Facebook Embeds ‘Hidden Codes’ To Track Who Sees And Shares Your Photos, Report

Facebook Embeds ‘Hidden Codes’ To Track Who Sees And Shares Your Photos, Report

Facebook Embeds ‘Hidden Codes’ To Track Who Sees And Shares Your Photos, Report

Comments Off on Facebook Embeds ‘Hidden Codes’ To Track Who Sees And Shares Your Photos, Report

uncaptioned

Facebook has become synonymous with privacy violations in the year since Cambridge Analytica came to light. Now in the same week that details of the record $5 billion FTC fine emerged, an Australian cyber researcher has reopened a years-old debate as to whether the social media giant is embedding “hidden codes” in photos uploaded by users onto the site.

“Facebook is embedding tracking data inside photos you download,” Edin Jusupovic claimed on Twitter, explaining he had “noticed a structural abnormality when looking at a hex dump of an image file from an unknown origin only to discover it contained what I now understand is an IPTC special instruction.”

Jusupovic described this as a “shocking level of tracking,” adding that “the take from this is that they can potentially track photos outside of their own platform with a disturbing level of precision about who originally uploaded the photo (and much more).”

The “IPTC special instructions” that Jusupovic viewed are essentially metadata watermarks that Facebook adds to tag the image with its own coding—those tags can be read later, enabling the “tracking” to take place. This is not new, and at a basic level not especially well-hidden either. It can be used to trace the ownership of images, to resolve copyright infringements, to provide enhanced user services. It can also be used to better target advertising and trace links between different users—I have an image, where did I get it from.

According to one analyst, the metadata has been added since 2016 and “contains an IPTC block with an ‘Original Transmission Reference’ field that contains some kind of text-encoded sequence. This coding method lets Facebook “know it has seen the image before when it gets uploaded again,” explained a user on Reddit. “It is yet another way to learn associations between people. Person 1 uploaded a bunch of the same photos Person 2 uploaded, let’s show them both all the same advertisements!”

Another user on the same forum linked the coding to the current focus on the spread of fake news: “You download a meme from some account/page which is known to spread propaganda/hate speech etc. Now you think, hey let me just share this on WhatsApp on my family groups, because why not. Now, Facebook can easily tag you as a user who ‘believes in that propaganda’ and can sell that data to political parties or companies to target ads or more propaganda on you.”

There is no active tracking implied here, the image does not contain a secret beacon of any sort. It is a hidden code that would allow another Facebook or third-party site with the right software to link the image back to its origins—obviously, more metadata can be added as an image travels, which has additional implications. Think of this like the UV marker pens used to mark possessions with zip codes in case they’re stolen.

Not everyone is willing to play along with the Facebook scheme though. Twitter strips out the basic level of IPTC coding when images are posted on its site. But what remains unknown is whether there are other levels of more advanced steganography (hidden data in media) used by Facebook. There are continual advances being made in hiding data in images, some for security and data protection, others to execute advanced levels of malware that can be virally shared across social media platforms.

Zack Allen from ZeroFOX told me that “hidden data can be predictably transmitted through social network images with high-fidelity—and AI can hide that data in plain sight, at large-scale, and beyond human visual discernment, making steganalysis and other countermeasures difficult.”

This latest research, though, will add more fuel to the fiery Facebook debate around social media and privacy. “In addition to the [$5 billion] fine, Facebook agreed to more comprehensive oversight of how it handles user data,” reported the New York Times, citing sources close to events. “But none of the conditions in the settlement will impose strict limitations on Facebook’s ability to collect and share data with third parties.”

Jusupovic told me he thinks “this is likely just the tip of the iceberg, this particular discovery was very obvious and easy to find. But in the future, it will be easier for companies to hide these sort of privacy violations. There is an emerging field in steganography, which will continue to be a problem and will be much harder if not impossible to spot.”

In May, Senators Richard Blumenthal and Josh Hawley, a Democrat and Republican respectively, wrote to urge the FTC “to compel sweeping changes to end the Facebook’s pattern of misuse and abuse of personal data.” They considered even the prospect of a $5 billion fine “simply a write-down for the company—while the reported penalty exceeds previous penalty cases, the scope and nature of the allegations are also unprecedented.”

And that, for many, remains the real issue.

[“source=forbes”]

Lili

Related Posts

Explaining Facebook’s pre-poll crackdown on inauthentic behaviour

Comments Off on Explaining Facebook’s pre-poll crackdown on inauthentic behaviour

How Facebook fights fake news in the world’s largest election

Comments Off on How Facebook fights fake news in the world’s largest election

Facebook’s promised Clear History privacy tool to launch later this year following delay

Comments Off on Facebook’s promised Clear History privacy tool to launch later this year following delay

Facebook launches UK reporting tool to clamp down on scam ads

Comments Off on Facebook launches UK reporting tool to clamp down on scam ads

Facebook agrees to pay $5bn in vast privacy settlement, insiders say

Comments Off on Facebook agrees to pay $5bn in vast privacy settlement, insiders say

10 Year Challenge on Facebook, Instagram and Twitter is as dumb as it sounds

Comments Off on 10 Year Challenge on Facebook, Instagram and Twitter is as dumb as it sounds

Poor ecosystem holding back Indian entrepreneurs, says Facebook

Comments Off on Poor ecosystem holding back Indian entrepreneurs, says Facebook

FTC hits Facebook with $5 billion fine and new privacy checks

Comments Off on FTC hits Facebook with $5 billion fine and new privacy checks

Facebook blocks could open the door to online censorship

Comments Off on Facebook blocks could open the door to online censorship

LOL, Facebook building meme hub to woo teen users

Comments Off on LOL, Facebook building meme hub to woo teen users

US Congress launches antitrust probe of big companies like Facebook, Amazon, Apple

Comments Off on US Congress launches antitrust probe of big companies like Facebook, Amazon, Apple

Facebook says the Christchurch attack live stream was viewed by fewer than 200 people

Comments Off on Facebook says the Christchurch attack live stream was viewed by fewer than 200 people

Create Account



Log In Your Account