A company operating a facial recognition system in China has exposed millions of residents’ personal information online.
Shenzen-based SenseNets is an artificial intelligence company that uses a network of tracking cameras to spot people and log their movements in its database. Unfortunately, the company exposed that information publicly online allowing anyone to access the information in plain text, it emerged this week.
Dutch cybersecurity researcher Victor Gevers found the vulnerable database online and tweeted about it.
There is this company in China named SenseNets. They make artificial intelligence-based security software systems for face recognition, crowd analysis, and personal verification. And their business IP and millions of records of people tracking data is fully accessible to anyone. pic.twitter.com/Zaf6w5502i— Victor Gevers (@0xDUDE) February 13, 2019
The database housed records on over 2.5m people, including their gender, nationality, address, date of birth, photo, and employer. A lot of this was linked to their ID card number, which was also revealed in the database records. China maintains a compulsory national identity card system for residents.
SenseNet maintained a collection of trackers which logged whomever it identified in the database. This created over 6.6m logged entries in a single 24-hour window, Gevers revealed.
In another tweet, Gevers showed what appeared to be an abandoned location in Keriya, in southern China, with a tracking device installed:
In the process of tracking down each tracker, we even stumbled upon abandon locations (according to Google maps). If there is anyone living or working in Keriya who can confirm this location? We also would like to a photo of the device. pic.twitter.com/3PMnbvDpho— Victor Gevers (@0xDUDE) February 14, 2019
Gevers works at the GDI Foundation, a Dutch non-profit dedicated to reporting internet security issues. According to CNet, Gevers had reported the issue to SenseNet in July.
Since Gevers went public with the breach online, the company has blocked access to the public database, he tweeted, adding that it may only have been blocked to requests from outside China.
SenseNet’s website has displayed a default empty web server page for months, but in 2017 it explained in Chinese that:
Face recognition is performed on real-time video captured by HD cameras, which compares black and white lists, confirms identity, and implements alarm, tracking, and disposal functions.
Facial recognition is big business in China. Chinese citizens can now check in and clear security using facial recognition at Shanghai Hongqiao International Airport, and the Beijing subway has announced facial recognition plans to help streamline passenger flow, sparking privacy fears.
Chinese companies are also using the technology to allow citizens to do everything from paying with a smile to dispensing rationed toilet paper.
However, facial recognition technology in China also has its darker, more authoritarian side. Government agencies including its Ministry of Public Security are building a facial recognition system, nicknamed Skynet, that would eventually cover China’s entire population of well over a billion people. It will achieve 100% coverage in “key public areas” next year, according to official government documents.
Chinese police are already using augmented reality glasses to scan and recognise faces, enabling them to quickly identify and apprehend suspects. Schools are planning to use facial recognition to ensure that children attend class and check that they’re paying attention.
Perhaps most unsettling of all: China has also introduced facial recognition technology that tracks people’s movements and predicts how likely they are to commit a crime – Minority Report-style.
2 comments on “Chinese facial recognition database exposes 2.5m people”
The world is becoming so anti human. I’m going to pray for a solar flair like from 1859, to save us from those that use machines to enslave us.
Use Kickstarter or Indiegogo to fund a project to launch several devices into orbit that generate large EMP pulses to knock out electronics. 😉