Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook To Fight Revenge Porn by Letting Potential Victims Upload Nudes in Advance (bleepingcomputer.com)

Posted by msmash on from the catch-me-if-you-can dept.

Catalin Cimpanu, writing for BleepingComputer: Facebook is testing new technology that is designed to help victims of revenge porn acts. It works on a database of file hashes, a cryptographic signature computed for each file. Facebook says that once an abuser tries to upload an image marked as "revenge porn" in its database, its system will block the upload process. This will work for images shared on the main Facebook service, but also for images shared privately via Messenger, Facebook's IM app. The weird thing is that in order to build a database of "revenge porn" file hashes, Facebook will rely on potential victims uploading a copy of the nude photo in advance. This process involves the victim sending a copy of the nude photo to his own account, via Facebook Messenger. This implies uploading a copy of the nude photo on Facebook Messenger, the very same act the victim is trying to prevent. The victim can then report the photo to Facebook, which will create a hash of the image that the social network will use to block further uploads of the same photo.

64 of 370 comments (clear)

  1. This is already avaliable by pnutjam · · Score: 5, Funny

    I already have a service that handles this, just send me the pic and I'll handle it....

    --
    Cheap storage VM.
    1. Re:This is already avaliable by Major_Disorder · · Score: 4, Funny

      I already have a service that handles this, just send me the pic and I'll handle it....

      I would take you up on this offer. But I would not want to be responsible your your blindness.

      --
      First law of people: People are generally stupid.
    2. Re:This is already avaliable by fizzer06 · · Score: 2

      I bet you will.

    3. Re:This is already avaliable by cayenne8 · · Score: 5, Insightful
      I have a QUICK solution to all this, works 100%.

      Don't fucking let someone take pictures or video of you naked and/or having sex!!!!

      Sheesh....when did something like common sense about not letting someone take pics of you in compromising situations go out the fucking door?

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    4. Re:This is already avaliable by computational+super · · Score: 4, Funny

      I swear I'm only storing the hash code. Honest.

      --
      Proud neuron in the Slashdot hivemind since 2002.
    5. Re:This is already avaliable by computational+super · · Score: 5, Funny

      Well, I thought it was really just that easy until I realized that the reason nobody had ever taken a naked picture of me was because I was ugly.

      --
      Proud neuron in the Slashdot hivemind since 2002.
    6. Re:This is already avaliable by religionofpeas · · Score: 5, Funny

      "We've noticed your hash is kinda small. Would you be interested in some hash-enlargement pills ?"

    7. Re:This is already avaliable by Lab+Rat+Jason · · Score: 4, Funny

      Right? There's NO WAY this could ever go wrong. Nobody from Facebook will ever see them. Nobody will ever hack facebook and steal them, facebook will never sell them to plastic surgeons under a marketing plan for people that need a little "nip" here and there. </sarcasm>

      --
      Which has more power: the hammer, or the anvil?
    8. Re:This is already avaliable by Oswald+McWeany · · Score: 5, Funny

      Well, I thought it was really just that easy until I realized that the reason nobody had ever taken a naked picture of me was because I was ugly.

      Don't feel so down on yourself. I've taken plenty of naked pictures of you.

      --
      "That's the way to do it" - Punch
    9. Re:This is already avaliable by networkBoy · · Score: 2

      Well in this particular case since they're expecting you to upload your nudies that implies you took a selfie or some such... in which case I'd like to add an addendum to GP:

      and for $DIETY sake, don't take nudies and send them to someone!

      Also I have a tangential question (sorta reverse revenge porn):
      1) Minor takes nude selfie and sends it to target (say hated step parent).
      2) Reports target for being in possession of CP.
      3) now what?

      --
      whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
    10. Re:This is already avaliable by Oswald+McWeany · · Score: 4, Insightful

      yup 100% of the time it will work. except the times where it doesn't like when someone has hidden a camera in a bathroom or hotel room or their bedroom...

      Or they accidentally upload the photo to their feed instead of the protection service.

      --
      "That's the way to do it" - Punch
    11. Re:This is already avaliable by Oswald+McWeany · · Score: 2

      #hashshaming

      --
      "That's the way to do it" - Punch
    12. Re: This is already avaliable by gx5000 · · Score: 2

      NO kidding, and they're paying Big Brother to spy on them by buying, even fighting over the tech themselves...
      Have to retire soon, this is getting too stupid, everywhere you look.

      --
      End of Line.
    13. Re:This is already avaliable by Anonymous Coward · · Score: 5, Funny

      This reminds me of that website where you could enter you credit card number to check if it was leaked to the internet....

