PimEyes: Face Search for the Masses

“Too thumbs up! ” – stalkers everywhere

Is there another site where this can be seen without register?

Try this one: https://www.pcmag.com/news/this-facial-recognition-site-is-creeping-everyone-out

(I never get a paywall at NYT… I wonder if it’s because I’m using a VPN, or if it’s due to the fact that I use NoScript to block nonessential scripts on websites.)

Another: https://netzpolitik.org/2020/pimeyes-face-search-company-is-abolishing-our-anonymity/

Disabling javascript completely works for me on NYT without VPN.

We’re just a tool provider

Honestly, I’m OK with that defence. The problem is not that the images can be found. The problem is that the images are there at all. So the problem relates to the web sites where the images reside - and the images will still reside there even if you pay PimEyes to suppress the images from the search results, as the article says. In fact, like paying a blackmailer, even if you pay off PimEyes, some other company using the same or similar technology will still find the images - unless you address the issue at the underlying source.

Unfortunately it is not as simple as whether you post images of yourself to the internet - since anyone else, including your government, including your friends and relatives, might take a photo of you and post it to the internet - and different people have different cultures and attitudes and laws as to how acceptable that is.

This in part relates to the EU’s desired “right to delete”.

In the case of Facebook it also relates to the dumb$#@* profile photo implementation that mandates that profile photos be public.

In my view your right to control the use of your image needs to be legislated. However that probably won’t help the woman quoted in the article where

she learned that PimEyes was indexing torture porn websites and discovered that the incident from 2005 when she was forced to perform “humiliating” and “violent” sexual acts on camera had been published and could be retrieved using PimEyes’ service

and the images are presumably created by people who aren’t going to be discouraged by a law that would make unlawful the publishing of such an image without consent.

Short of more widespread pro-individual legislation, this could be an untapped market that the existing “delete-my-info” subscription services should try and incorporate. Help people find their images and attempt to get them deleted at the source, but without the “extortion.”

Yes. If it were me, I would want to know. However other people may have a different opinion if they are the ones in the images. Maybe the woman in question would rather have forgotten about it.

It’s been a while since your post, but I’d like to add some information. I’ve been checking out PimEyes lately too, and I gotta say, it’s pretty impressive what you can do with it. It’s like having a mini detective in your pocket. You just upload a photo, and boom, it finds all sorts of stuff on the web that matches. I’ve also stumbled upon something called idanalyzer.com . It’s not the same thing, but it’s worth a look. It specializes in identity verification using AI. It’s more about verifying who someone is rather than just finding their photos online. Both tools are cool in their ways. PimEyes is great for tracking down where your pics have ended up online, but idanalyzer.com can give you that extra layer of security by helping you verify identities. It’s kinda like having two tools in your digital toolbox for different needs.

Not cool if you’re the person being stalked.

Well, I get your concerns about PimEyes. If you’re looking for a way to verify identities instead of just finding photos, you might want to check out ID Analyzer. It’s an API that helps you extract and verify data from ID documents like passports and driver licenses. This can be super handy for services that need to confirm user identities securely.

Meta Smart(-@ss) glasses + PimEyes: Meta smart glasses can be used to dox anyone in seconds, study finds - Ars Technica

Can I just reiterate how much I absolutely f-ing loathe both these companies?

That reminds me… Is there some way to incorporate malicious QR codes into my clothing or sunglasses so that as I walk around in public I can infect these devices with the evilest of malwares?

(New product suggestion for Purism!)

Yes, but I highly doubt embedding malicious URLs that download malware would be considered under Purism’s Articles of Incorporation. Your actions would also put other users’ devices at risk of compromise from other third-parties and can easily lead to serious long-term collateral damage.

Multiple questions there:

1. Are there weaknesses in QR code processing and decoding that can be exploited? e.g. buffer overflow, remote code execution exploit - from deliberately malformed or specially crafted QR code. Embedded environments would be a better chance of this but I am not personally aware of any such exploits.
2. (assuming that the QR code decodes without issue) Are there weaknesses whereby a QR code is accessed without user confirmation or with user confirmation but tricking the user into giving that confirmation or just dumb users or crappy software that just doesn’t ask for confirmation? I bet you could get some users to access the QR code.
3. (assuming we get through the previous two items) Are there weaknesses in the code to ‘execute’ the QR code that can be exploited? There are plenty of examples in history where certain file types inadvertently triggered poor security outcomes. That’s probably where we are with QR codes.

Yes, it is a rich attack surface.

4. Should you do that if it worked? Well probably not but I think we all feel like doing it from time to time.

It isn’t necessarily the case that you would incorporate the QR code in clothing or on your person. Just plastering them around the place (as happens anyway) may suffice.

Terribly frightful!
…but fortunately, I have a solution for you:

Unfortunately, it might well trigger somebody to call the police because they think you look really weird…

Cool. I’ve been expecting that something like that would appear on the market.

I wonder what it’s like in warmer weather.

Lol, right! I’ve seen that one. Pairs well with this, no doubt: Review: Phantom glasses block facial-recognition tech and look good | Mashable

OK, well, I’d probably settle for a QR-generated “F*** off, gl@sshole! ”
Lol!

As requested:

Or, simplifying it,

You would have to work a bit harder to get a proper to come out.

I am using the qrencode command.

e.g.

Edited because the previous version ended in a line feed character, which may not have been what was wanted.