Researchers | Rohidas Vitthal Sanap: Web Developer/Designer

Hidden in the Twittersphere are nuggets of information that could prove useful to crime fighters — even before a crime has been committed.

Researchers at the University of Virginia demonstrated tweets could predict certain kinds of crimes if the correct analysis is applied.

A research paper published in the scientific journal Decision Support Systems last month said the analysis of geo-tagged tweets can be useful in predicting 19 to 25 kinds of crimes, especially for offences such as stalking, thefts and certain kinds of assault.

The results are surprising, especially when one considers that people rarely tweet about crimes directly, said lead researcher Matthew Gerber of the university’s Predictive Technology Lab.

Gerber said even tweets that have no direct link to crimes may contain information about activities often associated with them.

“What people are tweeting about are their routine activities,” Gerber told AFP. “Those routine activities take them into environments where crime is likely to happen.

“So if I tweet about getting drunk tonight, and a lot of people are talking about getting drunk, we know there are certain crimes associated with those things that produce crimes. It’s indirect.”

For the study, Gerber and his colleagues analysed tweets from the city of Chicago tagged to certain neighbourhoods — measured by individual square kilometres — and the city’s crime database.

They then looked forward and were able to make useful predictions about areas where certain crimes were likely to occur — something which could be helpful in deployment of police resources.

“This approach allows the analyst to rapidly visualise and identify areas with historically high crime concentrations,” said the study.

“Future crimes often occur in the vicinity of past crimes, making hot-spot maps a valuable crime prediction tool.”

In recent years, the idea of “predictive policing” has gained momentum, with police departments relying on “big data” analytics from companies such as IBM.

This research comes on the heels of other studies showing how tweets can be analysed to predict elections, disease outbreaks and other important events.

Gerber said Twitter data can be relatively easy to use because tweets are publicly available, and many of them are tagged with location information.

In addition, researchers, themselves, do not need to go into the high-crime areas to study the information.

Instead, “I send our algorithms to these locations and see what people are talking about,” Gerber said.

“The computer algorithm learns the pattern and produces a prediction.”

The study was funded by the US Army, which Gerber said uses similar techniques to determine threats in places such as Iraq and Afghanistan.

SRLabs researchers have released a new video demonstrating why fingerprints are not fit for secure device unlocking.

Fingerprint sensors on smartphones are certainly big step forward. But, are they good enough? Back in September last year, German researchers managed to crack the protection around Apple’s fingerprint sensor on the iPhone 5S. Researchers used “fake fingerprint”, which could be put onto a thin film and used with a real finger to unlock the device. And now, the fingerprint sensor on Samsung’s new Galaxy S5 has been cracked with the very same trick.

Germany-based SRLabs has released a video demonstrating the trick. Researchers used a “wood glue spoof”, made from mould of a fingerprint smudge left on smartphone screen. According to SRLabs, the fingerprint sensor in the S5 is more shoddy than what was found in the iPhone 5S.

Apple needs a password after every reboot before users can unlock their iPhone 5s with fingerprint scanner. The phone also needs a password after certain number of failed attempts with fingerprint scanner.

However, the Galaxy S5 allows users to make unlimited attempts to unlock the device with fingerprint scanner. Moreover, rebooting doesn’t lock the fingerprint scanning feature. Researchers showed how the Galaxy S5 fingerprint hack could allow hackers to access the PayPal app on the phone.

SRLabs points out that using fingerprint as credentials for local user authentication has two flaws as compared to the traditional password system.

First up is the limited revocation, which means once a fingerprint gets stolen, there’s no way to change it. Second is the credential spread. “Users leave copies of their fingerprints everywhere; including on the devices they protect. Fingerprints are not fit for secure local user authentication as long as spoofs (fake fingers) can be produced from these pervasive copies,” said the firm.

In the meanwhile, PayPal has issued a statement, saying the company has taken the SRLabs findings seriously.

“The scan unlocks a secure cryptographic key that serves as a password replacement for the phone,” the statement read. “We can simply deactivate the key from a lost or stolen device, and you can create a new one. PayPal also uses sophisticated fraud and risk management tools to try to prevent fraud before it happens. However, in the rare instances that it does, you are covered by our purchase protection policy.”

Source: SRLabs, ArsTechnica