Chrome Extension to Detect Images of Fake Tweets

February 03, 2020

I was recently asked by a political science professor and friend to help with a lecture at the University of Nebraska at Omaha on the topic of fake news from a technology practitioner’s perspective. I tried to help illustrate the technological and privacy challenges at play with the topic. Ultimately, I spoke on a couple of points at the lecture and created a proof-of-concept (POC) chrome extension in the process.

The chrome extension is located here: https://github.com/ZonkSec/IsThisTweetReal

Once loaded, you can right click on images within a web page and select “Is this tweet real?”. If clicked, the extension will send the image to an OCR API, attempt to parse the OCR text of the image using regex (this could use a lot of work), and then open a tab with a twitter.com query using the parsed parameters. If a tweet is found with the query, then the tweet was real! Otherwise, it was doctored. This POC has its issues. The OCR can be flawed and the resulting query is incorrect. The regex to parse the tweets is not very sophisticated and can easily break or be incorrect. But at the end of the day, it was always just a POC. Having never developed a browser extension before, this was a great opportunity to learn and opened my eyes to what security issues may lay in this area of the browser.

If you are interested in using the extension, the installation instructions are below.

Installation :

1. clone source
2. get free api key from ocr.space: https://ocr.space/OCRAPI
3. update background.js so var api_key is your api key.
4. install as unpacked extension as described here: https://developer.chrome.com/extensions/getstarted

Thanks for reading and happy hacking! 🙂