This is one of the "new" ways that stolen identities are used.
About a decade ago, there were a number of raids by Immigration on meat packing plants across the Midwestern US. What kicked the raids off was when one Hispanic woman who worked at Immigration was being dinged by the IRS for not paying some $160k in delinquent taxes. Upon investigation, it turned out that her name & SSN were being used simultaneously by more than 50 different workers in the meatpacking industry.
Several newspapers in the Denver metro area reported on the raids. Some of the raids happened in Greeley [0]. I remember one of the papers reporting that the only signs in English in the entire plant were the emergency Exit signs over doors. Also mentioned in the papers were that a valid name & SSN combination was worth about $50 if the name was Hispanic, and about $5 otherwise. Some of the name & SSN combinations were used simultaneously more than 100 times, with some repeats being at the same employer simultaneously. Several of the companies raided by Immigration knew that the workers were in the country illegally but didn't care as long as the name & SSN combo made it through some verification process [1].
Notes:
0 - Greeley is about 60 miles north of Denver. When the wind is "right", one can smell the feedlots. Normally, when you drive out of the mountains, you can see a huge brown cloud floating over the Denver metro area. When the wind is "right", you can see a sharp termination of that cloud. The chemicals in the cloud (mostly nitrates and nitrites from exhaust) react with the chemicals from the feedlots (mostly ammonia from cow urine & feces) to form ammonium nitrate (frequently used in fertilizer & explosives) to precipitate out of the air (leaving clear sky).
Interesting! That reminds me of a similar arrangement I dealt with in Fast Food.
Back in 2008 I was working at a Wendy's where the majority of the staff would routinely "resubmit" their applications. I don't know the intricacies of the process, but the way it was explained to me was roughly something like this:
1) Illegal fills out application using a fake SSN
2) (Physical) Paperwork gets reviewed by manager, to make sure everything is filled out. Wait on sending it until they are bugged by corporate to submit the "new" employee applications
3) Send it to corporate
4) Corporate goes through a stack of however many "new" employee applications they have received across the region. Let's assume it's 10,000+
5) After corporate reviews the "new" employee applications, they gather up the names and SSNs, which are sent off to some sort of verification system
6) An error is thrown out and sent back to corporate saying that the name and address doesn't match the SSN provided. Corporate waits to send this information for a few days/weeks, depending on how many they are processing at a given time
7) The store receives a rejection notification sometime later
8) Wait about 1 week or so until corporate starts complaining, return to step 1
Some of the guys I was working with had gone through this process for - no joke - at least 2 to 3 years. Since they were continually seen as "new" employees, there was no sort of issue with firing previous employees or anything like that. It also didn't hurt that different information was being provided each time. After all, corporate had no way of claiming that Jose Guzman at 123 fake street, with SSN 123-45-6789 was the same Jose Guzman at 123 fake street, with SSN 987-65-4321, since they didn't want to be accused of racism.
It wasn't so much a problem to be resolved, as it is a "discrepancy" to be "corrected". The only correction needed was to have the "new" employee resubmit their application.
On a side-note, I'm not exactly sure how any of this worked, but it also led to the "new" employees making about $3 per hour. I accidentally left a paycheck out at one point, and one of the Spanish guys saw it and flipped out, yelled to the other guys, and they all started flipping out too. I guess they were under the impression that minimum wage was whatever the managers told them it was? I felt bad for them, in a way, since they were working extremely long days, but they were also not paying any taxes, sleeping on the job, and would flee the country once their home was built back in their home country. Basically, they were treated poorly, but they were also standing to save up about a full decades worth of money by stealing from the country they broke into illegally. I don't really hold any hostility over them doing that, I just don't hold much sympathy either.
I don't think it's the employer's legal duty to verify the validity of the SSN, just that it is provided. That kind of makes sense but it's a shame we have no system to actually validate that. It's probably on purpose so we can have immigration and workers for the jobs American's don't want to do but not seem like we're pro immigration on the political front
Mark my words: this narrative will be used to deepen global surveillance, further centralize our communication systems and greenlight various large-scale manipulations (e.g. censorship).
Kind of like 2FA is currently "solved" by requiring mobile numbers instead of something like Ubikey, even though SMS is insecure and awful for privacy.
I always wondered. Does anyone actually know of legitimate useful applications of deepfakes (and related AI tech that manipulates videos)? All I can think of is lipsyncing translations of shows/movies (and to be honest, that's at best a gimmick).
