>"elected officials, candidates, political campaigns, [and] political parties"
not to the general public. The potential threat is for someone at Candidate_1's campaign taking selfies with the app, that then uploads them to Russian servers where the Russian government can see them and can also see what's in the background (sensitive documents?) or see geo-location from the app (like how Strava was leaking the coordinates at military bases ) or any number of things a hostile foreign government who has already hacked American elections once and is planning to do it again might want to do with pictures that interns/staffers might think are private.
It feels like a boy scout camp rather than government then. The same for a bunch of emails that ‘interfered’ with true democratic elections. If your organization is so fragile that revealing a tip of your pants makes everyone wonder if they are clean, then maybe that is what needs to be fixed, not someone who posts pictures of it to the internets (in this case provides a REST API for you to do that). However evil my country’s govt will ever be, the level of this nonsense is pushing the heliopause.
(1) Or any human for that matter
(2) I am an American
It's not against the rules at all, so thank you for the encouragement! I will go read the article.
What the guidelines warn against is something different: Please don't comment on whether someone read an article. "Did you even read the article? It mentions that" can be shortened to "The article mentions that."
For example, I already have a database of high value target's faces built from political sources like house.gov. Now I do facial recognition between that set of faces and the FaceApp faces. That allows me to identify the specific devices used by government officials. That would seem to be super valuable for more targeted attacks and/or pairing with other apps for potential kompromat.
I knew someone volunteering for a senate campaign. They noted their personal email suddenly had what looked like a lot of spear phishing type emails.
But that is NOT what it says at all.
I can't emphasise how misleading this summary is! The exact quote is:
> If the FBI assesses that elected officials, candidates, political campaigns, political parties are targets of foreign influence operations involving FaceApp [then the the FBI would investigate].
Note that "IF"? That puts a pretty different spin on it to your interpretation!
Separately, it says:
> The FBI considers any application or similar product developed in Russia, such as FaceApp, to be a potential counter-intelligence threat.
@dang - I think that the current headline "FBI designates FaceApp as counterlintelligence threat" as misleading. "Designates" implies something like being added to an official list (like a sanctions list or something). A better headline would be "FBI responds to congressional query on FaceApp" or "FBI considers all Russian-built apps counterintelligence threats"
Not misleading at all. I don't know why so many people are reading this so wrong, it's not a long letter. The Senate asked the FBI if this app was a threat to US politicians, the FBI said it could be but they don't see it being exploited at this time. If that changes, the FBI will intervene. Pretty simple to understand as long as you read the words that were written.
In the letter it speaks separately about FaceApp specifically (~"no known campaigns") and general potential threats (~"anything developed in Russia"). Your summary combines a quote from the "no known campaign" and the "anything developed in Russia" bit to say something they never said.
Specifically the letter says the FBI will investigate any foreign influence operations involving FaceApp aimed at officials.
Your version turns that into a claim that the FBI says FaceApp is only a potential threat to those officials. The letter doesn't say that at all.
Additionally you make up a bunch of stuff around the threat model that you claim the FBI sees. ("The potential threat is for someone at Candidate_1's campaign taking selfies with the app, that then uploads them to Russian servers where the Russian government can see them and can also see what's in the background (sensitive documents?) or see geo-location from the app (like how Strava was leaking the coordinates at military bases ) or any number of things a hostile foreign government who has already hacked American elections once and is planning to do it again might want to do with pictures that interns/staffers might think are private.")
Again, this letter doesn't say or imply that. In-fact, the foreign influence operations may imply that the FBI is more concerned about foreign adversaries using the politician's likeness (eg for "Fake News" style videos or something).
good old days just less than 20 years ago back at Sun when we were strictly instructed that the computer monitors must be off when the photos would be taken. How times and basic norms of opsec have changed - these days you just tweet the straight photo of the classified monitor screen https://www.npr.org/2019/08/30/755994591/president-trump-twe...
There was also a photo from the Iranian Nuclear agency and it had photos of their systems and software on their website or something and it was scraped for info prior to Stuxnet.
MacAfee let some "Wired" photog take a digital photo without ensuring geotagging was disabled or removed from the metadata when he was prancing over Belize as he was escaping some plot to frame him.
Those lapses happen.