Facebook image spying

Any other tech-related topics
Message
Author
User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Facebook image spying

#1 Post by webfork »

https://techstartups.com/2019/07/13/fac ... -download/

So it was revealed recently (to no one's surprise) that Facebook/Whatsapp/Instagram add data to photos that let them track the photo. There are certainly image recognition tools out there (some on this site for finding dupicate files) but running them on every photo posted to Facebook is very CPU intensive. The added data makes image tracking trivial.

Also a more basic example of stenography.

Anyone have an idea how to remove this? I'm thinking:

1. Open a hex editor
2. Somehow track down that string (I can't tell what makes it special)
3. Delete string, save, and check result.

Bonus points if you can figure out how to strip anything from a file that isn't specifically graphics data. Alternatively, points if you can figure out how to add false data.

---

As always, help move this along by deleting your facebook/whatsapp/instagram accounts.

TalkOrBell
Posts: 36
Joined: Fri Jul 19, 2019 9:52 am

Re: Facebook image spying

#2 Post by TalkOrBell »

Don't think there is such a thing as deleting a facebook account....My wife tried years ago but it never worked...Even today info still there online...

I never tried because I never ever signed up...Facebook pretty much a government op for data mining.

Best advice I can give is to never sign up on any of these large-popular sites and don't put info online...remain anonymous whilst you can.

That's the short version as there is so much more & far-reaching....

User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Re: Facebook image spying

#3 Post by webfork »

TalkOrBell wrote: Sun Jul 21, 2019 1:02 pm Don't think there is such a thing as deleting a facebook account....My wife tried years ago but it never worked...Even today info still there online...
It's certainly true that the data doesn't go away, but if you can remove yourself, you chip away at the illusion that "everyone uses it" and the notion that its useful. A lot of what makes Facebook/Whatsapp/Instagram work now is just inertia -- people think they HAVE to use it to stay in touch, find customers, or interact with others. People quitting means other, less evil and inept tools can flourish. I suspect it's why Facebook/Twitter are so afraid to ban groups of abusive users -- the more people leave, the closer you come to becoming another member of the social media graveyard.

User avatar
Midas
Posts: 6705
Joined: Mon Dec 07, 2009 7:09 am
Location: Sol3

Re: Facebook image spying

#4 Post by Midas »

You can whatever you want as long as you take appropriate precautions, IMHO. :|

Be wary of ANY info submitted, no matter what the TOS says.

I have been on FB for years, mainly because most of my friends are. I have used an alias since the beginning and to this day they don't have any phone number of mine.

Plus, it's really though to subvert such a behemoth from the outside. Be aware that it tracks even those people that aren't members -- case in point, this recent tracking debacle...


Specular
Posts: 443
Joined: Sun Feb 16, 2014 10:54 pm

Re: Facebook image spying

#5 Post by Specular »

Midas wrote: Mon Jul 22, 2019 4:14 amI have been on FB for years, mainly because most of my friends are. I have used an alias since the beginning and to this day they don't have any phone number of mine.
One thing just generally that I think doesn't receive enough discussion in such topics is how other users can 'leak' information in non-direct ways about those who may have intentionally kept such info from a site/service.

Example: a user is careful to not provide their real phone to a site, or permit an app to allow it to grab contacts, yet someone from their contact list—without them knowing—permits an app to grab all contacts from their phone, including that user, unbeknownst to them. Concerning is this could happen via any number of apps that frequently request such info, I read that Viber for example when users grant that permission upload contact details in plaintext, not merely a hash.

Something similar to the above occurred recently for an investigative journalist who kept a low profile IRL and online (their name isn't discoverable to be linked to the company they work for, even), where some person they had interviewed had tagged their unlisted phone number to a private number revealing service/app, with her name and which company she worked for. She only discovered this when after entering a taxi in Africa the driver said "So… you work for <companyname>?". She was taken aback.

User avatar
Midas
Posts: 6705
Joined: Mon Dec 07, 2009 7:09 am
Location: Sol3

Re: Facebook image spying

#6 Post by Midas »

Yep, I saw that that article about the outed journalist. That is a far more serious concern than my puny personal case.

I went through some of that back in the day, when an acquaintance decided to share his phone-book with FB as way to locate "friends". Luckily for me, the phone number was outdated, but there was an email address attached that subsequently got spammed with requests and similar bait. As that was a secondary address, created just for that, I summarily deleted it. In more recent times, LinkedIn has relied heavily on similar dubious marketing ploys.

In another episode, as I happen to have a relative that is in law enforcement, I once addressed her by her official title on FB. She immediately got back to me and asked (very nicely) for me to remove that mention, even though she's registered with her real name. Which I promptly did.

