Mitre, the creepy company checking your fingerprints on Facebook for the US Government

Mitre, the creepy company checking your fingerprints on Facebook for the US Government
Cybercrime reporter Thomas Brewster has written a fascinating exposé of the activities of Mitre Corporation, which has taken on some eyebrow-raising projects for the US government.

Writing for Forbes, Brewster’s article reveals a $500,000 project undertaken by Mitre for the FBI which saw it attempt to capture biometric information – such as actual fingerprints – from photographs posted on social media sites such as Facebook, Instagram, and Twitter.

Former FBI science head Chris Piehota, described how the “image fingerprinting” technology could be used to examine the image of gang members who posted online, making gang signs with their hands.

“They’re also giving us access to their fingerprint patterns,” he adds. “[The FBI] can take your fingerprint characteristics from those images and they can build fingerprint files or fingerprint characteristics for individuals [for whom] we don’t have biographic information.” This could be useful for individuals violating immigration laws where the U.S. doesn’t have a record of their fingerprints in another database, adds Piehota. It could also be used to identify someone in a child exploitation video or, as in an investigation in the Welsh city of Swansea, catch drug dealers using tools like WhatsApp.

Another project saw Mitre tasked with the job of creating a tool that locate and hack into smartwatches, fitness trackers, and IoT devices.

The contract says the tech could be used either by law enforcement or border officials to help them “rapidly detect and exploit for evidentiary purposes IoT devices in a security or crime scene environment,” or for use at “physical security boundaries” to hack into devices “passing through or approaching the boundary.” Think of people crossing the U.S.-Mexico border and a surveillance tool that scans every device coming through, checking which ones are smartwatches or other IoT systems. When one is worn by a criminal suspect, it could quickly be drained of data and evidence of their activities gathered, from their text messages to their previous locations.

If the US Government and law enforcement have tools like this available to them, it could be good to know about it officially, and for there to be transparency regarding how they were being deployed, and oversight to ensure that civil liberties and privacy are not being put in peril.

Sign up to our free newsletter.
Security news, advice, and tips.

Read more from the Forbes article here: “Inside America’s Secretive $2 Billion Research Hub Collecting Fingerprints From Facebook, Hacking Smartwatches And Fighting Covid-19”

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

2 comments on “Mitre, the creepy company checking your fingerprints on Facebook for the US Government”

  1. DaB

    Yet another reason to add to the heap of ones to not use social media……
    If one govt agency can do this, another anywhere can acquire the capability too, along with large corporations. And penetration/tracking software companies could add this to their offerings.
    There is no end to the potential for even more privacy invasion.

  2. Spryte

    What on earth could go wrong?

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.