I see dozens of problematic uses of the tech everywhere in the news. But, other than "it's cool that we can do this" demos, I have not yet seen 1 application of this that I'd actually want.
With mature deep fakes you could theoretically select your favorite actors for whatever you want to watch. This could be done at the studio level, hiring cheap actors for the manual work and then using deepfakes to replace with big name actors. It could be done after production by the consumer. Both methods could possibly be done legitimately although proper payment and credit for acting would be a nightmare.
I don't endorse the idea, but it with the correct implementation it could be a legitimate use.
> Does anyone actually know of legitimate useful applications of deepfakes (and related AI tech that manipulates videos)?
Hiding your real appearance on video calls (like that famous cat filter, but a normal-looking human instead of a cat)? I think the usual reasons I hear are either people with stalkers or people who have issues with their appearance.
Always thought that Blackhatworld was just a forum about unethical SEO.
There used to be raidforums as a big one before being seized by LE but it's not hard to imagine that another forum sprung up to fill the void that RF left behind.
Krebsonsecurity blogs about transactions on some of these (often in Russian language) forums although I don't know if he mentions them by name.
The first part certainly raises the question of why ads are so poorly monitored. Having deepfaked celebrities promoting any product, even a legitimate one, should not be legal. It's misleading at the very least.
Everyone involved would rather get paid than slow things down over minor details like legality or it being misleading, at least until it becomes a scandal.
It would be trivial to create a deepfake model to represent the author in interviews and meetings. If your picture is available online, anyone could pretend to be you. Pretty scary.
[+] [-] Tangurena2|3 years ago|reply
About a decade ago, there were a number of raids by Immigration on meat packing plants across the Midwestern US. What kicked the raids off was when one Hispanic woman who worked at Immigration was being dinged by the IRS for not paying some $160k in delinquent taxes. Upon investigation, it turned out that her name & SSN were being used simultaneously by more than 50 different workers in the meatpacking industry.
Several newspapers in the Denver metro area reported on the raids. Some of the raids happened in Greeley [0]. I remember one of the papers reporting that the only signs in English in the entire plant were the emergency Exit signs over doors. Also mentioned in the papers were that a valid name & SSN combination was worth about $50 if the name was Hispanic, and about $5 otherwise. Some of the name & SSN combinations were used simultaneously more than 100 times, with some repeats being at the same employer simultaneously. Several of the companies raided by Immigration knew that the workers were in the country illegally but didn't care as long as the name & SSN combo made it through some verification process [1].
Notes: 0 - Greeley is about 60 miles north of Denver. When the wind is "right", one can smell the feedlots. Normally, when you drive out of the mountains, you can see a huge brown cloud floating over the Denver metro area. When the wind is "right", you can see a sharp termination of that cloud. The chemicals in the cloud (mostly nitrates and nitrites from exhaust) react with the chemicals from the feedlots (mostly ammonia from cow urine & feces) to form ammonium nitrate (frequently used in fertilizer & explosives) to precipitate out of the air (leaving clear sky).
1 - This clip from Hogan's Heroes displays the willful ignorance. https://www.youtube.com/watch?v=HblPucwN-m0
[+] [-] KirillPanov|3 years ago|reply
How the fark does the IRS not notice when a single SSN gets W-2s from 50 different employers, each with a different payee name?
All this stuff is completely computerized. Unlike tax returns, it is no longer possible to file W-2s on paper. You must file them electronically.
[+] [-] Unselect6889|3 years ago|reply
Back in 2008 I was working at a Wendy's where the majority of the staff would routinely "resubmit" their applications. I don't know the intricacies of the process, but the way it was explained to me was roughly something like this:
1) Illegal fills out application using a fake SSN
2) (Physical) Paperwork gets reviewed by manager, to make sure everything is filled out. Wait on sending it until they are bugged by corporate to submit the "new" employee applications
3) Send it to corporate
4) Corporate goes through a stack of however many "new" employee applications they have received across the region. Let's assume it's 10,000+
5) After corporate reviews the "new" employee applications, they gather up the names and SSNs, which are sent off to some sort of verification system
6) An error is thrown out and sent back to corporate saying that the name and address doesn't match the SSN provided. Corporate waits to send this information for a few days/weeks, depending on how many they are processing at a given time
7) The store receives a rejection notification sometime later
8) Wait about 1 week or so until corporate starts complaining, return to step 1
Some of the guys I was working with had gone through this process for - no joke - at least 2 to 3 years. Since they were continually seen as "new" employees, there was no sort of issue with firing previous employees or anything like that. It also didn't hurt that different information was being provided each time. After all, corporate had no way of claiming that Jose Guzman at 123 fake street, with SSN 123-45-6789 was the same Jose Guzman at 123 fake street, with SSN 987-65-4321, since they didn't want to be accused of racism.