Pitfalls abound. But then there's no such thing as absolute security.

Marc
Posts: 165
Joined: Sun May 15, 2011 6:06 pm

Re: Facebook image spying

#7 Post by Marc »

Is there any friendly local app or browser addon to scramble the code?
Closest I found is this https://fbmdob.watzon.tech/?source=post ... ----------#/
Do note I haven't tested nor trust it

User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Re: Facebook image spying

#8 Post by webfork »

Marc wrote: Wed Jul 24, 2019 1:32 pm Is there any friendly local app or browser addon to scramble the code?
Closest I found is this https://fbmdob.watzon.tech/?source=post ... ----------#/
Do note I haven't tested nor trust it
Great find. I do wonder why he doesn't just erase it, but I do like the idea of scrambling. I do wish it was a bit clearer in terms of a before and after and that it would do more than one image at a time.

Anyway, thanks for that -- I'm a lot further along on this than I was yesterday.

Specular
Posts: 443
Joined: Sun Feb 16, 2014 10:54 pm

Re: Facebook image spying

#9 Post by Specular »

webfork wrote: Wed Jul 24, 2019 4:46 pmGreat find. I do wonder why he doesn't just erase it, but I do like the idea of scrambling. I do wish it was a bit clearer in terms of a before and after and that it would do more than one image at a time.
Github wrote:Why not just remove the instruction completely you ask? Because, removing the instruction does nothing to Facebook. They just lose one of millions of tracked images. But replacing the hash with a new one may just fuck with their algorithm
:)

So I looked further into this and found that the IPTC header they add is something that can be removed with any decent IPTC tag editor (eg: ExifTool). Had initially expected it would be more stealthy requiring hex editing but apparently not. Tried ExifToolGUI from our PFDB but found it couldn't selectively remove individual tags for some reason.

For ExifTool you'll want the standalone' version (second download link from top), and to rename it exiftool.exe.

The tag Facebook uses for this is 'SpecialInstructions' (with the value beginning with 'FBMD'). Other tags that some have thought to be related to Facebook's tracking are 'Original Transmission Reference' tag (not found in the images from Instagram I used to test) and 'Current IPTC Digest' (which is an MD5 checksum of all the existing metadata). However in my searches the 'Current IPTC Digest' isn't actually a tag within image files but rather is generated at the time of file read by ExifTool when viewing tag info.

So what can be used to remove those two tags is the following. This assumes that exiftool.exe is located in the directory you launch the command prompt from (able to be done by either Shift+Right-clicking on an empty area within the directory it's located within and selecting 'Open Command Prompt Here', or selecting File Explorer's directory path field below the directory window titlebar and typing cmd).

Code: Select all

exiftool.exe -P -overwrite_original -IPTC:SpecialInstructions= -IPTC:OriginalTransmissionReference= <file>
Where <file> is just a placeholder for the actual full path of the image file to change (easiest way is to drag it into the command prompt window). -P preserves the original file's date modified/created timestamps (not the EXIF photo taken timestamp but the physical file's timestamp). -overwrite_original simply prevents the tool from automatically creating a backup copy of the original file as it would normally do by default.

After running ExifTool will state whether the file has been updated. The above command could be used for a SendTo shortcut, available to any file via a right-click, or could also be adapted into a batch script for multiple files (and could probably replace the tag with noise) but just wanted to show how offline tools can also remove the tags.

Edit: updated since I re-tested and found the -P option also preserves the date created timestamp not just the date modified.

TalkOrBell
Posts: 36
Joined: Fri Jul 19, 2019 9:52 am

Re: Facebook image spying

#10 Post by TalkOrBell »

I would not bother with any of that...Pointless is what I mean.

The internet was not designed for our enjoyment or to further business-communication. It was designed to spy on us...While you are on the net in any capacity your every keystroke is recorded...

This is why it was called the 'World-Wide Web' in reference to a spider's web...A spider draws its prey INTO ITS WEB! Thus using the net you are already the prey...

The net is actually a product of DARPA who also gave us the computer mouse. DARPA had the internet back in the 60s & 70s long before the 'hippy story' of internet envisioning came along...

The DARPA internet consists of fiber optic cabling (Yes, back THEN) ran through the underground tunnels & bases that are everywhere under our feet. These are ran up to ground level at numerous places throughout the country (and others). Local service providers hook into these hubs for your internet service.

When the DARPA internet was running TPTB discovered that DARPA users would 'chit-chat' not knowing they were actually being recorded. THUS the idea sprang to give the rest of the world the 'WEB' to spy on all our 'chit-chat' when computers had come of age.

