I know it's against the rules to tell people to read the article, but I would encourage everyone to read the article. It specifically says this is a potential threat to
>"elected officials, candidates, political campaigns, [and] political parties"
not to the general public. The potential threat is for someone at Candidate_1's campaign taking selfies with the app, that then uploads them to Russian servers where the Russian government can see them and can also see what's in the background (sensitive documents?) or see geo-location from the app (like how Strava was leaking the coordinates at military bases [1]) or any number of things a hostile foreign government who has already hacked American elections once and is planning to do it again might want to do with pictures that interns/staffers might think are private.
>Russian government can see them and can also see what's in the background (sensitive documents?) or see geo-location
It feels like a boy scout camp rather than government then. The same for a bunch of emails that ‘interfered’ with true democratic elections. If your organization is so fragile that revealing a tip of your pants makes everyone wonder if they are clean, then maybe that is what needs to be fixed, not someone who posts pictures of it to the internets (in this case provides a REST API for you to do that). However evil my country’s govt will ever be, the level of this nonsense is pushing the heliopause.
> I know it's against the rules to tell people to read the article, but I would encourage everyone to read the article.
It's not against the rules at all, so thank you for the encouragement! I will go read the article.
What the guidelines warn against is something different: Please don't comment on whether someone read an article. "Did you even read the article? It mentions that" can be shortened to "The article mentions that."
Can apps still get information that identifies the specific device? If so, another possible threat model could be more about identifying who uses what device rather than anything specifically in the photos themselves.
For example, I already have a database of high value target's faces built from political sources like house.gov. Now I do facial recognition between that set of faces and the FaceApp faces. That allows me to identify the specific devices used by government officials. That would seem to be super valuable for more targeted attacks and/or pairing with other apps for potential kompromat.
I was thinking more along the lines of hacking because now you have a face and can identify who they work for and that they may have valuable info being a part of X person’s political campaign. Potentially you’d then install some silent update or use some new exploit to gain access to the rest of their phone. Anyone know if that is possible?
It specifically says this is a potential threat to > "elected officials, candidates, political campaigns, [and] political parties
But that is NOT what it says at all.
I can't emphasise how misleading this summary is! The exact quote is:
> If the FBI assesses that elected officials, candidates, political campaigns, political parties are targets of foreign influence operations involving FaceApp [then the the FBI would investigate].
Note that "IF"? That puts a pretty different spin on it to your interpretation!
Separately, it says:
> The FBI considers any application or similar product developed in Russia, such as FaceApp, to be a potential counter-intelligence threat.
@dang - I think that the current headline "FBI designates FaceApp as counterlintelligence threat" as misleading. "Designates" implies something like being added to an official list (like a sanctions list or something). A better headline would be "FBI responds to congressional query on FaceApp" or "FBI considers all Russian-built apps counterintelligence threats"
Not at all. There's plenty of people in this thread wondering what "potential" means in "potential threat". This is what that potential means. The FBI has assessed that this app is a potential threat but they haven't found any evidence that Russia's government is actually using it in this way. If the FBI finds out that it's being used as an attack vector, then they will jump in to assist.
Not misleading at all. I don't know why so many people are reading this so wrong, it's not a long letter. The Senate asked the FBI if this app was a threat to US politicians, the FBI said it could be but they don't see it being exploited at this time. If that changes, the FBI will intervene. Pretty simple to understand as long as you read the words that were written.
>The potential threat is for someone at Candidate_1's campaign taking selfies with the app, that then uploads them to Russian servers where the Russian government can see them and can also see what's in the background (sensitive documents?)
good old days just less than 20 years ago back at Sun when we were strictly instructed that the computer monitors must be off when the photos would be taken. How times and basic norms of opsec have changed - these days you just tweet the straight photo of the classified monitor screen https://www.npr.org/2019/08/30/755994591/president-trump-twe...
I remember when the Sony-DPRK thing happened there was a photo of Cybercommand and it showed a wall of monitors and people were examining the tools they had open on the monitors.
There was also a photo from the Iranian Nuclear agency and it had photos of their systems and software on their website or something and it was scraped for info prior to Stuxnet.
MacAfee let some "Wired" photog take a digital photo without ensuring geotagging was disabled or removed from the metadata when he was prancing over Belize as he was escaping some plot to frame him.
Looks like the FBI designated FaceApp as a threat because of its crazy data policy and its Russian origin. Even though I think it's a really shady app, that's a pretty low bar.
I think FaceApp should be hosted on an AWS-like infrastructure.
