Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Images To Get Expiration Date

Posted by timothy on from the reducing-the-awkward-moments dept.

Pickens writes "BBC reports that researchers have created software that gives images an expiration date by tagging them with an encrypted key so that once this date has passed the key stops the images being viewed and copied. Professor Michael Backes, who led development of the X-Pire system, says development work began about 18 months ago as potentially risky patterns of activity on social networks, such as Facebook, showed a pressing need for such a system. 'More and more people are publishing private data to the internet and it's clear that some things can go wrong if it stays there too long,' says Backes. The X-Pire software creates encrypted copies of images and asks those uploading them to give each one an expiration date. Viewing these images requires the free X-Pire browser add-on. When the viewer encounters an encrypted image it sends off a request for a key to unlock it. This key will only be sent, and the image become viewable, if the expiration date has not been passed."

22 of 306 comments (clear)

  1. Debunked by thetagger · · Score: 5, Insightful

    Slashdot users debunk this scheme as stupid in 5... 4... 3...

    1. Re:Debunked by caffeinemessiah · · Score: 5, Insightful
      This can be debunked quite easily: once an image is decrypted, it is forever decrypted. Alternatively, all I have to do is comment on your post of the image with the key I just downloaded for it while it was still valid. Even more alternatively, I could set up a counter-service to this that stores retrieved keys permanently and hands them out publicly. Unless the service is refreshing the image data every single day with a new key, in which case: (a) they will run out of bandwidth and CPU in a week, (b) they will hit facebook's limits very very soon, and (c) I still have copies of yesterday's encrypted data and yesterday's key.

      Oh yes, and your friends will not be able to see your pictures unless they download a plugin ("huh...what's that??"), and possibly use a specific browser ("huh? why?").

      So yeah, pretty stupid overall. This is another sad attempt at a form of DRM.

      --
      An old-timer with old-timey ideas.
    2. Re:Debunked by caffeinemessiah · · Score: 5, Insightful

      I should also add: why not just have a service to delete the image automatically from facebook after N days? Encryption is absolutely not needed here and achieves nothing.

      --
      An old-timer with old-timey ideas.
    3. Re:Debunked by natehoy · · Score: 4, Insightful

      My thought exactly. They needed 18 months to develop this and didn't even come up with the fact that their solution is significantly inferior to the most obvious solution?

      So close... :)

      Deleting the image from Facebook is forever, if you trust Facebook. If you don't trust Facebook, then you might as well assume they are using a scripting tool to crank through the encrypted images as soon as they are posted and taking an unencrypted copy for themselves.

      This allows easy copying until the image is expired, and in a week there'll be a deXPire on every Linux repository that will ensure easy copying after the image is expired. Deleting the image makes it unavailable for everyone who hasn't already made a copy. "X-Piring" the image makes it and all other "expired" images available to anyone who wants to go to the trouble of "apt-get install deXPire-mozilla-plugin".

      --
      "This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
    4. Re:Debunked by vlueboy · · Score: 4, Interesting

      We would need to wait till HTML5 is here; its built-in magic might suffice to implement a viewer. But then how do they inject that code into facebook so that nobody has to grab the viewer on their own?

      Their Auto-tagger scans faces and asks users for the names of every face it has already framed in your pictures, and FB also does resizing and thumbnailing that clearly know when picture data is *not* what they're parsing after the upload. Facebook also isn't going to let you upload something that's clearly a noisy and corrupted JPEG file.

      They already changed their uploader so it compresses your images before they go out, and all I need is a slashdotter with an FB account to confirm that they can't even start to upload a binary disguised as a JPEG.

    5. Re:Debunked by http · · Score: 4, Informative

      Even theoretical trust in Facebook is misplaced. Here's a piece of news that you may have forgotten in the multitude of fucked up things Facebook has done over the past few years:

      Deleted' images are never deleted.

      In my experience, they are de-linked, but remain at the exact same URL. Also, they remain there even though my account has been "closed" for almost two years. Personally tested with dozens of images.
      The fact is, "Deleting the image from Facebook is not done."

      --
      If opportunity came disguised as temptation, one knock would be enough.
      3^2 * 67^1 * 977^1
  2. Until... by MrOctogon · · Score: 5, Insightful

    Cue the plugin which takes a screen capture of the decrypted image and re posts it in its original form. If you can read it you can copy it forever.

