Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Joseph Cox Profile picture
@josephfcox
Feb 5, 2024 9 tweets 6 min read Read on X
Scrolly
New: inside the underground site where "neural networks" churn out fake IDs
- I tested, made two IDs in minutes
- used one to successfully bypass the identity verification check on a cryptocurrency exchange
- massive implications for crime, cybersecurity
404media.co/inside-the-und…
Image
Here's the process of me successfully bypassing the identity verification on OKX, a cryptocurrency exchange I've noticed is being used by criminals
- Asks for passport
- I took photo of my fake British passport I made earlier (didn't need in hand)
404media.co/inside-the-und…

Image
Image
OKX's system said it was reviewing my identity. Then it approved it. There you go: successfully made a cryptocurrency account with a fake name, fake ID. The face is mine (didn't want to implicate innocent person) but site says its going to launch AI faces 404media.co/inside-the-und…

Image
Image
Here are some of the other IDs this service has created. The underlying technology is a bit hazy, but regardless the result is highly convincing photos of fake IDs in minutes for people who have no technical skill 404media.co/inside-the-und…

Image
Image
OKX uses a company called Jumio for its ID verification. When I first asked them about these sorts of sites, they said the below. Then when I said I just bypassed OKX using a fake ID, they said they couldn't comment much furthr 404media.co/inside-the-und…
Image
The British passport I used to bypass identity verification worked first time. I had no issues with it whatsoever. Only reason I didn't use the California license was because OKX doesn't accept US IDs (doesn't have to deal with US regulation) 404media.co/inside-the-und…
Image
Update: @RonWyden comments on our investigation into neural networks + fake IDs. Says it shows the need for secure, authenticated IDs 404media.co/inside-the-und…
Image
Here is the panel for creating your own fake ID in minutes. Enter whatever data you want, or use some of the randomise buttons. Upload a photo or use one the system has. Hit generate. 404media.co/inside-the-und…
Image
Updated with a statement from OKX on us using an underground service which generates photos of fake IDs, and using that to bypass their identity verification 404media.co/inside-the-und…
Image

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Joseph Cox

Joseph Cox Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @josephfcox

Joseph Cox Profile picture
Nov 7, 2024
New from 404 Media: police freaking out at iPhones stored for forensic examination mysteriously rebooting themselves. This makes brute forcing much harder. Cops hypothesize Apple pushed an update that tells nearby iPhones to reboot if not on phone network 404media.co/police-freak-o…
Here is the law enforcement document I obtained. It says that a bunch of iPhones were in an AFU state (easier to get data from). Then a bunch of them rebooted into a BFU state (much harder if not impossible to get data from) 404media.co/police-freak-o…Image
Image
Image
This applied to phones that were in Airplane mode, and even one in a faraday box 404media.co/police-freak-o…Image
Read 4 tweets
Joseph Cox Profile picture
Nov 6, 2024
Did you vote in America yesterday? If so, you just got doxed

This site takes voter records that can be hard to source and puts them all into one place. Name, address, voter history, for free. It turns voting into a privacy and security risk 404media.co/voted-in-ameri…
Taking data that is only technically a public record and making it easier to access qualitatively changes it. It becomes literally public. It can be the difference between a data point somewhere, and harassment, suppression, threats 404media.co/voted-in-ameri…Image
I seriously doubt that many people realise when they vote that their address will end up on this right-wing website that is used by conspiracy theorists. Just another opaque data supply chain 404media.co/voted-in-ameri…Image
Read 4 tweets
Joseph Cox Profile picture
Oct 23, 2024
New: inside the US government-bought tool that can track phones at abortion clinics. Called Locate X, it tracks phones around the world without a warrant. Leakers showed it in action, we watched a phone go from Alabama, to an abortion clinic, back again 404media.co/inside-the-u-s…
This is the strongest demonstration of the power of phone location data yet. Locate X is a tool used by lots of US agencies (ICE, CBP, etc). Sources got access, filmed themselves using it, leaked us hours of footage. Monitored mosques, synagogues, more 404media.co/inside-the-u-s…Image
Image
Here is what we saw about a visitor to an abortion clinic. Started in Alabama, where abortion illegal. Mapped their route to stores. Crossed to Florida, went to the clinic for two hours, came back. Just with a few clicks of a mouse. 404media.co/inside-the-u-s…Image
Read 10 tweets
Joseph Cox Profile picture
Oct 18, 2024
New from 404 Media: we've found exactly how a Musk-funded PAC is microtargeting Muslims & Jews with opposing messages. Happening with adverts on Snapchat; digging through data we found the exact ZIP codes the PAC is targeting. Includes areas with mosques 404media.co/this-is-exactl…Image
Here are ads Jewish voters in Pennsylvania are getting 404media.co/this-is-exactl…
And here are ads Muslim voters in Michigan are getting 404media.co/this-is-exactl…
Read 4 tweets
Joseph Cox Profile picture
Oct 2, 2024
New from 404 Media: someone put facial recognition on Meta's smart glasses to instantly dox strangers. You look at them, sends face to a facial recognition tool. LLM infers name, sends to people site. Gets phone number, address. I've seen it in action 404media.co/someone-put-fa…
This is absolutely one of the craziest privacy stories I've ever reported, and craziest privacy projects I've ever seen. You can see my face while they demo'd the product to me. Mostly using off-the-shelf tech. People can do this now 404media.co/someone-put-fa…Image
The creators say they have tested it on unsuspecting people in public, approached them with their personal info. I identified one of the people in their demo, she didn't respond to request for comment. 404media.co/someone-put-fa…Image
Read 5 tweets
Joseph Cox Profile picture
Sep 23, 2024
New from 404 Media: in a massive shift, Telegram says it now *will* provide user data to authorities in response to legal orders. Includes IP addresses and phone numbers. Yesterday privacy policy said just terror suspects. Now it is crimes more broadly 404media.co/telegram-chang…
Just last week I found a U.S. demand for Telegram data. It appears to relate to child abuse image crimes. Documents are sealed, but order granted the application for a search warrant for user data 404media.co/telegram-chang…
Image
I've been looking into Telegram and its data policies for law enforcement. For that, I tried its bot which is supposed to give copies of Telegram's transparency reports. Last week it didn't even work. Today, it says data is coming 404media.co/telegram-chang…
Image
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(