
The FBI considers FaceApp to be a potential counterintelligence threat [pdf] - anigbrowl
https://www.democrats.senate.gov/imo/media/doc/FBI%20Letter%20to%20Schumer%20re%20FaceApp11.pdf
======
freehunter
I know it's against the rules to tell people to read the article, but I would
encourage everyone to read the article. It specifically says this is a
potential threat to

> _" elected officials, candidates, political campaigns, [and] political
> parties"_

not to the general public. The potential threat is for someone at
Candidate_1's campaign taking selfies with the app, that then uploads them to
Russian servers where the Russian government can see them and can also see
what's in the background (sensitive documents?) or see geo-location from the
app (like how Strava was leaking the coordinates at military bases [1]) or any
number of things a hostile foreign government who has already hacked American
elections once and is planning to do it again might want to do with pictures
that interns/staffers might think are private.

[1] [https://www.theguardian.com/world/2018/jan/28/fitness-
tracki...](https://www.theguardian.com/world/2018/jan/28/fitness-tracking-app-
gives-away-location-of-secret-us-army-bases)

~~~
trhway
>The potential threat is for someone at Candidate_1's campaign taking selfies
with the app, that then uploads them to Russian servers where the Russian
government can see them and can also see what's in the background (sensitive
documents?)

good old days just less than 20 years ago back at Sun when we were strictly
instructed that the computer monitors must be off when the photos would be
taken. How times and basic norms of opsec have changed - these days you just
tweet the straight photo of the classified monitor screen
[https://www.npr.org/2019/08/30/755994591/president-trump-
twe...](https://www.npr.org/2019/08/30/755994591/president-trump-tweets-
sensitive-surveillance-image-of-iran)

~~~
laughinghan
Is President Trump representative of modern opsec norms?

~~~
trhway
i think it is close to it. I mean for example that FBI guy - Peter Strzok -
who led investigation into Clinton's mishandling of emails was himself
officially found in flagrant violations of classified information handling
policies in particular for storing the classified documents on his personal
unencrypted devices, etc.. Somehow i don't think that Strzok is just an
exception at FBI - he spent 21 years there after all - , no, he is just the
one who got caught because he attracted attention (by his anti-Trump and pro-
Clinton text messages on his FBI issued phone while investigating Clinton
emails and Trump-Russia collusion - speaking about opsec again :)

------
rauchp
Looks like the FBI designated FaceApp as a threat because of its crazy data
policy and its Russian origin. Even though I think it's a really shady app,
that's a pretty low bar.

~~~
zkid18
I think FaceApp should be hosted on an AWS-like infrastructure.

Hosting in Russia is expensive and does not provide any advantages, such as
dynamic routing that is crucial for world-wide app. Most developers use it to
comply with Russian standards: you only need to store information about
Russian users on Russian servers. In addition, currently in Russia there are
no good alternatives for reliable cloud neural network inference.

But I can’t understand the negative media about the application, based on the
founder’s country of origin. I argue that this is discrimination because there
is as yet no evidence of breach of confidentiality.

~~~
FDSGSG
>I think FaceApp should be hosted on an AWS-like infrastructure.

>Hosting in Russia is expensive and does not provide any advantages

Hosting in top .ru DCs like Selectel is _vastly_ cheaper than on any AWS-
likes. These are extremely different products though.

~~~
zkid18
You might be right. It's been a while since I tired to migrate to Russian
servers.

------
tehlike
Plenty of chinese apps under "utility" category is flooding the us
consumers...

~~~
walrus01
Notably ES File Explorer was recently removed form the Google play store
because of suspicious behavior. One of the most popular Android file managers.

~~~
desine
I bought microSD reader off Amazon, which has two dongle ends, one USB type A
for a computer, one Lightning, for my iPhone. According to the included
instructions, it required me to download an app (from the Apple app store) to
use on the the iPhone. I didn't trust the App, even with Apple's scans, so I
ended up using it with my already-owned Camera Connection Kit (Lightning to
USB Host) adapter just fine. The name of the app was something very similar,
if not identical, to that name, which is what reminded me of it.

It seems fishy that the Apple provided Files app didn't recognized my SD card

~~~
xnyan
Someone please correct me if I'm mistaken, but this is/was a limitation
imposed by Apple before iOS 13. On iOS 13 (on an ipad pro at least) you can
now access an SD card via files, but before that it was Photos or a bespoke
app from the manufacturer only. I've not tried on an iphone recently.

------
not2b
The article does not match the headline. The FBI letter only calls it a
"potential" threat, meaning maybe it is a threat, maybe not.

~~~
debt
Yes so buyer beware. Russian government currently engaged in global
disinformation campaigns, use app at your own risk.

------
Wissmania
I wonder how many people with a profile picture of their face on their
Twitter/Facebook accounts are seriously concerned about this

~~~
judge2020
Well Twitter and Facebook are American companies so it's obviously _patriotic_
to give them your image and data.

(/s)

~~~
corporate_shi11
It's certainly better than giving your face to sketchy apps from Russia or
China.

~~~
zzzcpan
It's not better to have your face or other data in a database within reach of
your own government. Your government has power over you, other governments do
not.

