Maintain “distance” from Social Media challenges during the Covid Lockdown
While people are holed up in their homes during the lockdown across the world, a new wave of social media challenges which aims to keep you busy & virtually engaged has surfaced recently. At first, it might seem innocuous to share your stylish photographs wrapped in a traditional Indian attire called the Saree or your favourite gown for that long-due party. But then there is a whole lot of nefarious activities feeding on these so-called “challenges” to disrupt your identity and scar your social lives forever.
So, this is the Modus Operandi for a potential attack on your privacy when you respond to social media challenges such as Saree or the Quarantine Pillow Challenge.
Step 1: Posting a challenge post (like the one below) with a sharp high-resolution picture of yours:
Nominated by <>
This is purely for fun and I tagged those who have a love for ethnic clothing😊 If I didn’t tag u, plz don’t be offended, I tried to pick people who I thought would play along, and still post a picture of yourself and who haven’t completed the challenge already. India is blessed to have so many saree varieties!All too often woman find it easier to criticize each other instead of building each other up, with all the negativity going around, let’s do something positive!! Bcz u r beautiful😘
Upload 1pic of yourself.. ONLY u!! Then tag more women to do the same.
Step 2: Tagging your friends who would continue this string of challenge further.
Step 3: This is where the attacker starts abusing your photograph using a commonly available AI tool called the “DeepNude”, an application which allows users to virtually “undress” women using artificial intelligence. The DeepNude can easily transform the social media pics into an embarrassing fake nude picture, which can end up in pornographic sites, blackmailer files & pretty much on the internet forever.
What is DeepNude & why it is dangerous?
When DeepNude first appeared in 2019, articles in The Washington Post, Vice and other media showed how the app could be used to take a photo of a clothed woman and transform that into a nude image, sparking outrage and renewed debate over nonconsensual pornography. DeepNude offered a free version of the application as well as a paid version, and was the latest in a trend of “deepfake” technology that can be used to deceive or manipulate. Although the app was shut down, critics expressed concern that some versions of the software remained available and would be abused.
Some news articles talking about it recently – https://www.thehindu.com/news/national/law-enforcers-worried-as-deep-nude-makes-a-return/article31334415.ece
Still there are many variations of the app available online for immediate use. Our team investigated the feasibility of this attack vector & found out the ease of execution to be very simple & high. One quick online search revealed a lot of sites allowing such “X-ray” transformation of uploaded images for free. There are downloaded apps available on torrent sites which could be extremely dangerous too.
When we tested the online services in our lab, we were shocked by the output generation. Even for a dummy mannequin image (sourced from Wikipedia, see below), the photos were generated in less than 10 minutes with obscene level of detailing.
You could only imaging the extent to which such derogatory software could go when applied to real-life images of thousands of people who upload high-resolution pictures of theirs on social media and other searchable online platforms.
How to protect yourself from such attacks?
The best thing would be to avoid uploading any pictures, anywhere, which could be potentially misused. However, if you or somebody you know have already done so or cannot keep away from such challenges, this is what you could do to “reduce” the chances of getting hurt.
- Restrict the privacy settings of your Facebook posts to “Friends Only” & regularly sanitise your list of friends to avoid surprises.
- Avoid tagging anyone else directly on the post, so that it doesn’t become available to “Friends of friends”
- Avoid sharing high-resolution pictures at all times.
- Do not put any pictures with other personal details of your family, employer, address or any other information which could be used to blackmail you or others
- Opt for side-view, cropped pictures to make these AI-driven software ineffective in generating fake images, which are more effective in full-frame shots.
- After the challenge days are over, you could also change the privacy setting of the post to “Only me” on Facebook or remove the post altogether on other platforms.
- DO NOT upload pictures on any contest sites, groups or pages where you have no control on the use of images.
- DO NOT respond to any online extortion threat emails asking for money. These are always spam & dangerous messages.
- Avoid uploading pictures of minors & children with personal details, at all times.
And lastly, DO NOT try testing this “DeepNude” feature online or on any app, as it may lead to other kind of attacks on your privacy & even infect your system with malware. DO NOT upload any picture to any such sites claiming to have this kind of technology. Beware, you could be attacked in different ways when it comes to privacy.
Not every challenge is worth your time & cost of privacy. Maintain the “Distance”.