Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Facebook Privacy Security Social Networks

Facebook's New Captcha Test: 'Upload A Clear Photo of Your Face' (wired.com) 302

An anonymous reader shares a report: Facebook may soon ask you to "upload a photo of yourself that clearly shows your face," to prove you're not a bot. The company is using a new kind of captcha to verify whether a user is a real person. According to a screenshot of the identity test shared on Twitter on Tuesday and verified by Facebook, the prompt says: "Please upload a photo of yourself that clearly shows your face. We'll check it and then permanently delete it from our servers." The process is automated, including identifying suspicious activity and checking the photo. To determine if the account is authentic, Facebook looks at whether the photo is unique.
This discussion has been archived. No new comments can be posted.

Facebook's New Captcha Test: 'Upload A Clear Photo of Your Face'

Comments Filter:
  • WHY? (Score:5, Insightful)

    by tripleevenfall ( 1990004 ) on Wednesday November 29, 2017 @04:13PM (#55645629)

    Why do Facebook, Apple, and others thing public information (like what your face looks like) is more secure than a private key that exists only in your mind?

    • Re:WHY? (Score:5, Insightful)

      by Anonymous Coward on Wednesday November 29, 2017 @04:18PM (#55645685)

      Because they want to build a comprehensive and, more importantly, up to date image of what you look like for their facial recognition software.

      I'm sure there's some guy out there who gets a massive boner when he thinks about with one hi-res crowd shot of people they can pull sophisticated buying demographics to sell to advertisers.

      • Re: (Score:2, Insightful)

        by Anonymous Coward

        Also they want your location data from photo so they can match you to nearby people.

        I wish there was an option to remove exif when uploading photos from album...

        • utilities do exist. The real issue is that you should not have to strip out private info that you did not ask to insert into EVERY picture.

      • Re: (Score:2, Interesting)

        >Because they want to build a comprehensive and, more importantly, up to date image of what you look like for their facial recognition software.

        With "they" being US intelligence agencies.
      • >"Because they want to build a comprehensive and, more importantly, up to date image of what you look like for their facial recognition software."

        +1

        This has NOTHING to do with security and EVERYTHING to do with gathering yet more information about their users. Hopefully people will take a clue and revolt against such crap.

    • Why do Facebook, Apple, and others thing public information (like what your face looks like) is more secure than a private key that exists only in your mind?

      They're not making any such claim. They're proposing using an image of your face as a captcha, not as a login credential.

      • Exactly. The only captcha that I remember on Facebook is when you are creating a new account or recovering your password.
    • this is going way too far. next they'll put biosamplers in your phones to check your DNA, and it will cost you $50 per login for a replacement sensor.

  • But Hell No!

  • Yeah! It's nice to finally put a face to the name eh??

  • No thanks (Score:5, Interesting)

    by Arkham ( 10779 ) on Wednesday November 29, 2017 @04:17PM (#55645665)

    I get closer and closer to deleting Facebook permanently every day.

    • I know a lot of people that have deleted their facebook account. A few go back after a short while, the rest say they're happier without it.

      • I keep an empty facebook account, just in case I need to see someone else's facebook page.

      • Thing is, though, Facebook is like Pepperidge Farm on steroids.

        They remember. Even if you don't.

      • Re: (Score:3, Informative)

        by jedidiah ( 1196 )

        You can get banned by the Facebook censors over a mild disagreement on some non-controversial subject just because it contradicts whatever the Facebook group think is.

        No need for trolling, flaming, insults, or anything remotely offensive.

        The platform is ultimately self limiting.

        • by Rob Y. ( 110975 )

          You must have an interesting idea of what constitutes "a mild disagreement on some non-controversial subject", given the amount of sheer vitriol I've seen in Facebook comments. Second only to those on Slashdot - except that Facebook commenters aren't as interested as Slashdotters in convincing people that they're smart while they insult them...

    • What makes you think you really can?

    • Why haven't you already? I did it years ago and recommend it very highly.

