Pandora Protocol

I’ll be honest. I’m not entirely sure how to write about this. But I know that I must. Modern forensic identification techniques have come a long way from the antiquated methods of the past. No longer do we simply rely on witness testimony to ascertain the truth about a happening. From fingerprint to ballistic analysis, DNA to blood spatter evidence, modern forensic science is quite truly a masterpiece. But there is a storm coming.

It is a well known fact that witness testimony is notoriously unreliable. And not just because some witnesses choose to be less than honest. Human memory and attention itself carries much of the blame when it comes to understanding the inconsistencies between competing versions of events from multiple witnesses. Forensic evidence is believed to be much more reliable. And for the most part, it absolutely is. DNA evidence matching for example, has led to the freeing of many, once falsely accused of a crime they did not commit. It has also led to the capture of those that we once could not touch.

But our trust in the veracity of forensic evidence may in the end, create a terrifyingly insecure world. One in which anyone may at any time be tried and convicted for any crime, whether or not they committed it. Take for example, the FBI’s notorious “hair analysis” scandal. In which analysts overstated their conclusions in 95% of cases, in a way which favored the prosecution. This occurring in hundreds of trials, and thirty-two (32) death penalty cases. Or the story of the closed source computer program being used to compare DNA from a defendant to evidence from a crime scene. A program that, (for all we know) could be set to return “true” if the defendant’s name was a certain length, regardless of their chromosomal constitution. Did you know that you could be considered a suspect in a crime because of the DNA of a relative, posted online and obtained by a law enforcement agency?

The danger that we face, is one of epic magnitudes. The system is trusted to accurately determine the supposed facts of a case. But when 34/35 matching alleles makes you a suspect, how can we say we actually know what we’re doing? Hint, we don’t. And one day, you, or someone you love might go to jail for it. For years we have been sold the lie that bio-metric data is somehow intrinsic, unique, and impossible to steal/counterfeit. Our computers and mobile devices pushing us away from memory resident authentication measures (such as passwords); and towards “facial recognition”, “fingerprint auth” and the like, as if these things were the future. They are not. They are the past.

It is quite simply, a lie that bio-metric data is somehow more secure. Your fingerprint can’t be changed like you can change a password. You’re stuck with it. And you leave a trail behind you everywhere you go. Touch a glass, you just left your “password” on that glass. The same is true for genetic information. That’s why it shows up at crimes scenes, a hair, a piece of skin is all that you need. Don’t even get me started on facial recognition. These techniques aren’t just abysmal. They’re straight up dangerous, because we trust them.

So what exactly does this mean for forensic evidence?

Say I wanted to frame someone for a murder. Fingerprints are not hard to lift. Tools to quickly and easily replicate cells from genetic information are currently being built. We’ve been able to just straight up print DNA for five years now. And it won’t be long before anyone with villainous intentions can get their hands on tech like this. A single piece of hair, touching your lips to the edge of a mug, the shedding of dead skin, spitting on a sidewalk; and I have you. I can make it look like you did anything I want to.

Here’s what I propose

The reality of the world, is that it is already very easy to frame someone using forensic evidence, via exploiting our belief in its accuracy. So here’s what we’re going to do. We’re going to beat the bad guys to the punch. I call it the Pandora Protocol. Open source your fingerprints. Open source your facial scans. Open source your genome. You can do these things anonymously (for the most part). A random genome floating in a sea of genomes. Or a random set of fingerprints floating in a sea of fingerprints. And you can do it verifiably. Leaving behind a one way signature in the “release” that reveals nothing about you, but can later be used to confirm your ownership of an item.

We store all of these entries somewhere safe. Maybe piggybacking off a block-chain? Somewhere where they will stay. And we let the world know that they are free to use these items however they choose. If someone wants to wear your fingerprints around (for example), you don’t care. They won’t know that the prints belong to you. And you’re smart enough to know not to use your fingerprints to verify your identity, so it changes nothing for you.

Here’s the benefit. If one day, a bad guy does follow you to a cafe, steal your fingerprints, and use them to commit a crime. The reality has always been that this was possible. But had you not open sourced your fingerprints, the court would certainly have found you guilty. Now, when the question arises, you simply say “I open sourced my fingerprints/facial scans/genome X number of years ago, the evidence you found could have been created by literally anyone.” And that reality is demonstrably true, thanks to the Pandora Protocol.

Stay tuned, the Pandora Protocol itself is currently in the R&D stages in Promethean Info Sec’s labs.