Frequently Asked Questions

This FAQ describes the current site operations and policies.

---

About the site

1. What is FotoForensics?
   FotoForensics is a framework for assisting researchers, analysts, and investigators with digital photo forensics.
2. Who provides this service?
   This private FotoForensics is provided by Hacker Factor.
3. What is the privacy policy?
   This is a private service. Content is not shared unless you share it. For more details, see the Terms of Service tab.
4. Who should I contact about problems with this site?
   Problems with this site, such as error messages, connectivity issues, maintenance, etc. should be submitted through the contact form or emailed to .
   
   Do not send this email address any advertisements, promotional offers, "let's swap links!" requests, or anything from any mailing list. Also, do not send questions about analysis results or requests for technical details about how the algorithms work. This email address is strictly for problems or issues with the website.
5. What browsers are supported?
   FotoForensics works best with HTML5 and CSS3. This includes most up-to-date web browsers. Browsers older than Internet Explorer 9, Firefox version 10, or Chrome version 10 are unlikely to work well with this site.
   
   FotoForensics also requires JavaScript. Browsers that have JavaScript disabled will not be able to access most of the analysis results.
   
   While FotoForensics permits people to upload content, this site does not permit uploads from automated systems (bots). Automated bulk-file uploaders will be banned.
6. Is Mobile Safari supported?
   Apple's Mobile Safari web browser is partially supported. Specifically, Mobile Safari (the default browser on iPhone, iPad, and iPod devices) is only supported for URL uploads and not file uploads. This is because Mobile Safari explicitly alters all images prior to uploading.
   • During the file upload, Mobile Safari actively strips out all metadata and recompresses the picture at a low quality. This means that the analyzers on this site will provide virtually no useful information about your picture. For example, Error Level Analysis and JPEG % will identify the resave by Safari and not the original picture. Mobile Safari also strips out the original metadata and substitutes its own, so metadata analysis will be of little use.
   • Any analysis would be relative to the stripped, recompressed, and modified picture that was generated by your Mobile Safari browser. Image analysis will identify your browser and platform, but not information about the selected photo.
   • If your picture is considered "evidence", then your Mobile Safari browser will tamper with the evidence.
   Apple considers this in-browser image modification to be a "feature". However, it prevents web services from analyzing the picture. This problem is not limited to FotoForensics; it impacts every website. If you use other websites to evaluate this picture's content or metadata, then those other sites will also analyze the Safari-modified version and not the source image.
   
   To reiterate: this is a browser issue and not a website issue. Although you want to evaluate the picture, the Mobile Safari browser is preventing analysis.
   
   Fortunately, there is a solution: use a different web browser. Chrome and Firefox for Apple devices do not have this tampering issue and will allow you to upload the actual picture for analysis.
7. What proxies are supported?
   Proxies are used to relay network requests through other computer systems. These are usually corporate proxies or small residential proxies that are used to share a network address between related computers. Proxies may also include translation systems, web virus scanners, and web speed improvement systems. For example, Google Translate and Chrome's "Data Saver" option both operate as proxies. However, proxies can also be used to intentionally obscure a user's true location (e.g., Tor).
   
   Attributable proxies, including corporate, translation, and speed services, are permitted. However, FotoForensics has had a lot of problems with people using anonymous proxies to either upload prohibited content or attack the web server. For this reason, we do not permit anonymous proxies to upload content for analysis. Anonymous proxies can view existing content on the server, but they cannot upload new content for analysis.
   
   We may treat your proxy system as a single user. If anyone using your proxy system uploads prohibited content, then it will likely result in the proxy system being banned.
8. What anonymizing services are supported?
   Some pictures are available on alternate networks beyond the Internet. This includes 'Darknet' services. Uploads to FotoForensics can only be accessed from the Internet. However, uploaded URLs for Tor (.onion) sites are permitted.
9. Do you have an app?
   There are no official apps for FotoForensics. This is a conscious decision:
   1. Most smartphones lack the necessary computing power.
   2. Library inconsistencies on different mobile devices can generate inconsistent results.
   3. Using this website with your web browser does not require any special software or access privileges on your smartphone device.
   Every few years we hear about an unofficial app that claims to be associated with FotoForensics or that uses a variation of the FotoForensics name. These apps often attempt to wrap requests to the official FotoForensics service; allowing them to collect and sell your personal information.
   
   When we learn of these apps, we request the hosting sites to take them offline. If the unofficial app depends on the official service, then we block the app and warn the users.
   
   If you see an app in the Apple or Android app store that claims to offer FotoForensics services, then tell us about it! It is unofficial and likely a scam, spyware, or virus. We can quickly get unofficial apps removed from the Apple and Android app stores.
10. Do you use ads?
    No. This public FotoForensics service does not have ads and does not provide information to third-party data brokers.
    