    14. Re:This is already avaliable by lgw · · Score: 2

      It's probably an image signature, not literally a hash. But yeah, if the real intent was as stated, they'd release an app that uploads just the signature. This plan can only end in lulz.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    15. Re:This is already avaliable by Theaetetus · · Score: 2, Interesting

      I have a QUICK solution to all this, works 100%.

      Don't fucking let someone take pictures or video of you naked and/or having sex!!!!

      Sheesh....when did something like common sense about not letting someone take pics of you in compromising situations go out the fucking door?

      Yes, I suppose that's a reasonable solution, if you never want to receive sexy pictures or video from a significant other. As most people would like to receive such, then blaming the victim and discouraging the practice would seem to be counter to most folk's interests. But not yours, I guess.

    16. Re:This is already avaliable by computational+super · · Score: 5, Funny

      Dad?

      --
      Proud neuron in the Slashdot hivemind since 2002.
    17. Re:This is already avaliable by AdamStarks · · Score: 4, Funny

      A different breed of revenge porn, eh? Where the subject is not the victim?

    18. Re:This is already avaliable by boudie2 · · Score: 5, Funny

      My wife was afraid of the dark. Then she saw me naked. Now she's afraid of the light.
      Rodney Dangerfield

    19. Re:This is already avaliable by greenfruitsalad · · Score: 4, Informative

      Also, in UK, Facebook could be charged with possession of child pornography and the teen uploading the photo with distribution

    20. Re:This is already avaliable by Anonymous Coward · · Score: 3, Insightful

      Also I have a tangential question (sorta reverse revenge porn):
      1) Minor takes nude selfie and sends it to target (say hated step parent).
      2) Reports target for being in possession of CP.
      3) now what?

      How it works in the US:
      3) Police breaks down door and drags target to jail
      4) Police finds evidence on phone
      5) Depending on how rich/connected/white target is
          a) not: target gets charged with possession of CP and goes to jail. Target is put on list of sex offenders.
          b) very: target's lawyer points out the minor sent it, target is innocent. Minor is sent to juvie for distributing CP. Minor is put on list of sex offenders.
          c) somewhat: (a) and (b)

    21. Re: This is already avaliable by Falconnan · · Score: 4, Insightful

      Has said every aging generation to every up-and-coming generation since time immemorial. A large part of the problem is puritanical culture, frankly. Nudity should not be as big a deal as it is.

    22. Re:This is already avaliable by plopez · · Score: 4, Insightful

      Compromising position? Just do what I do, do not consider them compromising.

      WTF is wrong with people? Showing war movies or action movies where people get blown away is OK, but if you were to show a married couple having sex to create a child it would be considered "dirty".

      We live in a death culture.

      --
      putting the 'B' in LGBTQ+
    23. Re:This is already avaliable by Theaetetus · · Score: 2

      " if you never want to receive sexy pictures or video from a significant other. As most people would like to receive such"

      That's a pretty big assumption there! I get along fine without sending nudy pics to my wife, and vice versa.

      The rest of us appreciate them, though, so pass on our thanks.

    24. Re: This is already avaliable by whyyisthissohard · · Score: 2, Insightful

      It's not puritanical in any way. Nudity objectively implies availability for sex. Welcome to 10,000+ years ago.

      But polynesian tribes etc.!

      Guess what? Most of us aren't polynesians. These tribal people did not erect western civilization. These tribal people had less need of clothing for warmth in their habitat.
      Humans need clothes to survive. There are only certain occasions when clothes are taken off. Traditionally the most important one if not the most common is for mating. This is ingrained in our brains.

      And besides you have no point whatsoever, because these photos are invariably taken in a mood of arousal, signalling a very clear context.

      But my pet theory!

      Not so "insightful".

    25. Re:This is already avaliable by Major_Disorder · · Score: 2

      This is no more or less embarrassing than someone getting a tattoo of $current_lover_name.

      This is why I now exclusively date women named Edith. I admit it does limit me a bit, but have you looked at the price of laser tattoo removal.

      --
      First law of people: People are generally stupid.
    26. Re:This is already avaliable by Altrag · · Score: 3, Interesting

      Problem isn't the victim considering them compromising. The problem is the victim's family, friends, coworkers, boss, etc considering them compromising.

      Really though, its a generational thing to some extent. By the time the children of the millennials are in their 40s or 50s and running the world, so many of them will have nudes, stupid social media posts, etc out in the world that its going to necessarily be a non-issue or for examples employers won't be able to find any employees that fit their "internet purity" conditions.