    • Do it. I did, YEARS ago, and never looked back once. The tipping point for me was the day when I decided I wasn't comfortable with having posts of mine exist that were beyond a certain age, so I went through to delete them. The next day I went back and discovered they had all been un-deleted. So I tried again. The next day they were all back again. That's when it dawned on me what the true nature of Facebook was and that I did not like it one bit. So I deactivated the account. That was about 10 years ago I
      • Since when does Facebook even allow deleting posts? Last time I tried it was either not there or so well hidden the only option appeared to be to just restrict visibility to 'only me'.
        And you never let people take pictures of you? You sound like a fun guy. How long does that policy last before there's no one there to try?
    • >"I get closer and closer to deleting Facebook permanently every day."

      I never even created one in the first place. I know, seems almost impossible, almost incredible. But it is true. I knew it would be like this, even when they first started Facebook. No Instagram, no Google+, no Twitter, no Myspace, etc. And when someone complains that I won't be able to keep in touch with them, I say "Sorry, it has nothing to do with you, I simply will not subject myself to what Facebook requires. Here is my home

  • Obviously (Score:5, Informative)

    by Waffle Iron ( 339739 ) on Wednesday November 29, 2017 @04:17PM (#55645669)

    They can't determine if a photo is unique unless they don't really delete the photo from their servers. (They probably keep a "fingerprint" of the photo, which would be the most valuable part for spying on people anyway.)

    • Where "fingerprint" means "the original photo"

    • They can't determine if a photo is unique unless they don't really delete the photo from their servers. (They probably keep a "fingerprint" of the photo, which would be the most valuable part for spying on people anyway.)

      How difficult is it to slightly modify a picture of a face to make a new "fingerprint". This sounds less about security and more about personal invasion.

      • They can't determine if a photo is unique unless they don't really delete the photo from their servers. (They probably keep a "fingerprint" of the photo, which would be the most valuable part for spying on people anyway.)

        How difficult is it to slightly modify a picture of a face to make a new "fingerprint". This sounds less about security and more about personal invasion.

        Probably as a way to increase their ability to automatically tag/identify you in other photos.

      • It would be pretty funny if people started all using a slightly munged photo of Mark Zuckerberg.

    • I think you missed the point. They aren't saying the photo is unique to any you used before. They mean the photo is unique form anything indexed on the web. Most people who design bots have the bots steal photos from online for account creation purposes. They just search google images for "young woman" or "young man" and use a random image from the results. Google images and services like Tineye already have reverse image search capability. This just taps into that and checks to see if the image was just ta
    • Give me an image file, and I can generate an SHA hash for it that is relatively unique. Then I can delete the file. I can then compare other hashes for other pictures without having the original picture, or even being able to recreate the picture. But now that begs the question, why can't I just provide the hash generated from a client side app without passing the actual image? As a dev, my spidey sense is tingling - they want the pictures for something other than just the stated reason.
      • Give me an image file, and I can generate an SHA hash for it that is relatively unique

        Can you make it so that two different pictures of the same person result in the same SHA hash ? If not, it's useless.

  • by Maxo-Texas ( 864189 ) on Wednesday November 29, 2017 @04:21PM (#55645699)

    Jeez.

    Facebook has been caught lying and engaging in dubious behavior dozens of times and the founder says you have no right to privacy (but zealously protects his own privacy).

    Wake UP!

  • Clash of the bots... (Score:4, Interesting)

    by Freischutz ( 4776131 ) on Wednesday November 29, 2017 @04:21PM (#55645705)
    I'm going to enjoy seeing that thing clash with this one: https://tech.slashdot.org/stor... [slashdot.org]
  • Reporter: Thus solving the problem once and for all.
    Little girl: But...
    Reporter: ONCE AND FOR ALL! [youtube.com]

  • CAPTCHA is evaluating your intelligence, if you upload your photo you fail (I mean you can enter glorious facebook).
  • by cstacy ( 534252 ) on Wednesday November 29, 2017 @04:28PM (#55645763)
    My FB account had about six "friends" on it: immediate family members. Didn't ever post anything or upload any information, just looked at photos they posted, pressed Like sometimes, and occasional IMs. I got this "upload a photo" roadblock, although it also said it was going to compare it to my Profile photo to make sure it was me. I didn't have any Profile photo, of course, so that's bullshit. Tried logging in three more times over the course of three weeks. Yesterday tried again, but the account has gone from suspended to terminated.