    If you see ads with the FotoForensics analysis, then you should assume that there is a virus on your browser or smartphone; the official site does not use ads.
11. Do you use a captcha?
    No. While this service can be configured to use a captcha, it is not currently enabled.

About file submissions

12. What can I upload for analysis?
    You can submit a picture from your computer or provide a URL to an online picture.
    • The picture must be a JPEG, PNG, WebP, HEIC, or AVIF.
    • Uploads are limited to 12 megabytes per file.
    • Pictures should be at least 100x100 pixels; thumbnail images are typically heavily postprocessed (cropped and resized) so modifications are rarely identifiable.
    • Pictures must not be no larger than 10,000x10,000; extremely large pictures cannot be processed in real-time.
    This is a private service. Any content that does not violate US Federal law or Colorado law is permitted.
13. Why only permit a few file formats (JPEG, PNG, WebP, HEIC, and AVIF)?
    There are many different file types for storing pictures. However, this service only supports JPEG, PNG, WebP, HEIC, and AVIF files. This is because other formats will not work well with the available algorithms or consume too many system resources. For example:
    • BMP. Windows Bitmaps are a lossless data format, comparable to PNG. But unlike PNG, BMP files are typically uncompressed. In the typical case, a PNG will be a fraction of the size of a BMP. And unlike PNG, a BMP file contains no metadata. In effect, a BMP will not generate useful metadata analysis and will consume much more disk space (system resources) than a PNG.
    • GIF. GIF files are limited to 256 colors. The restrictive color space effectively ensures that algorithms like ELA will generate useless results. Many GIFs uploaded to this site are animated, but this site has no algorithms for evaluating animated sequences.
    • TIFF. The Tagged Image File Format (TIFF) supports many different types of data encoding. Most of the encoding methods are not as efficient as PNG. (The exception is JPEG/DCT encoding, in which case you might as well submit the non-TIFF JPEG.) TIFF files may also contain multiple pages, but this site has no methods to represent multiple pages.
    • RAW. There are many different RAW formats. Canon uses CRW and CR2, Nikon has NEF, Pentax uses PEF, and Adobe introduced DNG. Most RAW formats are TIFF variants, and each of these are large formats that usually cannot be evaluated in the time requirements for this real-time web service.
    Other image file formats have these same limitations. They either consume too much disk space, take too long to process, or contain multiple pictures. This public site strictly processes JPEG, PNG, and WebP files because they are compressed efficiently and work well with the algorithms available to this free service. Even though they are slower to process, HEIC and AVIF also supported because they are widely used for photos.
14. Why did my upload fail?
    If your upload fails, it is probably because:
    • It was not one of the supported image formats: JPEG, PNG, WebP, HEIC, or AVIF.
    • It was too large, or
    • The submitted URL was inaccessible. (If the URL requires a login, then FotoForensics cannot access it.)
15. Why does the picture look different?
    Occasionally the uploaded picture does not look like you expected. It may appear inverted, rotated, or even larger than you thought.
    
    JPEG images can contain display information such as rotation or color profiles. In effect, graphical applications render the JPEG and then apply a transform. For the types of photo forensics performed on this site, additional transformations may distort the image. As a result, post-rendering transformations are not applied. Images may appear rotated, flipped, or inverted depending on the post-rendering transformations.
    
    In other cases, such as a URL upload, the picture retrieved by FotoForensics may not look like the picture you thought you uploaded because FotoForensics acquired a higher quality image. This can currently happen with pictures that come from specific sites, including:
    • Facebook: The URL may contain commands for scaling, cropping, and positioning the image. When FotoForensics detects this, it attempts to retrieve the full-size picture stored at Facebook, and not the cropped or scaled image. FotoForensics attempts to retrieve an unaltered image because scaling, cropping, and other server-side transformations result in a resave and may obscure information about an image. The picture retrieved by FotoForensics can appear larger and wider than the image shown on Facebook's web page.
    • Imgur: Users occasionally submit the URL to the text web page and not the URL to the image. (Editor's note: Don't blame the user!) If this is detected, then FotoForensics will retrieve the primary image from the web page. If there are multiple images on the page, then it may not retrieve the one you wanted. Try submitting the URL to the image itself: right click on the image and select "View Image" (the actual menu item varies by browser), and submit that URL to FotoForensics.
    • Tumblr Avatars: Tumblr avatar images come in a variety of sizes. They may appear on pages as 16x16, 24x24, 40x40, or similarly small icon images. However, the maximum size is 512x512. FotoForensics will automatically retrieve the largest image (512x512) since this does not undergo additional scaling and it retains the most detail.
    • Google: Some Google URLs will retrieve the source image indirectly and alter it before returning it to your browser. The alterations may include resizing, cropping, recoloring, and removing metadata. When present, FotoForensics will detect this indirection and retrieve the source image without Google's alterations.
    • News Sites: Some images hosted at popular news outlets are modified dynamically. This can alter the image size, quality, and remove metadata. If FotoForensics detects these real-time modification, then it will retrieve the source image without the additional alterations.
16. Why does the picture look broken?
    In rare cases, pictures retrieved from a URL upload may appear broken. With JPEG images, they will usually render the top part of the image, but the bottom part will appear as a gray box. This happens when the server hosting the picture cannot provide it within a reasonable timeframe. Either the hosting server is slow, or there is a significant network delay that is causing the download to timeout.
    