      Its only a problem right now when the generation doing the hiring never really had to deal with these kind of things while the generation looking to be hired don't really care that much because everyone they know does it. Its the intersection of those two worlds where everything hits the fan.. well, in a generalized sense of course -- there will always be exceptions obviously.

    27. Re:This is already avaliable by plopez · · Score: 3, Insightful

      Then don't look.

      --
      putting the 'B' in LGBTQ+
    28. Re:This is already avaliable by AdamStarks · · Score: 2

      My apologies, I didn't realize we'd broadened the scope of relevant media to include art.

    29. Re:This is already avaliable by Tuidjy · · Score: 5, Insightful

      I would also take you up on that offer. But could you please explain to me, first, how you deal with the things with which Facebook clearly does not:
      - how do you avoid charges of moving and storing child porn if the user is underage?
      - how do you make sure that minor changes to the original picture do not produce completely different signatures?
      - how do you make sure that none of your employees have access to the originals?
      - how do you make sure people upload only pictures in which they are the subject?
      - how do you make sure that the mechanism is not used to suppress legitimate pictures?
      - etc, etc, etc.

      What could possibly go wrong?!

      --
      No good deed goes unpunished...
    30. Re:This is already avaliable by CSMoran · · Score: 2

      - how do you avoid charges of moving and storing child porn if the user is underage?

      By computing the hashes client-side and transmitting and storing only the hashes, obviously.

      - how do you make sure that minor changes to the original picture do not produce completely different signatures?

      Wavelet transform. Compute hashes in wavelet space.

      - how do you make sure that none of your employees have access to the originals?

      By computing the hashes client-side and storing only the hashes, obviously.

      --
      Every end has half a stick.
    31. Re:This is already avaliable by pnutjam · · Score: 2

      That actually varies by state, some are 2 party consent and some are 1 party consent for audio recording.
      And there have been incidents of people upset about being video recorded who couldn't do anything about it until they realized audio was recorded as well.

      --
      Cheap storage VM.
  2. What could possibly go wrong? by Major_Disorder · · Score: 5, Insightful

    I know they "claim" they will not keep the pictures, but only a hash of the image. But do you really trust Facebook that much?

    --
    First law of people: People are generally stupid.
    1. Re:What could possibly go wrong? by Anonymous Coward · · Score: 4, Interesting

      They should allow the potential victim to upload the hash, and not the image.

    2. Re:What could possibly go wrong? by Oswald+McWeany · · Score: 3, Interesting

      I know they "claim" they will not keep the pictures, but only a hash of the image. But do you really trust Facebook that much?

      Won't take long before the police will pay Facebook to ID the corpses they find.

      "Detective Hathaway, run this birthmark that looks like a camel through facebook and see who has a camel shaped birthmark on their arse"

      --
      "That's the way to do it" - Punch
    3. Re:What could possibly go wrong? by computational+super · · Score: 2

      Actually I distrust Facebook so much that I'm pretty sure they already have a few gigabytes of naked pictures of everybody, so uploading another one won't make much difference.

      --
      Proud neuron in the Slashdot hivemind since 2002.
    4. Re:What could possibly go wrong? by gnick · · Score: 2

      The link you provided describes a method for finding differences between two images. Using those two images. It says nothing about comparing images based on a hash.

      --
      He's getting rather old, but he's a good mouse.
    5. Re: What could possibly go wrong? by Pascoea · · Score: 3, Insightful

      Really? You honestly thing a company with virtually unlimited resources didn't think of that? (Or the Parent's "changing a pixel" comment?) I realize that what they are doing doesn't follow the definition of "hash" as we traditionally think about it, where changing one bit in the source changes the hash. But I'm pretty sure FB didn't just get outsmarted by two ACs on Slashdot.

    6. Re:What could possibly go wrong? by thomn8r · · Score: 2

      My penis is a thing of beauty. Everybody should see it!

      Not everyone can afford an electron microscope

    7. Re: What could possibly go wrong? by Anonymous Coward · · Score: 2, Informative

      Because English speakers know that "male" pronouns convey no information about gender. English is gender neutral unless female pronouns are used. So, when you want to make neutral statements you don't use female pronouns.