~~~
borski
Other governments absolutely have power over you, just not always legally.

~~~
ta999999171
Or anywhere nearly as easily, to be fair.

------
JoeCortopassi
There is no threat model for an iPhone app to do nefarious things in an App
Store distributed app on a non-jailbroken phone. At most, FaceApp grabs the
picture you uploaded and some minor meta-data that every app using an
analytics tool (read: all of them) collects.

This is political grand-standing at best, and would be a non-issue if you
replaced the geographic location of the dev team with any other countries

I get it, Russia is the Big-Bad-Boogeyman right now. But if you think for a
second that a real attempt at counterintelligence would publicly come from
such an obvious point of interest, than I have a bridge to sell you

~~~
godelski
The threat model is that this photo is shared with the Russian government and
then the Russian government can match American citizens (or potentially people
working in intelligence), and then using that in facial recognition programs.
I.e. they can differentiate Americans (insert x country) from their own
citizens and know who to watch more carefully.

This is a legitimate threat model. I'm not sure why you think it wouldn't be.
Spies and others do use fake identities. The threat model is that there is
that there is a way to determine who is faking their identities.

~~~
JoeCortopassi
A picture, that has no good associated data about the user, is a real threat?
Heaven forbid Russia figures out how to take pictures in public places

~~~
godelski
> A picture, that has no good associated data about the user

A picture is a username... Are you trying to say that your face isn't personal
identifying identification (PII)? I'm not sure what your argument is here,
because it can't be that. That argument would be absurd, so I'm sure I am
misunderstanding.

------
EGreg
I have seen countries around the world have such a response. Russia freaked
out that the latest Windows phones home, USA freaked out about Kaspersky, and
so on. Russia has set in motion projects to build homegrown Linux based
operating systems etc. I consider all this a good thing.

Why don’t we have the ability to restrict at the OS level which domains an app
can send information to? Then we can finally host backend software locally on
servers of OUR choice.

I would love to see more OPEN SOURCE apps running on servers of our choice,
and communication over mesh networks. In fact I’d love for most functionality
to be client-side and an option for ALL data sent to servers to be end-to-end
encrypted at the OS level. I dont want to have to trust the APP manufacturer
to pinky swear it’s all end to end encrypted. The OS should have a little
badge saying none of the data sent by the app is being sent in a way the
server can decrypt because the OS intercepts and encrypts it with keys the app
can’t get. That may still leave side channels such as timing based information
to tunnel through. But if we restrict what domains the app can talk to, we can
close that loophole too.

That’s what I would love to see ... finally put an end to server side
landlords owning your data just cuz they own the infrastructure!

~~~
JaRail
> Why don’t we have the ability to restrict at the OS level which domains an
> app can send information to?

Ads.

~~~
EGreg
But Apple is a honey badger - it dont care about ads. Their whole
differentiator has become privacy and putting the user first vs apps! Seems
like a glorious feature for them no? Safari already leads the way with
blocking ads and third party tracking cookies.

------
slovenlyrobot
Forgive me for chuckling at law enforcement in by far the world's largest
exporter of consumer malware for treating a single comedy deepfakes app with
so much paranoia and suspicion. How did that common saying go that was bandied
around in our teenage years? Something like the person in a relationship who
fears cheating the most is the one most likely to cheat

~~~
jjeaff
So, your logic is that since the U.S. spies on people, it means they have no
credibility in calling out other people for spying on U.S. citizens?

Seems like a "pot" should have more knowledge than average on which kettles to
call "black".

~~~
slovenlyrobot
I'm not sure where I stated they have no credibility, only that the situation
was deeply humorous

------
haxorito
Russian laws obligates all companies and individuals to provide government
access to any data, hardware or applications upon initial request or better
have backdoor. All information must be stored for minimum 5 years and provided
in un-encrypted form or decryption mechanisms must be supplied.

------
airstrike
> The FBI considers any mobile application or similar product developed in
> Russia, such as FaceApp, to be a _potential_ counterintelligence threat

Seems like the word "potential" is conspicuously missing from the title of the
submission

------
jjn2009
Seems like the only thing uploaded is your picture. I'd be curious to see what
data it actually collects from your phone otherwise but just a photo feels
pretty innocuous

~~~
adrr
Having a database of peoples picture is a huge asset for Russian intelligence.
They can use facial recognition to enhance their visual surveillance efforts.

~~~
jjn2009
Seems like that information is already largely public just not linked publicly
to your phone information.

~~~
adrr
Is there a public database of images of people with names? Police don’t even
have that.

~~~
knzhou
You mean the digital equivalent of a big book full of people's names and
faces? That's an exact description of Facebook.

~~~
adrr
Can Russia buy all facebooks data? How would their intelligence agency get
photos and corresponding names from Facebook?

~~~
knzhou
For almost all people, name and profile picture are set public. It's an
incredibly tiny fraction of all the data, which is why I'm amused at all the
uproar. There really is very little you can do with that information.

------
killjoywashere
Perhaps country of origin should be on the app store? We do this for cheese
and wine and cars. Why not apps?

------
thanatropism
The best measure would be for “good actors” (universities, government research
agencies, the New York Times) to provide a free FaceApp-type app. It’s like a
weekend-hackathon of work and can be prioritized by the app stores.

~~~
pckls
That works in this particular case but is not a general solution. It's not
feasible to have "good actors" rewrite clean versions of software written by
"bad actors"

~~~
thanatropism
I see it like harm reduction of street drugs with something like methadone.
Except the marginal cost is zero, of course.

------
dessant
It's not clear what is the potential threat this specific app introduces. A
nation state can easily perform facial recognition on the majority of the
human race by scraping social media.

~~~
walrus01
Many foreign nation states might have access to like, 500x400 pixel photos of
people. Not 12 megapixel direct front selfie camera taken photos, where the
person is intentionally trying to get the highest quality photo possible.

~~~
romwell
You don't really need high res for face recognition. In fact, the high
frequencies are probably noise that you'd want to remove with a low-pass
filter.

------
kevin_thibedeau
When will the OPM get the same designation?