    This problem has been repeatedly seen with pictures hosted in China, such as pictures from Baidu.com. As far as we can tell, China is tarpitting the network connection -- intentionally making it slower and slower until the download fails.
    
    The best solution to this problem is to download the picture to your local computer and use the File Upload option to submit the picture.
17. Who can see the pictures I upload?
    When you submit an image, you are provided with a direct link. You can share the direct link with other people, but only people with login access to this server can view the content. In the course of maintaining this service, the pictures may also be accessed by the site administrators. Unaccessed pictures are removed from the system.

About copyright and trademarks

18. What are the trademarks?
    Dr. Neal Krawetz of Hacker Factor has trademarks on the following terms and trade names: "Hacker Factor", "FotoForensics", "FotoForensics Lab".
19. Who owns the copyright?
    This website is Copyright Hacker Factor, All Rights Reserved. However, we do not own the copyright to the submitted pictures.
    
    Each picture's copyright is retained by the original copyright holder. For the derivative works (i.e., the analysis pictures), it depends on the picture and how much it looks like the original image. The derivative work is either the copyright work of Hacker Factor or of the original source's copyright holder. (It's best to consult an attorney, and I'm not an attorney.) It suffices to say that you do not own the copyright just because you submitted the picture.

Last modified: 2022-12-26 14:59:52Z

About Lab

FotoForensics maintains multiple online services. Some are for specific clients, while others are general purpose.


Users who are unsure about whether to use the Lab service should first try the public service.

Contents:

---

1. Differences
   The primary differences between the public service and this private Lab service include:
   
   

   	FotoForensics Public Service	FotoForensics Lab Service
   Intent	The public site provides a starting point for people interested in the field of digital photo forensics. It is not intended for long-term commercial use.	Lab provides powerful tools for business professionals involved in digital photo forensic analysis.
   Logins	The public site does not have logins. The site is open to the public.	Lab restricts access to users with accounts.
   Functionality	The public site contains a few analyzers that permit the public to try out real forensic tools.	Lab contains more tools, methods, and functionality. The amount of functionality available depends on the account's access level.
   Privacy	The public site is a research-oriented service; it offers no privacy. All uploaded content becomes part of a research repository for advancing forensic analysis. Uploaded content may be viewed by researchers and business partners for analysis purposes. (We do not claim copyright over uploaded pictures and we do not resell content.) Links may be shared with other people.	Lab is a private service. Content is not shared with researchers and does not become part of any research repository. Uploaded content can only be shared with people who have login access to this service. Content is not available to anyone else unless someone with the link (you) share it.
   Tutorials	The public site contains a few tutorials for educating beginner analysts.	Lab contains additional tutorials and training materials. It is designed to give professional analysts a solid understanding of the tools and methods. Because we cannot personally train everyone, the site is designed for self-paced learning.
   Public Disclosure	The free service only contains algorithms and content that have been publicly disclosed.	Lab contains additional tools and content, based on the user's access level.
   Content	The public site permits most types of content. However, it does not permit pornography, nudity, and sexually explicit content.	Lab permits all types of content with the exception of child pornogaphy and child erotica -- both are munition and a violation of Federal law. If you are law enforcement and have a need to evaluate content related to child exploitation, then please contact NCMEC, ICMEC, or your local ICAC. Do not upload prohibited content to this server.
   Retention	The public service retains all content on the server for a minimum of three months. Content may be retained longer than three months if there is enough disk space or if it is being actively accessed by users.	Lab automatically deletes content after 24 hours of inactivity. (If you stop looking at a picture, then it will be removed after 24 hours.) Content removal enforces privacy.
   Cost	The public site is free, but it is not private and it has a limited number of tools and methods.	Lab is a prepaid upload service. It grants access to more tools, more methods, and privacy for your content. Users pay in advance for upload permission. The rates include bulk discounts; the more you pay in advance, the more upload credits you receive.