Hosting in Russia is expensive and does not provide any advantages, such as dynamic routing that is crucial for world-wide app. Most developers use it to comply with Russian standards: you only need to store information about Russian users on Russian servers.
In addition, currently in Russia there are no good alternatives for reliable cloud neural network inference.
But I can’t understand the negative media about the application, based on the founder’s country of origin. I argue that this is discrimination because there is as yet no evidence of breach of confidentiality.
According to the article, FaceApp says they host in the United States, Singapore, Australia and Ireland. Whether that's true or not, I don't know. The problem the FBI has is no matter where the data is hosted, the Russian government has access to it as long as the Russian developers of FaceApp have access to it.
It’s worth noting that the heads of CIA, FBI, NSA, DHS and the Justice Department have all confirmed the Russian government are currently actively engaged in ongoing global disinformation campaigns propagated primarily on social media designed to sway elections in democracies abroad.
It’s beyond dispute.
The Russian government has breached confidentiality.
Thankfully that doesn't happen anywhere else in the world.
Australian government metadata requests was well over 300,000 last year, nearly 1000 requests a day all warrantless, can come from tiny local councils or horse racing orgs. Trust us, they say, there's oversight in hidden tribunals, they say.
Aren't all threats potential threats, until they are actual? I dunno, maybe the FBI has a formal delineation between potential threat, threat, and . . . whatever is after that. But I doubt it.
Notably ES File Explorer was recently removed form the Google play store because of suspicious behavior. One of the most popular Android file managers.
I bought microSD reader off Amazon, which has two dongle ends, one USB type A for a computer, one Lightning, for my iPhone. According to the included instructions, it required me to download an app (from the Apple app store) to use on the the iPhone. I didn't trust the App, even with Apple's scans, so I ended up using it with my already-owned Camera Connection Kit (Lightning to USB Host) adapter just fine. The name of the app was something very similar, if not identical, to that name, which is what reminded me of it.
It seems fishy that the Apple provided Files app didn't recognized my SD card
I wouldn't be surprised if this app collected much less data than the Facebook cancer. Facebook is not only stalking you through its main app but its other brands (Insta, WhatsApp, etc which a lot of people don't even know they're owned by FB) as well as unrelated third-party apps & websites that embed their malicious SDKs.
Facebook is an industrial-scale stalking operation. I doubt FaceApp (or frankly any government actor) could pull off something like that even if they wanted to.
The face picture is not really the problem. The app slurps other data from the device, such as log files, cookies, identifiers, etc. Of course, this app is probably not dissimilar to many of the other 2.5 million Android, 1.8 million Apple, 0.7 million Windows, and 0.5 million Amazon apps. https://www.statista.com/statistics/276623/number-of-apps-av...
There is no threat model for an iPhone app to do nefarious things in an App Store distributed app on a non-jailbroken phone. At most, FaceApp grabs the picture you uploaded and some minor meta-data that every app using an analytics tool (read: all of them) collects.
This is political grand-standing at best, and would be a non-issue if you replaced the geographic location of the dev team with any other countries
I get it, Russia is the Big-Bad-Boogeyman right now. But if you think for a second that a real attempt at counterintelligence would publicly come from such an obvious point of interest, than I have a bridge to sell you
By "non-jailbroken" you should mean "jailbreakable": it is the existence of the vulnerability that makes the phone insecure, not the user having used an exploit to leverage that vulnerability to do something for them. Like, for no avoidance of doubt: if you are running a version of iOS for which you can download an app-based jailbreak (which has been all jailbreaks for current phones that have been released for years now, all reliant on sandbox escapes), the issue is that the attacker jailbreaks your phone, not that you do; and also, to be explicit, as people also often confuse this, the code I would put in an app for a "back door" capable of letting me jailbreak remotely would not look like exploit code but would look like an innocent bug: maybe a vtable use after free bug on my stack while parsing a network response for which I knew the location of all the required ROP gadgets to exploit (put different "if you want to put a back door in software, just leave yourself a vulnerability you know how to exploit, and then claim you weren't evil, you were just bad at memory management or concurrency... like everyone else).
Just to be clear, you’re saying that FaceApp has a yet unfound component that lets them remotely jailbreak an otherwise un-jailbroken Phone via a published AppStore app? and that they’ve done this in the open on one of the most politically criticized apps short of Facebook?
The threat model is that this photo is shared with the Russian government and then the Russian government can match American citizens (or potentially people working in intelligence), and then using that in facial recognition programs. I.e. they can differentiate Americans (insert x country) from their own citizens and know who to watch more carefully.
