> How are device owners being prohibited from anything?
Biometric data isn't cryptographic in nature. Once you've recorded someone's fingerprint -- which any device using it for authentication would have to do and have the hardware to do -- you can then replay it to any service using the same data for authentication. You don't even have to lift them off of any of the objects people leave them on just by existing, which is also a way to get them. And once someone has them, you can't change it.
Which means the only way to use biometrics to gate this sort of thing is for everyone to be locked out of their own devices (or unable to use devices they're not locked out of), or they could use the device they control to play back the biometric data to whatever external service is nominally authenticating it.
> Which zillion vulnerabilities in the TPM are you referring to?
And those are only the ones specific to a TPM, not any of the ones that impact privileged code the TPM is attesting to the security of.
Notice also that this doesn't require every device to be vulnerable, it only requires any device to be vulnerable. Cheap devices are more likely to be vulnerable and then anyone who wants to bypass anything can get one of those.
This is one of the reasons these systems are so nefarious. You get an iPhone for unrelated reasons and it may not have any current known vulnerabilities, so you are locked out of your own device. Meanwhile some $50 Android or old netbook does have a vulnerability which any kid can get if they want to view age-gated sites, or people set up services to do it over the internet -- and then those services become attack vectors because kids start plugging their parents' IDs and fingerprints into shady bypass services.
I don’t see any key exfiltration CVEs on that list. Or anything that could be exploited in a way that is relevant to discussion of digital identity documents.
The biometric data doesn't leave the device in any of these protocols. Keybinding to TPM keys and Wallet provenance is used. I’m not sure you really understand how this works it sounds more like you have a basic FUD imagining a world where instead of literally uploading a photo of your drivers license you present a digitally signed certificate with the same info. I can’t really argue with FUD other than encouraging you to onboard an mDL version of your government ID and to try using it the next time you fly, provided you live somewhere where this technology has been made available. It’s demonstrably better and you can experience it or talk to someone who has today.
Biometric data isn't cryptographic in nature. Once you've recorded someone's fingerprint -- which any device using it for authentication would have to do and have the hardware to do -- you can then replay it to any service using the same data for authentication. You don't even have to lift them off of any of the objects people leave them on just by existing, which is also a way to get them. And once someone has them, you can't change it.
Which means the only way to use biometrics to gate this sort of thing is for everyone to be locked out of their own devices (or unable to use devices they're not locked out of), or they could use the device they control to play back the biometric data to whatever external service is nominally authenticating it.
> Which zillion vulnerabilities in the TPM are you referring to?
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=TPM
And those are only the ones specific to a TPM, not any of the ones that impact privileged code the TPM is attesting to the security of.
Notice also that this doesn't require every device to be vulnerable, it only requires any device to be vulnerable. Cheap devices are more likely to be vulnerable and then anyone who wants to bypass anything can get one of those.
This is one of the reasons these systems are so nefarious. You get an iPhone for unrelated reasons and it may not have any current known vulnerabilities, so you are locked out of your own device. Meanwhile some $50 Android or old netbook does have a vulnerability which any kid can get if they want to view age-gated sites, or people set up services to do it over the internet -- and then those services become attack vectors because kids start plugging their parents' IDs and fingerprints into shady bypass services.