2. Why pay to use Lab?
   With the free FotoForensics site available, why would anyone pay to use Lab?
   • Privacy: We have received many requests from people who have sensitive content that is not appropriate for the public service. Maybe the pictures contain personal information. Maybe they are related to a legal matter. Or maybe you just do not want the pictures to be part of a research archive and viewed by other people. (Don't think of it as paying for analysis; think of it as paying for privacy.)
   • Show Support: Occasionally we receive compliments for providing the public site, and people ask how they can support this service. Rather than having a "donate" button or running a KickStarter campaign, we have this Lab service. (And like KickStarter, we have tiered support levels that offer additional functionality.)
   • No ads. Running an online service is not free. There are costs related to hosting, software development, tutorial creation, maintenance, and more. Some sites cover their costs with ads or run fundraising campaigns. Other sites collect and sell your personal information. We decided on a different approach: provide a pay-per-upload service that offers privacy. No ads. No fundraisers. Just forensics.
3. Additional Features
   This FotoForensics Lab service offers additional features that are not found on the public (free) FotoForensics site. The additional features are based on how much you support on the site.
   
   

   Price (in $USD)	Additional Features
   Basic Account	Privacy: No long-term storage and not part of any research projects. All uploaded content is removed after about 24 hours of inactivity. Bulk Uploads: The ability to upload multiple files for analysis, rather than one at a time. My Uploads: A quick way to access the pictures you recently uploaded.
   $50	Either one $50 payment or multiple payments that add up to at least $50 will unlock: Parasitic Attachment Detection: The file digest analyzer will identify the presence of common parasitic file attachments, such as zip or tar files appended to image files. Stereogram Decoder: An analyzer that detects and decodes stereographic images.
   $100	In addition to the previous features, either one $100 payment or multiple payments that add up to at least $100 will unlock: Histogram Analysis: This analyzer emphasizes attributes related to the color space.
   $150	Metadata Summary: The metadata analyzer includes an expert system that summarizes specific elements found in the metadata.
   $200	File Formats: Analysis can be performed on more than JPEG, PNG, and WebP files. This enables support for GIF, PPM, and BMP files.
   $250	Zoom: The zoom window permits analyzing the full-sized image and not just pictures scaled to fit on the screen.
   $500	Export: This provides an easy way to perform multiple tests and export results. The files can be in PDF or HTML formats. (The HTML is a zip file containing HTML, text, and all of the full-size analysis images).

   
   Each new analyzer includes additional tutorial information.
   
   Registered and authenticated law enforcement officers will receive additional analyzers immediately.
4. Requesting Accounts
   Accounts are strictly limited to legitimate requests. Users who submit false registration information or who specify disposable email accounts (e.g., hushmail) will not be granted accounts.
   
   To request an account, please complete the account request form.
   
   Account requests must include your name and a valid email address. Before the account is created, you will be sent a confirmation email that includes an activation URL. Clicking on the activation URL will allow you to create an account and specify your password.
5. Personal Information
   FotoForensics requires two pieces of personal information:
   • Your email address. This authenticates you as a user, ensures account security, and permits contacting you if there are any issues. We will not contact you regarding special offers or advertisements.
   • Your name. If we ever need to contact you, this is the name that we will use. If you do not want to provide your personal name, then how about your dog's name, or your favorite vegetable? We just need a name that we can use when talking to you. (It's nicer than saying "Dear user" or "Hey you!")
   While not required, we request that you provide additional information:
   • Field of work. This is strictly used by us to get an idea about how people use the site. If a majority of people are from a particular industry, then we can start focusing on algorithms and tools to better address your needs.
   • Country. Not everyone speaks English. If we notice a lot of users from France, Germany, Iraq, or some other country, then we can start looking into options to better support you.
   • US Law Enforcement. US law enforcement officers have a hard job, and a lack of tools/funds is just another issue they face. If we can authenticate you as an active US law enforcement officer, then we will enable some additional analyzers on your account. (These are the same tools that we train people on at various seminars.)
   • Other Information. Do you have a need that is not being addressed? Let us know! While we cannot promise a solution, we will not know about issues until people like you mention them to us.
   We will not provide this information to third parties, and we will not send you junk email regarding special offers or advertisements. Users can change their personal information settings from the account menu.
6. Forgot Your Password?
   Your user account name is your email address. If you forgot your password, then you can click on the password reset link and enter your account name. If your email address is registered with our system, then we will send you a link to reset your password.
   