If this were not true you would've seen crews starting back in at least the early 80's burying or stringing up internet lines. Nope...When the net was ready it was just 'there' and wow...Nobody asked 'How did this happen so fast?'

OK...We're that friggin' far...

Next well we need to encourage people to put more info online...Thus blogging was encouraged or 'web logging' like anybody else gives a damn...It worked but not good enough...

So then we started getting garbage like facebook...So not just upload your 'blogging' but all your pics too in a friend environment and many clamored...

You know the story on all that...

Computers & OS had to change as well as they want to access your machine too. The last windows OS to have NO backdoor was windows 98. The newer you go the more open backdoor you have. Also make computers very powerful & cheap & we don't want people removing that battery so we can access data 24-7 so lets build batteries into the laptop...Like an MP3 player. No more need for a wifi switch we want that on all the time too...Let's not forget to have a webcam mounted on the screen so we can get a user snapshot...Don't worry there will be no indication of this activity...

Finally to finish it off lets create the ultimate spyware OS known as windows 10 & lets FORCE INSTALL it on computers & hopefully computers that have the TCPModule which is the complete 'spread wide open' backdoor. Now your entire HDD can be copied in less than 60 seconds, any aspect of your machine studied or modified even if it is OFF. But we must make it LOOK like this TCPModule can be firewalled even though we made it so it can NEVER be firewalled...

There...I justs did you all a solid with this short version...

User avatar
SYSTEM
Posts: 2041
Joined: Sat Jul 31, 2010 1:19 am
Location: Helsinki, Finland

Re: Facebook image spying

#11 Post by SYSTEM »

Quit with conspiracy theories.
TalkOrBell wrote: Sat Jul 27, 2019 3:25 am If this were not true you would've seen crews starting back in at least the early 80's burying or stringing up internet lines. Nope...When the net was ready it was just 'there' and wow...Nobody asked 'How did this happen so fast?'
Internet connections originally utilized existing phone lines (copper wires), not fiber-optic cables. That's why crews weren't burying "Internet lines" back then. (Besides, your timing is off. The WWW became available to the general public in August 1991. There wasn't much reason to offer Internet connections to the general public until the end of 1980s.)
TalkOrBell wrote: Sat Jul 27, 2019 3:25 am Now your entire HDD can be copied in less than 60 seconds
And how does that work? Even HDD read speeds aren't fast enough for that, let alone your Internet uplink.
My YouTube channel | Release date of my 13th playlist: August 24, 2020

User avatar
Midas
Posts: 6705
Joined: Mon Dec 07, 2009 7:09 am
Location: Sol3

Re: Facebook image spying

#12 Post by Midas »

Plus, the protocol the Web relies on was actually developed by a British scientist while working at the European Nuclear Research Center (CERN): https://en.wikipedia.org/wiki/Tim_Berners-Lee

Fuzzify-me (AKA Facebook-Cleaner), a Firefox addon might be relevant here, although not specifically geared for image processing:

A browser extension that helps you understand how advertisers target you on Facebook. With one click, the tool automatically runs a housecleaning, denying advertisers access to all the categories Facebook is constantly generating about you. In the Ads Stream you can keep track of what categories have been cleared out and what targeted ads you're seeing over time.
addons.mozilla.org/en-US/firefox/addon/fuzzify-me/ <- Link dead, as noted by webfork below.


BTW, JPEG & PNG Stripper is in TPFC's database (https://www.portablefreeware.com/?id=414); I have used it a number of times and it worked fine. Haven't tested it for this particular purpose, though.

User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Re: Facebook image spying

#13 Post by webfork »

Midas wrote: Wed Jul 31, 2019 4:01 am fuzzify-me ... A browser extension that helps you understand how advertisers target you on Facebook.
The link mentioned in Midas' post died for some reason (unclear why as the devs are still using that same link) but the website is still online, along with their github page:

https://chupadados.codingrights.org/en/fuzzifyme/
https://github.com/d4t4x/facebook-cleaner

levitaylor
Posts: 2
Joined: Mon Aug 28, 2023 6:50 am
Location: United State

Re: Facebook image spying

#14 Post by levitaylor »

Is there a reliable way to remove the added tracking data from facebook, whatsapp, instagram images using a hex editor or any other method, and is it possible to add false data to obscure the tracking information?

User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Re: Facebook image spying

#15 Post by webfork »

levitaylor wrote: Mon Aug 28, 2023 10:48 pm Is there a reliable way to remove the added tracking data
I haven't seen anything on this in the years since the topic appeared. Unfortunately my best advice is to not use any Facebook properties, including Whatsapp, Instagram, Metaverse, Threads, etc.

Post Reply