Tech-Ex: Facebook and facial recognition can be used to hack your SSN

It’s been known since 2009 that the Social Security system has a huge security flaw: social security numbers are predictable if you know a person’s hometown and date of birth (it’s even used as a selling point by LifeLock). Now a new study by Carnegie Mellon University has determined that facial recognition software along with social media profile can be used in another end-run around the “randomness” of your social security number.

Alessandro Acquisti, the CMU professor who pointed out the 2009 security hole, headed up the team that found the new one. Acquisti’s research team, which included CMU postdoctoral fellows Ralph Gross and Fred Stutzman, used off-the-shelf facial recognition software (PittPatt, recently acquired by Google), cloud computing and publicly available information from social network sites to break through the security in social security.

The results of the study will be discussed in detail at Black Hat Security Conference in Las Vegas, later this week.

The key, it seems, is a searchable Facebook profile with a photo. If the profile from that profile had a person’s hometown and date of birth, they could then exploit the 2009 security hole, which relies on a change made by the Social Security Administration after 1987 that made it easier to predict SSNs.

In one test, the researchers used a set of data mined from Facebook, as well as PittPatt to search “anonymous singles” on a dating website. They were able to match 15 percent of the “singles.”

In a second test the researchers used a webcam to take photos of CMU students, and then asked the 93 who were participating in that part of the study to take an online survey. 42 percent of those participants were linked to their Facebook profiles.

Once again, with a link to their Facebook profile, given the hometown and date of birth information in their profile, the researchers could use the 2009 SSN security hole.

Acquisti and his team were able to predict the first five digits of a subject’s nine-digit Social Security numbers 27 percent of the time, in just four tries. “The chain of inferences comes from one single piece of anonymous information—somebody’s face.”

In addition, the CMU researchers built a smartphone application which demonstrated the ability to make the same personal “inferences” in real-time. The application uses online and offline data along with “augmented reality” technology to overlay personal and private information over the subject’s face on a device’s screen.

In a press release, Acquisti said, “Ultimately, all this access is going to force us to reconsider our notions of privacy. It may also affect how we interact with each other. Through natural evolution, human beings have evolved mechanisms to assign and manage trust in face-to-face interactions. Will we rely on our instincts or on our devices, when mobile phones can predict personal and sensitive information about a person?”

Exclusive: Obama may cut Social Security, Sanders tells Raw

One-year payroll tax holiday key to toppling seniors’ safety net, Sanders warns

berniesanders Exclusive: Obama may cut Social Security, Sanders tells RawSocial Security may be on the White House chopping block, a US Senator recently told Raw Story, expressing deep uneasiness about President Barack Obama’s noncommittal attitude toward staving off cuts to the cherished program.

“I have to tell you, I have been on the phone to the very, very, very highest levels of the Obama administration, and the responses that I am getting are not assuring,” Sen. Bernie Sanders (I-VT) said in an exclusive interview. “What I’m told is that no definitive decisions have been made on the issue of Social Security – I expect that is probably true.”

Progressive activists, fearing that the holy grail of American liberalism could fall prey to a bipartisan deal on Capitol Hill, have launched a campaign to pressure the White House and Congress to oppose cuts. And Sanders has stepped up as their champion in the Senate, confirming their concerns based on knowledge drawn from his relative proximity to the president.

“What I’m hearing does not reassure me – that we have a president who is not prepared to defend the heart and soul of what the Democratic Party has been about since Franklin Delano Roosevelt,” said Sanders, a self-described democratic socialist.

The independent from Vermont on Friday wrote to President Obama urging him stick by his campaign promise and oppose cuts in Social Security benefits, as Washington debates ways to cut the national debt.

Sanders cited as one cause for concern the president’s decision to appoint two longtime “foes” of Social Security, Alan Simpson and Erskine Bowles, to co-chair his deficit commission, which proposed trimming the program’s payouts by increasing the retirement age.

Obama “could have said that’s not on the table,” Sanders said. “He didn’t say that.”

But much more disconcerting, the senator added, was the tax deal the president struck with Senate Republicans last month, which included a one-year cut in the payroll tax – the source of Social Security’s funding – from 6.2 to 4.2 percent. Obama previously argued the compromise was necessary to prevent a tax hike on middle class Americans.

“I believe very strongly that it will be very, very difficult to undo this one-year program,” Sanders said. “Republicans will say it is a tax increase on workers, and they control the House.” Indeed, GOP lawmakers have since admitted they have no intention of letting the payroll tax return to its original, higher level in a year.

“So what the president has done is walked us in an unprecedented direction in terms of diverting huge amounts of money from Social Security,” Sanders said. “A very, very, very dangerous precedent. And when aides of his such as [Chairman of the Council of Economic Advisers] Austan Goolsbee were asked to reflect on this, he chose not to do so.”

Polls have shown strong public opposition to proposals that would reduce the scope of Social Security. While the program’s payouts did exceed revenues for the first time last year, the Social Security Trust Fund has a surplus of $2.6 trillion and is expected to remain solvent in its current form until 2037, according to its trustees report.

“It’s inexplicable to me that anybody in the White House would give two seconds of thought to cutting Social Security,” Sanders concluded.

The White House did not return requests for comment.

Read part two of the interview, available here.

Top