   Note: Your account at this system is only as safe as your email address. If your email account has been compromised (e.g., your home computer was infected and someone in Russia has hijacked your email), then the hijacker can take over your FotoForensics account by requesting a password reset. (If this happens to you, then contact us immediately and we will block your account until you get things corrected.) Fortunately, we do not collect sensitive personal information, we do not store your credit card information, and we do not retain pictures long-term, so an attacker is unlikely to get anything of value.
7. Account Removal
   Accounts that are unused after three (3) years may be removed from the system. Users can also request the removal of their accounts.
   
   Removed accounts are completely removed -- there are no backups, no restores, and no refunds.
8. Auto-Logouts
   Idle accounts are automatically logged out after one hour of inactivity. This mitigates the risk from a user walking away from the computer and having someone else sit down and abuse the account.
9. Group Management and Shared Accounts
   Lab does not support shared accounts. However, if you are part of a group (e.g., a team of investigators), then Lab offers managed groups. How this works:
   1. First, create your own account.
   2. After creating your own account, use the contact page to request a group account. Be sure to provide a description of the group and a rough estimate for the number of group members.
   3. We will create a group and assign you as the group manager. As the group manager, you can decide who is and is not part of the group. You can also decide who is and is not a group manager.
   4. Group members will need to create their own accounts on Lab. This includes clicking on the confirmation email to complete the account creation.
   5. After creating the account, they need to provide you (the group manager) with the account name (it's the email address that they registered with).
   6. The group manager can then go to the Account menu, select Manage, and add the user to the group.
   All uploads to the group use the group's pre-paid upload credits. All group members can see all pictures that have been recently uploaded by the group members.
   
   Group members have the account option to switch between group membership and personal use. For example, you would use the group membership to upload pictures related to work, but switch to personal use for judging your local school's photo contest.

Last modified: 2022-08-08 16:50:07Z

Lab Billing

FotoForensics Lab is a pre-paid analysis system.

Contents:

---

1. Upload Rates
   FotoForensics Lab is a pre-paid upload service.
   
   Payments work like pre-paid calling minutes on a cellphone: the more you pay in advance, the more credits you receive. The rates vary from 10 uploads for $5 ($0.50 per upload in $USD) to 800 uploads for $100 -- $0.12 per upload, a 75% savings!
   
   
   • Unsure?
     For users who are unsure about the paid Lab service, we strongly recommend trying the free, public FotoForensics service first. Lab works similarly to the free service.
   • Introductory
     For users who want privacy but are unsure about Lab, we recommend trying the $5 for 10 uploads pre-paid level. This minimal level provides a few upload credits, enabling users to test the system without spending a lot of money.
     
     All new accounts begin at the introductory level. Bulk discounts are not provided until after the first introductory purchase.
   • Advanced
     For advanced users who plan to evaluate lots of pictures, we offer a significant discount: $100 for 800 uploads.
   • Custom
     For extreme users who evaluate hundreds of pictures per week (or per day), please contact us. Let us know your needs and we can work out special rates.
2. Billing Notices
   Because Lab is a pre-paid system, you will never receive a billing statement from us. Under the account menu, you can view your current balance, payment history, and transaction history.
3. Credit Card Safety
   All payments are handled by Stripe.com. Stripe is certified a PCI Service Level 1 provider. If you have any questions about the credit card security at Stripe.com, please contact them.
   
   Payments can be made with Visa, MasterCard, Discover Card, and American Express. (Currently, payments from Bitcoin and PayPal are unsupported.)
   
   At no time does Hacker Factor or FotoForensics ever see your credit card details. We only see:
   • Type of card (Visa, MasterCard, etc.)
   • Last four digits on the card.
   • Expiration date.
   • Address associated with the card.
   • Unique transaction ID.
   This is the same information that is seen by every online business where you use your credit card. (Most of it is needed to mitigate fraud or perform refunds.) For our own security, we do not download or collect your personal information from Stripe.com. In the unlikely event that someone manages to compromise the FotoForensics server, they will not get this information because the information is not stored here; it is only stored at Stripe.com.
   
   FotoForensics does store the unique transaction ID. However, the ID contains no personal information and is required for accessing any issues related to the purchase.
4. Payment Dimmed Screen
   Some web browsers may dim the screen when clicking on a payment option, but not display the Stripe payment window. If this happens to you, then your browser is likely blocking access to stripe.com.
   
   Make sure your web browser is not blocking "stripe.com". If you use a browser plugin such as "NoScript" or "SafeScript", then you must permit access to stripe.com in order to make payments.

Last modified: 2022-08-08 05:13:59Z

Terms of Service

Thanks for using our online service ("Service"). This Service ("FotoForensics") is provided by Hacker Factor ("Developer"). This Fotoforensics Service offers a platform for performing digital photo forensics and related forensic activities.

By using our Service, you (the "User") are agreeing to these terms. Please read them carefully.