It wasn't so much a problem to be resolved, as it is a "discrepancy" to be "corrected". The only correction needed was to have the "new" employee resubmit their application.
On a side-note, I'm not exactly sure how any of this worked, but it also led to the "new" employees making about $3 per hour. I accidentally left a paycheck out at one point, and one of the Spanish guys saw it and flipped out, yelled to the other guys, and they all started flipping out too. I guess they were under the impression that minimum wage was whatever the managers told them it was? I felt bad for them, in a way, since they were working extremely long days, but they were also not paying any taxes, sleeping on the job, and would flee the country once their home was built back in their home country. Basically, they were treated poorly, but they were also standing to save up about a full decades worth of money by stealing from the country they broke into illegally. I don't really hold any hostility over them doing that, I just don't hold much sympathy either.
[+] [-] throwie_wayward|3 years ago|reply
[+] [-] pwillia7|3 years ago|reply
[+] [-] BrainVirus|3 years ago|reply
Kind of like 2FA is currently "solved" by requiring mobile numbers instead of something like Ubikey, even though SMS is insecure and awful for privacy.
[+] [-] c0mptonFP|3 years ago|reply
You can't have a discord or signal account without a valid phone number. Think about that for a second.
But yeah, not being able to use proper 2FA devices annoys the bejeesus out of me
[+] [-] prottog|3 years ago|reply
[+] [-] meghdeepr|3 years ago|reply
[+] [-] laserbeam|3 years ago|reply
I see dozens of problematic uses of the tech everywhere in the news. But, other than "it's cool that we can do this" demos, I have not yet seen 1 application of this that I'd actually want.
[+] [-] langitbiru|3 years ago|reply
https://www.breitbart.com/entertainment/2022/08/12/lionsgate...
[+] [-] btbuildem|3 years ago|reply
If you need to access the walled garden but would prefer to keep your identity from them, thispersondoesntexist + deepfakes could be one way to do it.
[+] [-] SapporoChris|3 years ago|reply
I don't endorse the idea, but it with the correct implementation it could be a legitimate use.
[+] [-] nyokodo|3 years ago|reply
De-aging actors such as Luke Skywalker in the Book of Boba Fett.
[+] [-] tbrownaw|3 years ago|reply
Hiding your real appearance on video calls (like that famous cat filter, but a normal-looking human instead of a cat)? I think the usual reasons I hear are either people with stalkers or people who have issues with their appearance.
[+] [-] djohnston|3 years ago|reply
Blackhatworld is the only one I know of, any others?
[+] [-] jason-phillips|3 years ago|reply
Don't expect HN-level discourse though, it's a mess.
[+] [-] GameOfFrowns|3 years ago|reply
There used to be raidforums as a big one before being seized by LE but it's not hard to imagine that another forum sprung up to fill the void that RF left behind.
Krebsonsecurity blogs about transactions on some of these (often in Russian language) forums although I don't know if he mentions them by name.
[+] [-] from|3 years ago|reply
[+] [-] WilTimSon|3 years ago|reply
[+] [-] btbuildem|3 years ago|reply
[+] [-] lazide|3 years ago|reply
So far it isn’t common enough to be a scandal.
[+] [-] BeFlatXIII|3 years ago|reply
[+] [-] Tangurena2|3 years ago|reply
I think the lack of action with FaceBook & Cambridge Analytica shows exactly where this is going in the future.
[+] [-] samename|3 years ago|reply
> Someone is pretending to be me https://news.ycombinator.com/item?id=32996953
It would be trivial to create a deepfake model to represent the author in interviews and meetings. If your picture is available online, anyone could pretend to be you. Pretty scary.
[+] [-] egberts1|3 years ago|reply
Because I am too ugly.
[+] [-] imwillofficial|3 years ago|reply