Using publicly available data, it is now possible to identify strangers and gain their personal information – even their Social Security numbers – by using facial recognition software and social media profiles, according to a new study to be presented tomorrow at the Black Hat Security Conference in Las Vegas.
Professor Alessandro Acquisti from Carnegie Mellon University and his research team studied the implications of the combining, or “mash-up,” of three technologies: face recognition, cloud computing (an Internet technology) and social networks.
The team studied the possibility of using publicly available Internet data and commercially available facial recognition software to reveal more information about a person than was intended.
Further, “Apple has acquired Polar Rose, and deployed face recognition into iPhoto. Facebook has licensed Face.com to enable automated tagging. So far, however, these end-user Web 2.0 applications are limited in scope: They are constrained by, and within, the boundaries of the service in which they are deployed. Our focus, however, was on examining whether the convergence of publicly available Web 2.0 data, cheap cloud computing, data mining, and off-the-shelf face recognition is bringing us closer to a world where anyone may run face recognition on anyone else, online and offline – and then infer additional, sensitive data about the target subject, starting merely from one anonymous piece of information about her: the face.”
Acquisti noted that last year, more than 2.5 billion photos were uploaded by Facebook users per month. These users also use their real names, addresses, birthdates and other contact information as part of their profiles on social media such as Facebook, LinkedIn, Google-Plus and others, and in many cases the information is visible to the entire world.
Read More at WND By Steve Elwart, WorldNetDaily