---

1. Summary
   This is a summary of the Terms of Service, written in plain English.
   
   Our promises to you:
   • We will do our best to keep your private data private. We will not include your data in research projects, not share your data with others, and not interfere with your business. (Except where required by law.)
   • We will delete unused content after 24 hours of inactivity. This goes along with keeping private data private. When we say that we delete files, we mean it. When you stop accessing a file, it becomes inactive. After about 24 hours of inactivity (24-25 hours later), it is removed from the system. We have no backups of your pictures. We will still track that an upload occurred, but the actual image file is gone.
   • We will do our best to keep this server up and running. However, there are some things outside of our control. For example, if we have a major hardware failure, then the system may become unavailable. We will try to minimize any negative impact.
   • We will do our best to keep the system secure. This is always an uphill battle since new technologies can lead to new exploits and unknown flaws may be discovered by a hostile user. If we learn of a system compromise, we will inform users as soon as possible and take corrective steps as needed. Just to be clear: Our first priority is to stop the compromise and fix any vulnerabilities. Our second priority is to inform users.
   What we expect from you:
   • You will not attempt to compromise or abuse the system. If you notice a bug, tell us -- but do not attempt to exploit this server. We take security issues very seriously. If you notice something, we will jump to address the problem.
   • You will not upload content that is illegal in the United States of America or the State of Colorado. That includes child porn or related child exploitation pictures. Even if child erotica is legal where you are, you should assume that it is illegal were this server is located. If you upload prohibited content then we are legally required to report you to the authorities.
   • This server is shared among all of the Lab users. You will not attempt to stress the server (e.g., consume all computational resources), denying service to other Lab users. The server will give you warnings if you are stressing the system; ignoring the warnings will result in a temporary ban.
   • Automated uploads should be performed through the API. (See Account→API.)
   • You are responsible for the content uploaded to your account.
     • Unless you have explicit, written permission: you will not share accounts.
     • We understand that some corporate environments prefer maintaining one account that is shared among members. Shared accounts require prior approval. If the person creating the account does not want to be held responsible for all content uploaded by the account, then do not share accounts.
   • You will not resell access to this service or embed this service into another software package without prior written approval from Hacker Factor.
   • For users with additional analysis options, you will not share the training, tutorials, or algorithm details with other people. (If we want our technologies made public, then we will make it public.) Right now, there are real bad guys trying to learn how this works so they can defeat this system. By keeping our tutorials and information about the algorithms private, we limit what the bad guys can learn.
   This is the basis of our mutual non-disclosure agreement: we will not disclose your data, and you will not disclose ours.
2. About This Service
   Hacker Factor maintains multiple FotoForensics services. The public service (https://fotoforensics.com/) is a free online service for research. It contains a limited set of tools and documentation. The public service offers no privacy and all uploaded content becomes part of a research archive.
   
   In contrast to the public service, this FotoForensics service ("Service") is not public, not shared, not used for research, and uploads are not part of the public archive. It contains additional tools and training material for evaluating digital pictures. Files uploaded to this Service are stored separately and independently of the public FotoForensics service.
3. Restrictions
   The User may not alter, merge, modify or adapt this Service in any way including disassembling or decompiling. The User may not loan, rent, lease, license, or distribute access to this Service. The User may not transfer, license, or redistribute the Service documentation.
   
   This Service is believed to be free of restrictive−use patents and third-party license restrictions. In jurisdictions where the use is restricted, this Service may not be used. The User may not restrict the use or distribution of this Service by filing patents, trademarks, or copyrights that incorporate or restrict this Service's use.
   
   User accounts will be terminated under the following conditions:
   • The User requests closing the account.
   • If FotoForensics detects unauthorized account sharing, then the account will be terminated.
   • Account credits require a credit card purchase. Fraudulent or suspicious transactions will result in account termination.
   • Account access levels may be based on submitted account information. Intentionally misleading account information may result in a removed account.
   • Child-related pornography and erotica are prohibited. If FotoForensics detects a violation of this restriction, the account will be terminated. As a service provider, the Service's administrators are mandatory reporters and legally required to report violations to law enforcement. This Service uses automated tools to detect these violations.
   • The User is not permitted to intentionally compromise the Service's security. If the User is found to be intentionally attempting to compromise the Service's integrity or security, then the User's account will be terminated.
   Unused upload credits are forfeited when an account is terminated. There is no reimbursement for unused upload credits.
4. Privacy
   This instance of the Service is a "private server". It is intended for forensic-related use only and not for public dissemination.
   • Accessing content requires an account on the server. Every user is required to have a unique account. Shared accounts are only permitted with prior permission.
   • URLs to specific pictures are only accessible to users who upload each specific picture; users have the ability to share the URLs with other users on the system, but not with users outside this system.
   • The FotoForensics administrators will not disclose uploaded content, except where required by law. The server will not maintain backups of uploaded content; when content is removed from the server, it is deleted.
   • User accounts may be associated with email addresses. Except as requied by law, these addresses are not provided to anyone outside of the FotoForensics administrative staff. We will not sell your email addresses, we will not send you spam, and we will only contact you regarding service-related issues.
   • Prepaid purchases require a credit card transaction. FotoForensics does not request, receive, or store credit card information. Instead, FotoForensics uses a third-party called Stripe.com for processing credit card transactions. FotoForensics never receives your credit card information and only stores the minimal amount of transaction receipt information. FotoForensics takes no responsibility for the security of any third-party card processing system.
   • Administrators will only view your content with permission, or if a problem is reported.
   Software problems, requested assistance, and terms-of-service violations may result in temporary data retention and access by staff. As mandatory reporters, we may retain or report information related to violations as required by law.
   