    They said it was for "suspicious activity". (Of which of course there was none.)
    I say it was because I failed to upload content for them to monetize.
    Interesting business decision.

    • Wow! That is how you get your account Deleted! Very nice to know. My understanding was that Facebook never deletes the account. No matter how hard you try.
      • by cstacy ( 534252 )

        Wow! That is how you get your account Deleted! Very nice to know. My understanding was that Facebook never deletes the account. No matter how hard you try.

        I am sure they don't delete all the information that they collected, but the account is "deleted" in the sense that its existence and content is no longer seen by other users (like Deactivation) and you can never log into it again.

    • Did you know anybody can say anything on the Internet?
  • by wolfheart111 ( 2496796 ) on Wednesday November 29, 2017 @04:30PM (#55645775)
    Then upload it to facebook and get access to the account? Is that how this works?
  • by billrp ( 1530055 ) on Wednesday November 29, 2017 @04:30PM (#55645783)
    TFA says FB will hash an image and then delete the original. But to implement a similarity metric with previous "hashed" images of the same person, they will need a distance function that works on hashed values of all the photo's features that they capture. Unless they have conquered homomorphic encryption, FB will likely need to reverse the hashed features and then do similarity measures with previous photos, and will also be able to reconstruct "deleted" photos.
    • >"TFA says FB will hash an image and then delete the original."

      Does anyone really believe that? It is like thinking that if you are fingerprinted for some stupid reason it ISN'T going to end up in every local, state, and national database out there and be searched and compared to every time they have suspect print to run.

  • Yeah, fine, this is meant to stop bots. Whatever.

    What's keeping me from uploading a picture of someone else if I'm asked to? More to the point, how do they know it's a picture of me?

    Same applies to bots. Yes, I'm completely and earnestly sincere in my belief that this will wholly stop bots from placing advertisements. At least until the people that run the bot networks find a workaround. You know, just like with other CAPTCHA methods.

    I'm certain that Facebook has taken into consideration that people who run

  • I will not comply.
  • by Tempest_2084 ( 605915 ) on Wednesday November 29, 2017 @04:37PM (#55645853)
    Facebook kept badgering me for years to give them my phone number 'just in case' to which I repeatedly said no. Finally they stopped bugging me about it and all was good for a few weeks. Then I got a new notice that said 'help verify that this is your number and keep your account up to date'. Lo and behold that was indeed my phone number, but I never gave it to them. I don't know where they scraped it from, but they got it. That left me creeped out for a long time and I considered closing my account. In the end I kept it, but I watched what I posted and really dropped my usage. If I get this prompt I'll drop it completely. I'm not a social media junkie, so I'll live. In fact the only reason I'm still on it is for a few interest groups that I'm involved with who moved to FB (terrible decision) and so my family can tell me who died and who had a kid. Both of which I could live without.
  • Clearly a job for the morphing apps.

  • ...I'm looking forward to them deleting my account ...finally.

  • Since the day they asked me for 'my real name' instead of a pseudonym my friends and family know, even threatening me with blocking my account.

    "Fine". I told myself, and proceeded to promptly close my account and never looked back.

    Seems like it isn't getting any better of late.
    • by jedidiah ( 1196 )

      Since they can ban your account for trivial violations of their group think, the value of having only a single account linked to your true identity is very limited.

      They also seem to be the anti-slashdot. The most trollish responses get the most attention. So off topic nonsense gets filtered to the top and useful stuff gets hidden.This is strangely contradictory to their complaint/moderation polices.

    • They pulled that crap with me a few months back, so I dutifully fabricated one of the accepted documents for proof displaying my pseudonym and they reactivated my account. I would've let them keep it suspended forever if I weren't required to stay in touch with a group that had the bad sense to plop its home down on FB instead of some other host that is less imposing.

  • Wait.

    You mean FB, the company that vacuums up everyone's personal and private information... is going to require us to GIVE THEM ADDITIONAL private information every time they want you to "prove" you are yourself? They're going to have an entire compilation of your same face, with different lighting angles, different positions/age/makeup/etc.

    I'm honestly at a loss for who is more evil at this point. Uber, Google, or Facebook.

    • Facebook, by far.

