Skip to main content
  1. Home
  2. Emerging Tech
  3. Social Media
  4. News

Your Facebook photos could be betraying important biometric data

Add as a preferred source on Google

Americans aren’t yet sold on biometrics when it comes to their digital security, and now, it looks like there’s good reason behind their skepticism. At the Usenix security conference earlier this month, researchers in the security and computer vision fields from the University of North Carolina suggested that all it takes to get past certain facial recognition technology is some Facebook stalking and 3D rendering.

In conducting its research, the UNC team gathered photos of 20 volunteers from online sources — think your Facebook page, LinkedIn profile, and the like. Researchers then created 3D models of the subjects’ faces, added facial animations, and slightly adjusted their eyes to look directly at the camera. If they didn’t have photos that showed a volunteer’s full face, they improvised, recreating the missing parts and even embellishing with shadows and textures. Even though some of the subjects were remarkably hard to track down online (being security researchers themselves), the UNC team was able to use just a few low-resolution photos to create a model accurate enough to fool some facial recognition systems.

Recommended Videos

In fact, the scientists met with success in four out of the five systems they tried to hack. “We could leverage online pictures of the [participants], which I think is kind of terrifying,” said True Price, a study author who works on computer vision at UNC, in an interview with Wired. “You can’t always control your online presence or your online image.” And apparently, that means that your biometric data is virtually up for grabs.

All five of the systems tested — KeyLemon, Mobius, TrueKey, BioID, and 1D — are available on the Google Play Store and the iTunes Store. While Google previously warned that similar software “is less secure than a PIN, pattern, or password,” as “someone who looks similar to you could unlock your phone,” it may be even easier than previously thought.

You can check out the full details of how the UNC researchers pulled off their hack in their paper, published here.

Lulu Chang
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Researchers hid a prompt injection inside a PNG, and AI fell for it
Hacker

AI coding assistants like Claude are becoming every developer's favorite coworker. They can review code, explain confusing functions, and even write entire features with a single prompt. But new research suggests that this growing trust could also become their biggest weakness.

A team of security researchers (professor Sudipta Chattopadhyay and researcher Murali Ediga) has demonstrated an unusual attack that doesn't target the AI model directly. Instead, it targets what the AI doesn't pay enough attention to during code reviews. Rather than hiding malicious instructions in lines of code, the researchers tucked them inside an image file. Since many AI review tools treat images as decorative assets rather than as something worth inspecting, the pull request can appear perfectly harmless and sail through the review.

Read more
AI has already fallen into the wrong hands and they’re using it to make bombs
Logo, Text

Artificial intelligence has quickly become the go-to tool for everything from writing emails and summarizing meetings to helping students study or developers debug code. But the same technology that saves people time can also be misused, and a new report suggests that terrorist organizations are finding ways to do exactly that.

According to a research paper shared with The New York Times ahead of its publication, researchers found evidence that members of Boko Haram have been using popular AI chatbots to support both day-to-day activities and combat-related tasks. Interviews with 27 former members conducted in Nigeria over the past two years suggest that tools such as ChatGPT, Gemini, Claude, Grok, Meta AI, and DeepSeek were used to gather technical information, troubleshoot weapons, and even assist with planning attacks.

Read more
Claude Code can now browse the web without opening Chrome
The desktop app now includes an in-app browser that can read websites, click links, and interact with web apps.
Claude Code Featured

Developers spend a surprising amount of time bouncing between their code editor, browser tabs, API documentation, GitHub issues, and design files. Anthropic thinks Claude Code should simply do all of that without constantly asking users to switch windows. The company has announced a new in-app browser for Claude Code on desktop, allowing its AI coding assistant to open websites, read documentation, inspect designs, and interact with web pages directly from within the application.

A browser built into Claude Code

Read more