   This FotoForensics service does not provide Health Insurance Portability and Accountability Act (HIPAA), Sarbanes Oxley (SOX), EU General Data Protection Regulation (GDPR), or other industry-specific privacy requirements.
   
   Effort has been made to prevent a server compromise. New bugs, defects, exploits, and vulnerabilities should be reported to the FotoForensics administrators immediately.
5. Copyright
   FotoForensics is used to evaluate content.
   • Pictures used in the tutorials and training materials are copyrighted by their respective owners.
   • Each uploaded picture's copyright is retained by the original copyright holder. Uploading to FotoForensics does not constitute a transfer of copyright.
   • The derivative works (analysis pictures) are either the copyright work of Hacker Factor or of the original source's copyright holder. The distinction depends on the similarity between the analysis result and original source.
   All other intellectual property rights related to FotoForensics and this Service, including the associated documentation and training materials, are owned by Dr. Neal Krawetz (Hacker Factor, "Developer") and are protected by United States copyright laws, other applicable copyright laws, and international treaty provisions. The Developer retains all rights not expressly granted.
   
   The Developer grants the User permission to use analysis results that are copyrighted by the Developer for non-commercial use. This permission is not a transfer of copyright. The User may not resell or license the analysis. The User may not use FotoForensics, the Developer, or related content as an endorsement.
6. Limited Warranty
   The Developer makes no warranty or representation, promise or guarantee, expressed or implied, statutory or otherwise, with respect to this Service including its quality, performance, merchantability, or fitness for a particular purpose.
   
   The warranty and remedies are exclusive and in lieu of all other, oral or written, expressed or implied. No Software dealer, distributor, agent or employee is authorized to make any modifications or additions to this warranty. In jurisdictions where a warranty is required, this Service may not be used.
7. Limitation of Liability
   FotoForensics does not draw any conclusions about a picture's authenticity or acceptability. The User is responsible for reaching any conclusions regarding any pictures. FotoForensics only provides tools and training material that can be used to assist in evaluating images.
   
   FotoForensics and the Developer are not liable for the usage of this Service. FotoForensics and the Developer are not liable or responsible for information, data, documents, or images retrieved, generated, stored, copied, accessed, or derived that is copyrighted, proprietary, pornographic, restricted or otherwise illegal.
8. Billing
   All uploads are associated with prepaid account credits. All purchases are final. There are no refunds for purchased credits. Upload credits have no cash value.
   • If a User's account is closed for violating these Terms of Service (e.g., sharing accounts or uploading child-related erotica), then the User forfeits all prepaid credits.
   • FotoForensics reserves the right to change the cost to purchase future upload credits. Future rate changes will not affect currently purchased credits.
   • After one year of inactivity, unused balances automatically expire. To prevent expiration, additional upload credits must be purchased. Each user's account page identifies the current expiration date.
   • Uploaded files are scheduled for removal from the server after 24 hours of inactivity. Files are removed after 24-25 hours of inactivity.
   • Duplicate file uploads (e.g., resubmitting the exact same picture in a 24-hour period) will not be charged any credits. Duplicate uploads can happen if two people submit the exact same file within a 24-hour period -- only the first upload is charged. This usually happens when two people with two different accounts are working together on the same case.
   For clarity between the terms unique and duplicate uploads:
   • Uploading a picture the first time is a unique upload and results in a deduction (charge) against the prepaid number of uploads.
   • Uploading the same file multiple times during the 24 hours period is considered a duplicate upload. Only the first upload is charged; duplicates are not charged.
   • If multiple accounts upload the same file in a 24-hour period, then only the first upload is charged. All others are considered duplicates. The Service assumes that multiple accounts may be working together and evaluating the same picture at the same time.
   • Uploading the same file after it has been removed from the server is considered the same as a unique upload. It will result in a charge and is not a duplicate upload.
   Because all purchases are prepaid, no bills or invoices will be sent to the User. Users can view their current balance and transaction history under the 'Account' menu.
9. General Information
   Should you have any questions concerning this Service, please use the request form or contact Hacker Factor (https://www.hackerfactor.com/).

