Mug Shot

 In ITC's Threat of the Week

Unless you have been participating in one of those tiresome live ‘off the grid’ challenges, and we mean a proper one, not one like these Dutch charlatans whose ‘off grid’ experience includes Internet access and DJ lessons rather than wild boar hunting, sticking and gutting which is proper ‘off grid’ activity in our book, you will have seen a whole load of your mates, celebrities, pretty much everyone, posting pictures of what they might look like when they are older.

It transpires that this Facebook app is run by a Russian outfit – FaceApp. This very fact (the Russian bit) has led to much comment in the press from fairly balanced (unusual for Vice), through to fairly shoddy, poorly researched garbage (err, unusual for The Guardian). It is interesting that Arwa Mahdawi of The Grauniad downplays the risks of FaceApp but chooses to use photos of someone else that have been processed by the filter. How odd.

So what is the truth, what do we actually know? Let’s see if we can do this without resorting to our usual tin foil hat levels of paranoia!

Before that, a little history lesson for the addled minds of our readers who already look older and have no use for these pathetic new-fangled gimmicks, meh.

Back in 2016 another Russian outfit called FindFace cropped up. Using neural networks and AI (they almost certainly have the full set including Machine Learning, Big Data and a ‘cloud first strategy’ now). FindFace trained its application using the Russian VK social media network, allowing users to track people just using a photo, not scary at all huh? Anyhow when it got its shizzle up and running, removed the free bit and commercialised the bejaysus out of it, as you can see from its pretty average website. Rumours have persisted that the technology is supported by, if not designed for Russian intelligence – they love a bit of facial recognition.

So back to the current FaceApp, which may very well also use the very same technology, who knows? It has certainly caught the attention of pretty much everyone, including Vogue.

A cursory glance at the FaceApp infrastructure reveals servers all over the cloud (not in Russia). One server however, stands out. This host is registered to a domain called sovintel.ru. A cracking joke or an epic fail? We think the former, we hope we think the former, please let it be the former.

If you look at the site on Google Maps Street View, there is unfortunately (we were going to say conveniently, but the tin foil hat is wrapping the cheese) a very tatty waggon in the way (mwahahaha).

FaceApp claim not to be exporting photos to Mother Russia, however they are almost certainly sending AI metadata back. Amongst the best write ups of the situation is here.

It is reasonable to assume that FaceApp is being trained by all of you peoples who clearly didn’t read the small print:

Terms and conditions

https://faceapp.com/privacy

We may share User Content and your information (including but not limited to, information from cookies, log files, device identifiers, location data, and usage data) with businesses that are legally part of the same group of companies that FaceApp is part of, or that become part of that group (“Affiliates”). Affiliates may use this information to help provide, understand, and improve the Service (including by providing analytics) and Affiliates’ own services (including by providing you with better and more relevant experiences). But these Affiliates will honor the choices you make about who can see your photos.

We also may share your information as well as information from tools like cookies, log files, and device identifiers and location data, with third-party organizations that help us provide the Service to you (“Service Providers”). Our Service Providers will be given access to your information as is reasonably necessary to provide the Service under reasonable confidentiality terms.

We may also share certain information such as cookie data with third-party advertising partners. This information would allow third-party ad networks to, among other things, deliver targeted advertisements that they believe will be of most interest to you.

We may remove parts of data that can identify you and share anonymized data with other parties.

We may also combine your information with other information in a way that it is no longer associated with you and share that aggregated information.

Not to worry though, you can always have your stuff deleted, this is what FaceApp say and this has made us chuckle for a couple of days:

3. We accept requests from users for removing all their data from our servers. Our support team is currently overloaded, but these requests have our priority. For the fastest processing, we recommend sending the requests from the FaceApp mobile app using “Settings->Support->Report a bug” with the word “privacy” in the subject line. We are working on the better UI for that.

If this information is being used to train an AI for commercial or more nefarious use we may never know. We do know that facial recognition is a big thing in law enforcement these days – The UK Home Secretary has committed investment in the technology this week. Wouldn’t it be an irony if the Russians were using Facebook for free when we chuck beeelions at it? Something like the apocryphal (and not strictly true) story about the space pen developed by Americans whilst Boris used pencils.

Let us ask ourselves a couple of questions?

Would someone develop technology this advanced for free consumption? As a gift to old mankind perhaps. Nope.

Remember Cambridge Analytica?

By the way, we are loving the American fine of $5 beeelion to Facebook. Makes £183 meelion for BA look pretty paltry doesn’t it (anything you can do, we can do bigger), even though it won’t be even as much as an hour in detention for The Zuck.

There is no such thing as a free lunch. If you really can’t wait to see what you might look like older, or what you may look like as a bullfrog, understand that you are giving up more than you may know and it might come back to haunt you. We haven’t even talked about identity theft have we (the cheese has been eaten and the tin foil hat is back). If you would like to discuss any of these issues or need help with anything security related, contact us here: [email protected] or call 020 7517 3900, we’d love to hear from you.

Author: Kevin Whelan

Recent Posts
Showing 2 comments
  • Emlyn Rees
    Reply

    Brilliant article. Will be sharing.

    • Sophia Casimir
      Reply

      That’s great to hear, many thanks!

Leave a Comment

Tel:
+44 (0) 20 7517 3900