LAS VEGAS--Facebook's online privacy woes are well-known. But here's an offline one: its massive database of profile photos can be used to identify you as you're walking down the street.
A Carnegie Mellon University researcher today described how he assembled a database of about 25,000 photographs taken from students' Facebook profiles. Then he set up a desk in one of the campus buildings and asked willing volunteers to peer into Webcams.
The results: facial recognition software put a name to the face of 31 percent of the students after, on average, less than three seconds of rapid-fire comparisons.
In a few years, "facial visual searches may become as common as today's text-based searches," says Alessandro Acquisti, who presented his work in collaboration with Ralph Gross and Fred Stutzman at the Black Hat computer security conference here.
As a proof of concept, the Carnegie Mellon researchers also developed an iPhone app that can take a photograph of someone, pipe it through facial recognition software, and then display on-screen that person's name and vital statistics.
This has "ominous risks for privacy" says Acquisti, an associate professor of information technology and public policy at the Heinz College at Carnegie Mellon University. Widespread facial recognition tied to databases with real names will erode the sense of anonymity that we expect in public, he said.
Another test compared 277,978 Facebook profiles (the software found unique faces in about 40 percent) against nearly 6,000 profiles extracted from an unnamed dating Web site.
About 1 in 10 of the dating site's members--nearly all of whom used pseudonyms--turned out to be identifiable.
Facebook isn't the only source of profile data, of course. LinkedIn or Google+ might work. But because of its vast database and its wide-open profile photos, Facebook was the obvious choice. (Facebook's privacy policy says: "Your name and profile picture do not have privacy settings.")
No comments:
Post a Comment