Last modified: 2023-05-30 06:05:42Z

Security Policy

This FAQ describes this site's security policies.

---

Security Policy

1. Acceptable Use
   The FAQ's General section details the acceptable use policy. We provide a variety of FotoForensics services, each with different acceptable use policies. These are summarized as follows:

   Service	Acceptable Uses
   Public	The public site (fotoforensics.com) is intended for amateur, low volume analysis. There is no login and there is no privacy. All uploaded content may be used for research. The research is typically related to the development of new forensic and analysis tools, but it can also include methods to better secure the server from abuses. Because content uploaded to the public server may be viewed by other people, we do not permit pornography, nudity, or sexually explicit content. Per Federal law, child pornography is immediately reported to NCMEC. The public service also prohibits documents that contain personally identifiable information, including pictures of credit cards, passports, ATM receipts, and utility bills.
   Lab	The FotoForensics Lab service (lab.fotoforensics.com) is intended for commercial, bulk, and private analysis. No uploaded content is used for research, and uploaded files are automatically removed after one day of inactivity (24-25 hours after the last access). Because the uploaded content is private, we only forbid child pornography.
   Solo	All standalone FotoForensics instances (the Solo servers) are outside the scope of our control. The FotoForensics Solo servers exist in your network environment; we do not have remote access and we do not manage them. Contact your IT department for their security and acceptable-use policies. (If you're not on Public or Lab, then you're on Solo.)

   With each of these services, unauthorized 'hacking', security audits, and network scans are not permitted. These will be viewed as an attack and treated as such. This may result in a short-term ban, long-term ban, and/or a legal response.
2. Security Response Policy
   In the event of a compromise, our first priority is to identify and stop the abuse. Our second priority is to notify users. The type of data that could be compromised and method of notification varies based on the type of FotoForensics service.

   Service	Response Policy
   Public	The public site (fotoforensics.com) has no logins and no privacy. Therefore, there is no expectation of privacy. Moreover, the use policy forbids the uploading of personally identifiable information. (Any user who uploaded this type of prohibited content already breached any privacy and agreed to making the pictures publicly accessible.) Notifications will be made on Mastodon (via @hackerfactor) and in the system status log.
   Lab	The FotoForensics Lab service (lab.fotoforensics.com) is a paid service but never has access to credit card information. All credit card transactions are handled by Stripe. Lab does contain the personal information used for requesting an account (name, email, optional field of work, optional country, and optional additional details.). Lab also caches the last 24 hours of uploaded pictures. Notification will be made by email.
   Solo	All standalone FotoForensics instances are outside the scope of our control. Contact the respective service providers.

3. Bug and Vulnerability Reporting
   Bugs and any security related matters should be immediately reported using the contact form or by email: . Please include:
   • Which services are impacted? (All? Only the Public site? Or you only saw it on one service and haven't checked the others? Great -- just let us know; we can check the others.)
   • As much detail as possible about the issue and what you found. If we can recreate it, then we can work on a solution. But in order to find the bug, evaluate a vulnerability, or recreate a problem, we need details. If the issue is associated with a picture, please include a link to the picture or to the FotoForensics ID (the long value after 'id=' in the analysis page URL).
     
     Note: Unless we explicitly ask for it, do not email us pictures. Our email system automatically removes attachments before delivery, so we will not receive unsolicited picture attachments.
   • Your contact information (at minimum, your email address). This will be used to acknowledge receipt of the issue, provide status or resolution updates, and to request any additional information.
   You should receive a response within 48 hours.
   
   
   If the issue is theoretical or suspected, then do not attempt to validate the issue without permission. Instead, contact us and we will evaluate the threat.
   
   If the issue is a viable exploit, then please do not exercise the exploit. Instead, contact us and we will address the issue.
   
   After the issue is resolved, we can coordinate a public statement.
4. Bug and Vulnerability Renumeration
   We're not Google; we're not wealthy and we don't have unlimited resources. There are some people who won't report bugs if there isn't an established bug bounty program. Unfortunately, we cannot promise a payout or swag to people who report serious issues.
   
   We provide web services that help people all over the world. By helping us make this site better, you help all of those other people. Please accept our thanks. (And if we meet you at any conferences, we'll buy you a beer.)

Last modified: 2023-01-08 01:31:53Z