Black Hat: System links your face to your Social Security number and other private things

Soon it will be practicable to take someone's photo on a smartphone and within minutes know their Social Security number and a range of other private data like their personal interests, sexual preference and credit status, researchers will tell the Black Hat security conference this week.

The technique calls for linking faces of random individuals to images in databases that contain other information about them and using that information to project Social Security numbers, says Alessandro Acquisti, a professor at Carnegie Mellon University, who will present the research at the conference.

QUIZ: Black Hat's most notorious incidents

He says if he can arrange the logistics, he will demonstrate the technique at the show using an application on a smartphone that taps cloud-based databases and facial recognition software. He uses Social Security numbers as an example of what can be projected, but other information such as sexual orientation and credit ratings can also be inferred, he says.

The point, Acquisti says, is to show that a framework of digital surveillance that can go from a person's image to personal data exists today and will only get better as technologies improve, making privacy more scarce and making surveillance readily available to the masses. "This, I believe and fear, is the future we are walking into," he says.

He admits the method is far from foolproof, but that the individual pieces of technology are developing rapidly and could be ready for use in the real world in the foreseeable future. He is working on projections of how long it will take for the technologies involved to develop to the point of being reliable.

Acquisti bases his presentation on three pieces of research he and his team carried out. The first took the primary Facebook images that people posted to establish their identity. The team compared the Facebook images using PittPatt face-recognition software to identify other photos of the same person in another database, namely that of a popular dating service where people registered under phony names.

After the software made a match, actual people looked at the pictures to determine how accurate the matches were. They considered just PittPatt's best guess for each photo.

The software correctly identified 1 in 10 dating site members, which the researchers say is pretty good considering the experiment used just one photo -- the Facebook profile photo -- to identify the person with the known identity.

Plus, they only considered PittPatt's best guess. Had they considered the second and third best guesses, accuracy might improve as well, he says.

The second experiment photographed random college students and asked them to fill out a questionnaire. Meanwhile, the photo was compared to others in online databases to identify the students realtime and compile other photos of them.

The students checked the photos and found they were accurate about a third of the time.

The third experiment took the subjects' Facebook profiles and, from inferences made from the profiles, predicted the first five digits of their Social Security numbers and their interests and activities.

The last part is an implementation of a Social Security number-predicting algorithm Acquisti presented at Black Hat two years ago. Based on when and where a person was born, the algorithm predicts the first five digits, which are based on location. It can then guesses the remaining digits, but that could take 100 tries.

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags privacy

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tim Greene

Network World
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?