      There are alternatives to Uber.

      Google doesn't seem to have the same insidious nature as FB and indeed has alternatives.

      But FB enjoys the network effect that no other platform can duplicate; if you're not on FB you are "missing out". I could start another FB replacement tomorrow, but nobody would be on it, therefore it would provide no value and would therefore attract no users.

      FB is like those creatures left behind by The Shadows on Babylon 5 that would infiltrate your nervous system, watch

    • You buy a gaming console for some child, and they require you to create an email account for it - which is a bad thing on its own. Then, 24h after that account was created, they say it's "temporarily suspended" and demand a private mobile phone number to send you a "verification code". This is just the same crap: Corporations trying to bully you into giving them sensitive private information. (And so the console was returned to the person who brought it as a gift, and ultimately returned for a full refund.)
  • I mean, there's already plenty of good quality pics [google.com] I'd be willing to upload.
    • I was thinking that a retouched version of the old Slashdot link trolling picture would be optimal.

  • Kodachrome (Score:5, Funny)

    by jabberw0k ( 62554 ) on Wednesday November 29, 2017 @05:07PM (#55646113) Homepage Journal
    A new photo of me? I'll have to wait a week to get this film developed, and then go to Walgreens to have it scanned so I can put it on a usb stick to bring it home. Right sure.
    • For people without immediate access to digital cameras, they'll provide a phone number so you can just hold your face up to a fax machine...

  • Bullshit. FaceBook has a proven record of lying.
  • May soon? It's already happened.
    I just made a new account in September for business use, and before I had time to even put any photos or information in, they locked me out of my account and demanded a photo of my face to verify my identity.
    How could that possibly work, when I hadn't even uploaded a picture to compare it to? 3 days later they finally unblocked the account, but then proceeded to do it 4 more time, each taking an extra day to unlock.

    There also seems to be more going on, since I edited on
  • I'll be happy to upload more photos, there are plenty on the wayback machine- www.goatse.cx.
  • Remember, remember, the 18th of May, not November
    The 2012 "You have no privacy" plot
    I know of no reason why Zuckerberg's season
    Should NOT be killed off and forgot.

    That's the IPO date by the way.

    https://en.wikiquote.org/wiki/... [wikiquote.org]

  • by HalAtWork ( 926717 ) on Wednesday November 29, 2017 @05:43PM (#55646415)

    What exactly is stopping anyone from uploading them photos that were morphed between two existing images? This can easily be automated.

  • Not just because of this.
    But because the sheer, unbridled stupidity emanating from the platform is starting to affect people I see as friends.
    And I don't want to witness it.

    • You can't delete your profile. You can only delete your access to it.
      Facebook will keep gathering data on you via other users though.

  • "we'll delete the picture"

    Jesus Christ. Son of Josesph and Mary, holy son of God, etc, I am invoking the name of a sacred figure because at least you guys should know that means jack, shit, and diddly fuckall.

    They'll use it to cross-reference the rest of their massive data, validate associate collaborate in ways we can't possibly predict. Cuff Example: Code that makes soft conclusions re: ancestry, marking potential associations by facial data that relate well with genetics.

    They're use it to store everythin

  • But keep the metadata for future facial recognition of you in other people's photos.

  • "We'll check it and then permanently delete it from our servers". Bullshit.
  • How long until they combine this with their "anti-revenge porn" scheme? Where you'll have to upload a new nude picture every time you log in. They'll be sure to delete them, after the admins have verified the identity of the user ("yup, they got a mole in the right place"), and checked the ownership of the photos.

    (FB - this is not a suggestion, btw).

    This is the sort of thinking that comes from living too long inside a bubble - with double-thick, clue-proof walls.

  • Dear Facebook (Score:5, Insightful)

    by nuckfuts ( 690967 ) on Wednesday November 29, 2017 @07:02PM (#55646967)
    Here is a recent photograph of my naked ass. Please apply lip marks and return it to me for verification.
  • by dizzy8578 ( 106660 ) * on Wednesday November 29, 2017 @08:04PM (#55647297)

    Will never get back in their account.

IN MY OPINION anyone interested in improving himself should not rule out becoming pure energy. -- Jack Handley, The New Mexican, 1988.

Working...