This is a legitimate threat model. I'm not sure why you think it wouldn't be. Spies and others do use fake identities. The threat model is that there is that there is a way to determine who is faking their identities.
The photo is what's explicitly called out in the FBI complaint, with particular regard to how the photo is used and stored.
The funny thing to me is it nitpicks about the terms of service. Will a TOS prevent a foreign intelligence agency from using the data for nefarious purpose? That sounds silly.
It's a tit-for-tat response, showing that if they want to make this a trade war, their companies will get hurt too. So yes, national grandstanding.
Edit: Wups, dates are wrong. This FBI release is from November 25, so the Russian law is likely in response to it, not vice versa. Still national grandstanding, but the idiot party isn't necessarily the Russians.
Are you sure Faceapp grabs only the photo you uploaded? “At most” implies it literally can’t grab more than that. But it seems like it can. It has access to all your photos, not just your camera.
I have seen countries around the world have such a response. Russia freaked out that the latest Windows phones home, USA freaked out about Kaspersky, and so on. Russia has set in motion projects to build homegrown Linux based operating systems etc. I consider all this a good thing.
Why don’t we have the ability to restrict at the OS level which domains an app can send information to? Then we can finally host backend software locally on servers of OUR choice.
I would love to see more OPEN SOURCE apps running on servers of our choice, and communication over mesh networks. In fact I’d love for most functionality to be client-side and an option for ALL data sent to servers to be end-to-end encrypted at the OS level. I dont want to have to trust the APP manufacturer to pinky swear it’s all end to end encrypted. The OS should have a little badge saying none of the data sent by the app is being sent in a way the server can decrypt because the OS intercepts and encrypts it with keys the app can’t get. That may still leave side channels such as timing based information to tunnel through. But if we restrict what domains the app can talk to, we can close that loophole too.
That’s what I would love to see ... finally put an end to server side landlords owning your data just cuz they own the infrastructure!
But Apple is a honey badger - it dont care about ads. Their whole differentiator has become privacy and putting the user first vs apps! Seems like a glorious feature for them no? Safari already leads the way with blocking ads and third party tracking cookies.
Forgive me for chuckling at law enforcement in by far the world's largest exporter of consumer malware for treating a single comedy deepfakes app with so much paranoia and suspicion. How did that common saying go that was bandied around in our teenage years? Something like the person in a relationship who fears cheating the most is the one most likely to cheat
Readit News
>"elected officials, candidates, political campaigns, [and] political parties"
not to the general public. The potential threat is for someone at Candidate_1's campaign taking selfies with the app, that then uploads them to Russian servers where the Russian government can see them and can also see what's in the background (sensitive documents?) or see geo-location from the app (like how Strava was leaking the coordinates at military bases [1]) or any number of things a hostile foreign government who has already hacked American elections once and is planning to do it again might want to do with pictures that interns/staffers might think are private.
[1] https://www.theguardian.com/world/2018/jan/28/fitness-tracki...
It feels like a boy scout camp rather than government then. The same for a bunch of emails that ‘interfered’ with true democratic elections. If your organization is so fragile that revealing a tip of your pants makes everyone wonder if they are clean, then maybe that is what needs to be fixed, not someone who posts pictures of it to the internets (in this case provides a REST API for you to do that). However evil my country’s govt will ever be, the level of this nonsense is pushing the heliopause.
(1) Or any human for that matter
(2) I am an American
It's not against the rules at all, so thank you for the encouragement! I will go read the article.
What the guidelines warn against is something different: Please don't comment on whether someone read an article. "Did you even read the article? It mentions that" can be shortened to "The article mentions that."
Deleted Comment
For example, I already have a database of high value target's faces built from political sources like house.gov. Now I do facial recognition between that set of faces and the FaceApp faces. That allows me to identify the specific devices used by government officials. That would seem to be super valuable for more targeted attacks and/or pairing with other apps for potential kompromat.
I knew someone volunteering for a senate campaign. They noted their personal email suddenly had what looked like a lot of spear phishing type emails.
But that is NOT what it says at all.
I can't emphasise how misleading this summary is! The exact quote is:
> If the FBI assesses that elected officials, candidates, political campaigns, political parties are targets of foreign influence operations involving FaceApp [then the the FBI would investigate].
Note that "IF"? That puts a pretty different spin on it to your interpretation!
Separately, it says:
> The FBI considers any application or similar product developed in Russia, such as FaceApp, to be a potential counter-intelligence threat.