    1. Re:Until... by dgatwood · · Score: 4, Insightful

      More to the point, it can be solved just as easily if Facebook would:

      • Require users to accept or reject tagging explicitly before a photo tag becomes visible to anyone other than the tagger and the taggee.
      • Expire photos after a reasonable period of time unless the user explicitly confirms that it should remain posted (use notifications).
      • Expire tags in the same fashion.

      More importantly, it fails because:

      • The sorts of people who post pictures of their friends looking like assholes are unlikely to care enough to use a special service that provides expiration.
      • The sorts of people who post pictures of their friends looking like assholes are unlikely to set a short expiration date.
      • The person affected by the tagging is not the person deciding on its expiration.

      The decision about how long I should be tagged in a photo must be my decision, not the decision of the person who posts the photo. Any scheme that does not achieve this goal is completely missing the point.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

    2. Re:Until... by betterunixthanunix · · Score: 5, Insightful

      Why would you claim someone is not the brightest of applicants, just because they partied when they were in college? That is exactly the sort of attitude that created this problem in the first place: employers who have this notion that anyone who doesn't conform to the ideal defined by US government propaganda is somehow less desirable. Why does it matter to you that an applicant to whatever sort of job you might employ them for smoked pot when they were in college? Why would you go digging through someone's Facebook profile to find evidence of what sort of partying they did in college?

      --
      Palm trees and 8
    3. Re:Until... by metrometro · · Score: 4, Insightful

      I think this misses the point somewhat. Don't we all hate DRM because those schemes are a real bitch for data portability and long term archives? Which is it, then?

      The reason you put a timed kill switch on an archive is not because people in the present will use it in ways you dislike -- if that were true, why create or share it at all? The point is rather to piss off and disrupt the people in the far future who are post-facto digging through archives on you. Internet research hinges on how easy it is to find things. This would probably make it harder to find things that have expired.

      Security exists in an ecosystem. Everything can be broken. But the only questions that matters is will it actually happen most of the time?

  3. Cracked! by clvrmonkey · · Score: 4, Insightful

    I can't quite figure out how they'll stop me from taking a screenshot of the encrypted image.

    --
    All God does is watch us and kill us when we get boring. We must never, ever be boring.
    1. Re:Cracked! by Tenek · · Score: 4, Insightful
      That's not the point. You were already allowed to see the image. What it tries to reduce is the ability of someone unrelated to find it n years later. You had to remember to save a copy at the time. Unfortunately, you're probably more likely to do so if it's an interesting picture.

      It's not useless, and it's not perfect. Not a terrible idea though.

  4. alt-prtscn by Anonymous Coward · · Score: 3, Funny

    your feeble encryption is no match for my clipboard.

  5. no pictures for linux users... by dmbasso · · Score: 5, Insightful

    because you can't lock the print screen out, right?

    --
    `echo $[0x853204FA81]|tr 0-9 ionbsdeaml`@gmail.com
  6. I wish Facebook would expire by PatPending · · Score: 5, Insightful

    I wish Facebook would expire... the sooner, the better.

    --
    What one fool can do, another can. (Ancient Simian Proverb)
    1. Re:I wish Facebook would expire by Anonymous Coward · · Score: 5, Funny

      Anonymous Coward likes this

  7. X-Pire-copy-to-imgur browser add-on by seifried · · Score: 4, Insightful

    Which will result in something like the "X-Pire-copy-to-imgur browser add-on" which automatically decrypts the image and then posts a decrypted copy to imgur or whatever sharing site you want to use.

    Not to mention all the large companies trolling facebook for photos and storing them for later use to provide background check style services/etc.

    Once you post it, a copy has been made, once someone views it, a copy has been made. Those copies are outside your control. Even if you encrypt it, once someone views it, an unencrypted copy has been made, and it's once more out of your control.

  8. *facepalm* by TheSpoom · · Score: 3, Insightful

    *facepalm*

    This whole concept should be on The Daily WTF.

    --
    It's better to vote for what you want and not get it than to vote for what you don't want and get it.
    - E. Debs
  9. Un-X-Pire by cforciea · · Score: 4, Insightful

    I'm ready to start a new service called Un-X-Pire. What you will do is run my browser add-on, which will find X-Pire tagged images, request the decryption key from the X-Pire service, and then cache it the first time it is requested for each image. After that, it will just serve out the decryption key over and over (or, if the decryption does something fancy like swap keys based on current time, it will go ahead and decrypt the image for you by spoofing the time the key was initially first cached as the current system time for the decryption process), and then everybody who uses my plug-in will be able to view the image for the rest of eternity so long as at least one person views it with my plugin before it expires.