    8. Re:What could possibly go wrong? by Dutch+Gun · · Score: 3, Informative

      Image hashes typically work in a way such that you can find an image even if minor alterations have been made, such as if you re-compress them, change formats, alter a single pixel, etc. From what I understand, it often involves analysis of the color histogram used in initial searches, plus a tiny thumbnail for direct comparison, which would generally be too small to recognize a specific person. This lets you do "fuzzy" matching, unlike a hash like CRC32 or SHA1 which only can find exact matches.

      I agree that this has all sorts of psychological barriers. "Hey, I'm worried about revenge porn, so I'm going to upload all my nude pics I shared with my ex-boyfriend to Facebook for analysis. You know, Facebook, the company that scans all my personal data for profit."

      --
      Irony: Agile development has too much intertia to be abandoned now.
    9. Re: What could possibly go wrong? by lgw · · Score: 4, Insightful

      The point is that facebook would need to store more than just a hash to accomplish their goal -- they need ways to deal with the image being scaled, rotated, run through a filter, etc. In other words... they need to keep a likeness of the original image.

      There are simple image signature algorithms that are stable across all those transformations (unless the filter is extreme), but will still make random collisions unlikely. Old technology at this point.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    10. Re:What could possibly go wrong? by bobbied · · Score: 2

      They should allow the potential victim to upload the hash, and not the image.

      THIS!

      However... Everybody knows that you can alter the hash on an image in any number of ways, including simply converting it to another image format or scale it.

      You also know Facebook won't make this happen. The whole idea was to drive a new website with free content.

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    11. Re: What could possibly go wrong? by Brockmire · · Score: 2

      Some people smoke it.

  3. Why not a Porn version of Wikipedia? by Hylandr · · Score: 4, Funny

    What's wrong with putting all the nudes of every person on facebook on a database ?

    What could go Equifax?

    --
    ~ People that think they are better than anyone else for any reason are the cause of all the strife in the world.
  4. Why not compute hash locally? by pz · · Score: 5, Insightful

    The public reaction to this is understandably somewhat muted and off-put. Why upload nude photos to Facebook, indeed? The claim is that they will compute a hash of the image, and store that to prevent future uploads.

    If that is really the case, when why not compute the hash locally on the user's machine, and upload only the hash? Surely that can be done on essentially all modern hardware from cell phone to desktop in a reasonable amount of time.

    --

    Put my fist through my alarm clock with its ding-dong death inside my ear. - The Blackjacks.
    1. Re:Why not compute hash locally? by Anonymous Coward · · Score: 3, Interesting

      We just saw an article related to this. The hash is something like Microsoft's image identifier hash they acquired when they bought... ???...
      It basically works like this.
      Image is resized to a standard size 1020x768 I think
      converted to black and white
      edge detect applied
      at this point Trained AI is supposed to be quite accurate in identifying matching photos
      this works even if you resize the photo or color adjust it

      Seems like there will be gaping holes to be discovered in this method though.

    2. Re:Why not compute hash locally? by swillden · · Score: 5, Insightful

      If that is really the case, when why not compute the hash locally on the user's machine, and upload only the hash?

      Cool. I hate CNN's fake news. I'm going to write a script that takes every image from every CNN story and uploads the hashes. Sharing of CNN stories on Facebook is going to be shut down.

      s/CNN/whatever you hate/

      The obvious corollary here is that Facebook needs not just the hashes but also the original image, so they can determine whether it's a real nude photo. Algorithms can do that pretty well, so Facebook may be able to arrange that no human ever needs to see the image... but there's no way for the uploader to be certain that's what they're doing.

      Also, the "hash" probably needs to be something a bit more image-focused than, say, SHA256. Otherwise any trivial modification of the image would change the hash. So it's got to be something that survives scaling, cropping, resolution changes, watermarking, etc. Which means that if the exact algorithm leaks, people can reverse engineer it to figure out how to work around it. That's another reason they need to do the hashing on their end.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  5. Simpler solution by religionofpeas · · Score: 4, Insightful

    If you don't want your nudes to end up on the internet, don't send them to other people.

    1. Re:Simpler solution by hesiod · · Score: 5, Informative

      Oh. Another idiot. What about the ones others took, without you being aware

      If someone else took the picture and the victim is unaware, the target probably doesn't have a copy to upload preemptively.

    2. Re:Simpler solution by RightwingNutjob · · Score: 2

      Pick better friends and don't get shitfaced, blacked-out drunk and/or high when you go out. Don't expect other people to be sympathetic when your own poor choices come to bite you in that ass you felt the internet just had to see.

    3. Re:Simpler solution by religionofpeas · · Score: 2

      What about the ones others took, without you being aware?

      Oh. Another idiot. You don't have the hash of those.

