership instead of shareholders, along with an investment fund for third-party start-up acquisition and acceleration.

Never heard of WeTrust but if thats the idea behind it without even looking at it I think it will fail too.

iamnotback
Sr. Member
****
Offline Offline

Activity: 336



View Profile
February 27, 2017, 10:21:10 PM
 #5

HumanIQ is about getting all the unbanked to use crypto-currency and specifically making it very easy-to-use because of users not having to deal with managing signing keys, not loans.

I point out that their technical design for that is flawed.

They mention loans as a buzzword on the website, but doesn't have anything to do with the design and features in the HumanIQ white paper. Afaics, HumanIQ has no features to do loans.

WeTrust is a smart contract that actually does loan transactions.
AusKipper
Member
**
Offline Offline

Activity: 70


View Profile
February 27, 2017, 10:35:52 PM
 #6

HumanIQ is about getting all the unbanked to use crypto-currency and specifically making it very easy-to-use because of users not having to deal with managing signing keys, not loans.

I point out that their technical design for that is flawed.

They mention loans as a buzzword on the website, but doesn't have anything to do with the design and features in the HumanIQ white paper. Afaics, HumanIQ has no features to do loans.

WeTrust is a smart contract that actually does loan transactions.

Oh ok.

Dash is already released, and supposed to be simple to use. I know it has its many flaws but I still think this (HumanIQ and WeTrust) is going to fail on non-technical grounds.

If they (HumanIQ) want to bring banking to the masses they should work on developing the interface for an existing high market cap coin (top 50 at least) instead of making a whole new one. They could beg the community of that coin to fund it as the holders of that coin would benifit.

Also, if a mod happens to read this can you get rid of my 360 seconds between posts things, its driving me right up the wall and I promise i'm not going to spam advertising!!

iamnotback
Sr. Member
****
Offline Offline

Activity: 336



View Profile
February 27, 2017, 10:47:38 PM
 #7

Also, if a mod happens to read this can you get rid of my 360 seconds between posts things, its driving me right up the wall and I promise i'm not going to spam advertising!!

The delay will decrease gradually as you continue posting. Once you are not a Newbie, it drops considerably.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!