    Also, I bet mine takes a lot less time to code than theirs.

  10. Re:Hmm... by betterunixthanunix · · Score: 3, Interesting

    Of course, we have plenty of anti-drug propaganda to keep us far from the ideal. A picture of someone taking a bong hit at a party could be reason to be rejected from a job -- there are still places that perform pre-employment drug screenings, last I checked, and photographic evidence of illegal drug use may not go over so well. When we keep telling people that anyone who uses illegal drugs is an unreliable drug abuser who couldn't possibly hold a job, and when we require people to maintain a "drug free workplace" or forfeit government contracts, the idea that employers will forgive some college partying seems a bit far fetched.

    --
    Palm trees and 8
  11. NEWS! Slashdot Title Wrong by KnownIssues · · Score: 5, Insightful

    I am kind of used to Slashdot headlines that exaggerate the original article, but how do you go from a company has made some software that might be useful to social networks *like* Facebook to Facebook is going to get images with expiration dates?

  12. I am unimpressed... by fuzzyfuzzyfungus · · Score: 5, Interesting

    This particular "solution" sounds like the result of somebody thinking in a human-shaped problem space, which is psychologically understandable enough; but is a bias you have to get over if you want to get anywhere in tackling internet problems. And that is my best attempt at a charitable interpretation. Worst case, somebody is a dumbass.

    For the sake of charity, we will ignore obvious fuckuperry like "the project runs out of money in three months, and the keyservers go dark, millions of people's pictures(which, being users, they won't have backups of...) get hosed 15 months early" or "the keyserver gets rooted, a relatively small file called 'facebook_camwhores_dont_want_u_to_have_this.zip' appears on every torrent tracker on the wrong side of the tracks and the whole scheme collapses"...

    First, the same psychological biases(excessive time discounting, poor inhibition triggering models, bad stability assumptions) and social processes(booze, peer pressure, etc.) that cause people to post pictures and stuff that they will later come to regret will, almost certainly, cause them to assign incorrect 'blackout dates' to the material they do post. 18 months is like, what, 3 failed attempts at "serious" relationships, a number of booze fueled rebounds, and an ill-advised make-up or two? It is also plenty of time for what you did last summer to appear before school officials, what you did a few semesters back to make the HR snoop's radar, etc. Even in a world of purely human, purely manual, threats, this scheme is going to be minimally effective in protecting the people who need it most(while, at the same time, managing to scotch a bunch of happily-married-high-school-sweethearts who have lousy backup practices).

    Now, where this scheme really falls flat: This is the internet. It is more full of bots and spiders than is sci-fi written for the arachnid audience. Whatever tag or code is used to clue the plug-in in to the need for a decryption key is going to become a de-facto signal for "High probability of being juicy and/or embarassing". Now the bottom-feeding amateur porn sites won't even need humans or machine vision to find cheap filler content... Hell, facebook, and virtually all even slightly shady crawlers will likely fully support this scheme long before Apple approves iPhone support for it(Hey guys, now you can post your pictures to Facebook in a format your friends can't even see! Hooray!)...

    That's the basic problem, right there. If the internet's long memory were confined to some specific location, the simple solution would just be to lean on them legally to provide twilighting tools. Trouble is, the internet's memory is long. And it is distributed across countless entities and jurisdictions. And much of the copying between memory stores is automatic. And records may not exist of a copy operation having occurred. And, with cheaper HDDs, even individual users on cheap laptops are now a formidable chunk of storage. If this scheme ever takes off(doubtful), how long do you think it will be before there exists the following: An OSX application called "iCrawl" that has an excellent UI, costs $20, and crawls and archives the facebook profiles of friends, friends of friends, out up to N levels, 3 competing win32 applications(one trialware, $19.99, with a totally custom widget set, one free, that crashes all the damn time and doesn't work, and one free and more or less functional; but installs a trojan), and a set of python wrappers for unixlike operating systems that make crawling your friends and fetching decryption keys as easy as writing a few scripts?

    Barring the full-blown emergence of the dystopian trusted-computing future, with end-to-end DRM and hunter-seeker drones with worldwide lethal force authorization doing 24/7 traitor tracing, you don't get to time-limit stuff you put in widely accessible places on the internet. Sorry about that.