    4. Re:Simpler solution by Oswald+McWeany · · Score: 2

      If you don't want your nudes to end up on the internet, don't send them to other people.

      Better yet... don't take them in the first place.

      --
      "That's the way to do it" - Punch
    5. Re:Simpler solution by Oswald+McWeany · · Score: 2

      Pick better friends and don't get shitfaced, blacked-out drunk and/or high when you go out. Don't expect other people to be sympathetic when your own poor choices come to bite you in that ass you felt the internet just had to see.

      Meh... Facebook can probably generate a fairly accurate nude photo of anyone based upon their skin tone, and various clothed body photos already taken. If they have enough body shots they can probably have an algorithm generate your body shape under those clothes. They can guess at the colour of your nipples and genitalia by looking at the pigmentation of your lips. (nipple colour supposedly similar to lip colour). Pubic hair colour can be guessed at by hair colour- they can't tell if you shave or not, but probably can accurate guess by demographic. Under 35 you're probably shorn... 35 - 45 you're probably trimmed- over 45 you're probably full bush.

      --
      "That's the way to do it" - Punch
  6. Re:Best idea ever by phayes · · Score: 2

    The prudishness endemic in American society is not universal. Thankfully, I live in a society that does not tie itself in hypocritical knots because a nipple was shown on TV.

    --
    Democracy is a sheep and two wolves deciding what to have for lunch. Freedom is a well armed sheep contesting the issue
  7. Comment removed by account_deleted · · Score: 4, Informative

    Comment removed based on user account deletion

  8. Re:Yeah, about that by Dwedit · · Score: 4, Informative

    There are much better methods of hashing images than stupidly taking a file checksum, such as this one here:
    https://pippy360.github.io/tra...

    This algorithm here does not care about affine transformations applied to the image, so it can be scaled, rotated, skewed, and still be a match.

  9. Re:Yeah, about that by Dwedit · · Score: 3, Informative

    There are image similarity algorithms out there that do not care about the absolute hash of the file, and can detect the same image cropped, scaled, or rotated just fine.
    Here is one such algorithm:
    https://pippy360.github.io/tra...

  10. This doesn't make sense. by Wycliffe · · Score: 3, Insightful

    First off, is there really a problem with revenge porn on facebook and if there is, it would seem that the easiest solution for
    facebook is to block all porn. I've never seen nudes on facebook. I always assumed that it would be against facebook policy
    as facebook is mostly a PG-13 kindof place.

    Second, I would think that facial recognition would be the correct solution. Let someone upload a picture of their face and
    facebook can make sure that that particular face doesn't appear in nudes. An unidentified nude without a face even if someone
    says "this is so-in-so" is pretty harmless as if you can't see the face you could pretty much say it is anyone.

    Lastly, google just came out with facial recognition for dogs so presumably you could also use that same technology for
    tattoos, or specific body parts too.

    But again, I would think revenge porn would be primarily a problem on other services not facebook.

  11. Easy fix by Roger+W+Moore · · Score: 2

    If nobody looks at the image, or, as some have suggested, the hash is computed client side (so nobody would be able to look at the image) it would be ripe for abuse.

    There is a very easy fix for this - the first time the hash matches the takedown requires human approval. This way someone only looks at the image if the image is already uploaded for people to look at and you can't abuse the system by filing takedowns for random pictures. This would even reduce Facebook's work because instead of checking every upload they only have to check ones which match.

  12. Re:And they fall for this? by im_thatoneguy · · Score: 2

    Like audio fingerprinting this isn't a cryptographically accurate hash but more like a song fingerprint in that it only takes a small segment of the image for recognition.

    Of course the real abuse would be to take a picture of the Eiffel tower and watch everyone's uploads fail for a few hours.

  13. Re:Reprehensible by NikeHerc · · Score: 2

    Velociraptor = Distiraptor / Timeraptor

    That signature may be the funniest thing I've ever read on /.!

    I'm assuming, of course, that Distiraptor is a vector and Timeraptor is a scalar.

    --
    Circle the wagons and fire inward. Entropy increases without bounds.
  14. Re:Yeah, about that by tepples · · Score: 2

    The first step of hashing, per the linked article, involves finding keypoints in the image that are still detected as keypoints even in an affine transformed copy of an image. How is this done? Does it involve scale-invariant feature transform (SIFT) or some other feature detection means subject to a United States patent?

  15. Trust by Paradise+Pete · · Score: 2

    If Facebook is more trustworthy than your lovers then you've really made some poor choices in your life.