| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to facial recognition vulnerability has happened again at Google with its Pixel 4 smartphone. The incident involved the facial recognition system being able to unlock the phone even if someone's eyes are closed, posing a significant security threat. This vulnerability was discovered just days after the phone's launch, prompting concerns about unauthorized access to the device [90765].
(b) The software failure incident related to fingerprint recognition vulnerability has also occurred at Samsung with its Galaxy S10 phones. The issue involved the fingerprint unlock system being fooled by a £3 plastic screen protector, allowing anyone's fingerprint to unlock the phone and access personal information. Samsung acknowledged the problem and stated that a software patch would be issued to address the malfunctioning fingerprint recognition [90765]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the case of Google's Pixel 4 smartphone facial recognition system. The incident occurred because the system allowed the phone to be unlocked with facial recognition even if someone's eyes were closed. This flaw in the design of the facial recognition system was discovered just days after the phone launched, indicating a failure in the design phase of the system [90765].
(b) The software failure incident related to the operation phase can be observed in the case of Samsung's Galaxy S10 fingerprint unlock system. The issue arose when it was discovered that the fingerprint unlock system could be fooled by a £3 plastic screen protector, allowing anyone's fingerprint to unlock the phone and access personal information. This indicates a failure in the operation phase of the system, where the misuse of the system (using a screen protector) led to a security vulnerability [90765]. |
| Boundary (Internal/External) |
within_system |
(a) The software failure incident related to the Google Pixel 4 facial recognition system allowing the phone to be unlocked with closed eyes is within the system. This failure is due to how the facial recognition technology was designed and implemented by Google, allowing for unauthorized access to the phone even when the user's eyes are closed [90765].
(b) The software failure incident related to the Samsung Galaxy S10 fingerprint recognition system being fooled by a £3 plastic screen protector is also within the system. This failure is attributed to a vulnerability in the fingerprint recognition technology itself, where the patterns inside the silicone protectors could confuse the phone's sensors, leading to unauthorized access to the phone [90765]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident related to non-human actions in the articles is the security concern with Google's Pixel 4 facial recognition feature. The issue was that the facial recognition system could unlock the phone even if someone's eyes were closed, which was considered a significant security threat. This flaw in the system was discovered by a BBC reporter and highlighted the vulnerability of the facial recognition technology on the Pixel 4 device [Article 90765].
(b) The software failure incident related to human actions in the articles is the vulnerability of Samsung's Galaxy S10 fingerprint unlock system. Users discovered that the fingerprint recognition could be fooled by a £3 plastic screen protector, allowing unauthorized access to the phone and personal information. This issue was identified by a user who found that multiple fingerprints, including those not registered, could unlock the device, posing a significant security risk [Article 90765]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident related to hardware can be seen in the case of Samsung's Galaxy S10 fingerprint unlock system being fooled by a £3 plastic screen protector [90765]. The issue arose when the patterns inside the silicone protectors confused the phone's sensors, allowing anyone's fingerprint to unlock the phone and access personal information.
(b) The software failure incident related to software can be observed in Google's Pixel 4 facial recognition system allowing the phone to be unlocked with facial recognition even if someone's eyes are closed [90765]. This flaw in the software's facial recognition algorithm led to a significant security threat as it could potentially allow unauthorized access to the device while the user is asleep or unconscious. |
| Objective (Malicious/Non-malicious) |
non-malicious |
(a) The software failure incident related to the Google Pixel 4 facial recognition system can be categorized as non-malicious. The incident involved a security concern where the facial recognition system could unlock the phone even if someone's eyes were closed, leading to potential unauthorized access to the device [90765]. This issue was discovered by a BBC reporter and highlighted as a significant security threat by experts. Google acknowledged the flaw in the system and mentioned that users could enable a higher security mode if concerned. The incident was not attributed to malicious intent but rather a design flaw in the facial recognition technology of the Pixel 4 smartphone. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The software failure incident related to the Google Pixel 4 facial recognition system can be attributed to poor_decisions. Google's decision to allow the phone to be unlocked with facial recognition even if someone's eyes are closed was criticized as a significant security threat by experts [90765]. Additionally, Google initially advertised a setting that required people's eyes to be open when their face is scanned but dropped this feature before the phone went on sale, indicating a poor decision in terms of security implementation [90765]. |
| Capability (Incompetence/Accidental) |
development_incompetence, accidental |
(a) The software failure incident related to development incompetence is evident in the case of Google's Pixel 4 smartphone facial recognition system. The system allowed the phone to be unlocked with facial recognition even if someone's eyes were closed, posing a significant security threat. This flaw was discovered by a BBC reporter and highlighted by experts as a major security concern [Article 90765].
(b) The software failure incident related to accidental factors is seen in Samsung's Galaxy S10 fingerprint unlock system. The system could be fooled by a £3 plastic screen protector, allowing anyone's fingerprint to unlock the phone and access personal information. This vulnerability was accidental and arose from the patterns inside the silicone protectors confusing the phone's sensors [Article 90765]. |
| Duration |
temporary |
The software failure incident related to the Google Pixel 4 facial recognition system being able to unlock the phone with closed eyes can be categorized as a temporary failure. This is because the issue was discovered shortly after the phone's launch and was acknowledged by Google. Google mentioned that users can turn on a higher security mode if worried and also provided a temporary solution by allowing users to disable Face Unlock temporarily using lockdown mode to require a PIN/pattern/password [90765]. |
| Behaviour |
crash, omission, value, other |
(a) crash: The software failure incident related to the Google Pixel 4 smartphone's facial recognition system can be considered a crash. Users discovered that the phone could be unlocked with facial recognition even if someone's eyes were closed, indicating a failure of the system to properly authenticate users and losing the state of security [90765].
(b) omission: The software failure incident can also be categorized as an omission. The system omitted to perform its intended function of requiring the user's eyes to be open during face scanning, which was initially advertised but later dropped before the phone went on sale [90765].
(c) timing: The timing of the software failure incident is not directly related to the system performing its intended functions too late or too early. The primary issue lies in the system's failure to authenticate correctly rather than timing-related issues [90765].
(d) value: The software failure incident can be linked to a failure in value. The facial recognition system performed its intended function of unlocking the phone but did so incorrectly by allowing unauthorized access when the user's eyes were closed, compromising security and privacy [90765].
(e) byzantine: The software failure incident does not exhibit characteristics of a byzantine failure where the system behaves erroneously with inconsistent responses and interactions. The issue primarily revolves around a specific flaw in the facial recognition system's design rather than inconsistent behavior [90765].
(f) other: The other behavior exhibited by the software failure incident is a significant security threat. The flaw in the facial recognition system allowed unauthorized access to the phone, potentially leading to privacy breaches and security risks, as highlighted by experts and users [90765]. |