@dang - I think that the current headline "FBI designates FaceApp as counterlintelligence threat" as misleading. "Designates" implies something like being added to an official list (like a sanctions list or something). A better headline would be "FBI responds to congressional query on FaceApp" or "FBI considers all Russian-built apps counterintelligence threats"
Not misleading at all. I don't know why so many people are reading this so wrong, it's not a long letter. The Senate asked the FBI if this app was a threat to US politicians, the FBI said it could be but they don't see it being exploited at this time. If that changes, the FBI will intervene. Pretty simple to understand as long as you read the words that were written.
good old days just less than 20 years ago back at Sun when we were strictly instructed that the computer monitors must be off when the photos would be taken. How times and basic norms of opsec have changed - these days you just tweet the straight photo of the classified monitor screen https://www.npr.org/2019/08/30/755994591/president-trump-twe...
There was also a photo from the Iranian Nuclear agency and it had photos of their systems and software on their website or something and it was scraped for info prior to Stuxnet.
MacAfee let some "Wired" photog take a digital photo without ensuring geotagging was disabled or removed from the metadata when he was prancing over Belize as he was escaping some plot to frame him.
Those lapses happen.
Dead Comment
Dead Comment
Hosting in Russia is expensive and does not provide any advantages, such as dynamic routing that is crucial for world-wide app. Most developers use it to comply with Russian standards: you only need to store information about Russian users on Russian servers. In addition, currently in Russia there are no good alternatives for reliable cloud neural network inference.
But I can’t understand the negative media about the application, based on the founder’s country of origin. I argue that this is discrimination because there is as yet no evidence of breach of confidentiality.
>Hosting in Russia is expensive and does not provide any advantages
Hosting in top .ru DCs like Selectel is vastly cheaper than on any AWS-likes. These are extremely different products though.
It’s beyond dispute.
The Russian government has breached confidentiality.
but from a counter intelligence standpoint that's finger painting bar
Deleted Comment
Australian government metadata requests was well over 300,000 last year, nearly 1000 requests a day all warrantless, can come from tiny local councils or horse racing orgs. Trust us, they say, there's oversight in hidden tribunals, they say.
Aren't all threats potential threats, until they are actual? I dunno, maybe the FBI has a formal delineation between potential threat, threat, and . . . whatever is after that. But I doubt it.
https://duckduckgo.com/?q=ES+File+Explorer+removed+from+play...
It seems fishy that the Apple provided Files app didn't recognized my SD card
Dead Comment
Facebook is an industrial-scale stalking operation. I doubt FaceApp (or frankly any government actor) could pull off something like that even if they wanted to.
(/s)
This is political grand-standing at best, and would be a non-issue if you replaced the geographic location of the dev team with any other countries
I get it, Russia is the Big-Bad-Boogeyman right now. But if you think for a second that a real attempt at counterintelligence would publicly come from such an obvious point of interest, than I have a bridge to sell you
This is a legitimate threat model. I'm not sure why you think it wouldn't be. Spies and others do use fake identities. The threat model is that there is that there is a way to determine who is faking their identities.
The funny thing to me is it nitpicks about the terms of service. Will a TOS prevent a foreign intelligence agency from using the data for nefarious purpose? That sounds silly.
https://www.themoscowtimes.com/2019/12/02/russia-bans-iphone...
It's a tit-for-tat response, showing that if they want to make this a trade war, their companies will get hurt too. So yes, national grandstanding.
Edit: Wups, dates are wrong. This FBI release is from November 25, so the Russian law is likely in response to it, not vice versa. Still national grandstanding, but the idiot party isn't necessarily the Russians.
Edit: Obligatory “why are you booing me, I’m right?”
Deleted Comment
Dead Comment
Why don’t we have the ability to restrict at the OS level which domains an app can send information to? Then we can finally host backend software locally on servers of OUR choice.
I would love to see more OPEN SOURCE apps running on servers of our choice, and communication over mesh networks. In fact I’d love for most functionality to be client-side and an option for ALL data sent to servers to be end-to-end encrypted at the OS level. I dont want to have to trust the APP manufacturer to pinky swear it’s all end to end encrypted. The OS should have a little badge saying none of the data sent by the app is being sent in a way the server can decrypt because the OS intercepts and encrypts it with keys the app can’t get. That may still leave side channels such as timing based information to tunnel through. But if we restrict what domains the app can talk to, we can close that loophole too.
That’s what I would love to see ... finally put an end to server side landlords owning your data just cuz they own the infrastructure!
Ads.
Seems like a "pot" should have more knowledge than average on which kettles to call "black".