Forgot your password?
typodupeerror
Security

Blurring Images Not So Secure 166

Posted by CmdrTaco
from the release-the-blue-dot dept.
An anonymous reader writes "Dheera Venkatraman explains in a webpage how an attacker might be able to extract personal information such as check or credit card numbers, from images blurred with a mosaic effect, potentially exposing the data behind hundreds of images of blurred checks found online, and provides a ficticious example. While much needs to be developed to apply such an algorithm to real photographic images, he offers a simple, yet obvious solution: cover up the sensitive information, don't blur it."
This discussion has been archived. No new comments can be posted.

Blurring Images Not So Secure

Comments Filter:
  • by Boccaccio (762644) on Sunday January 07, 2007 @10:23AM (#17497332)
    Will this work on Japanese porn too? My friend wants to know.
    • Re:Japanese porn (Score:5, Informative)

      by 1u3hr (530656) on Sunday January 07, 2007 @11:08AM (#17497568)
      Try GMask [nifty.com]. This method of mosaic masking is often used to make the images legal for Japanese webpages, yet allow perverts to recover the original image.

      Now cue about 50 posts talkng about the "CSI Photoshop enhance plugin".

      • by Anonymous Coward on Sunday January 07, 2007 @12:35PM (#17498070)
        Only on Slashdot would this man's question get an informative reply. I now remember why I've wasted 9 years of my life browsing this site. Thanks!
        • Re: (Score:2, Funny)

          by KuRa_Scvls (932317)
          I thought you guys come here for all those overlords and linux on toaster jokes :O
          • Re: (Score:3, Funny)

            by TheoMurpse (729043)
            Only the unwashed masses come for those. The truly educated elite? Well, we come for the Natalie Portman hot grits jokes.

            Speaking of Slashdot memes, do GNAA trolls still show up? I haven't browsed below +4 in a year, so I'm not entirely sure.
      • Re: (Score:3, Interesting)

        by mrmeval (662166)
        That's just funny. The source actually compiles on Linux but I have no idea how to use it.
        I always thought porn was for hiding Soviet spy messages. I suppose pictures could hide horse porn with steganography.
    • by Tablizer (95088) on Sunday January 07, 2007 @02:23PM (#17498990) Homepage Journal
      Will this work on Japanese porn too?

      Only if the number of possible cunts is fixed and known.
           
      • Re: (Score:3, Insightful)

        by TheoMurpse (729043)

        Only if the number of possible cunts is fixed and known.

        Somehow, I feel like I'm not reading Slashdot. Did the channel get changed over to MTV's New Year's Countdown [youtube.com] (language NSFW)?

        I hereby dub Tablizer the John Cleese of Slashdot. I've never seen anyone use that word here before (John Cleese said "fuck" during his eulogy of Graham Chapman at the televised funeral, and allegedly was the first to use the f-bomb on TV, or something like that).

  • by macadamia_harold (947445) on Sunday January 07, 2007 @10:32AM (#17497392) Homepage
    While much needs to be developed to apply such an algorithm to real photographic images, he offers a simple, yet obvious solution: cover up the sensitive information, don't blur it."

    And please, when you cover the information with black bars, use Adobe Acrobat. (this solution brought to you by the CIA)
    • Re: (Score:3, Interesting)

      by solafide (845228)
      If you don't remember or want a refresher on what happened, the original article is at http://it.slashdot.org/article.pl?sid=06/06/22/138 210 [slashdot.org] . It's worth bookmarking in case you ever need to do the same yourself.
    • by FLEB (312391)
      Actually, if you look at the box for Acrobat 8 (USA, YMMV) they list "Secure redaction" as a bullet-point on the back of the box. Apparently they've put in a feature that allows you to select text and actually delete it underneath the redaction bar. Another blow struck in the battle for information transparency via stupidity.
  • by bmsleight (710084) on Sunday January 07, 2007 @10:33AM (#17497396) Homepage
    Squinting [wiktionary.org] your eyes also works.
  • by gbjbaanb (229885) on Sunday January 07, 2007 @10:35AM (#17497404)
    damn right. I see this happening on CSI all the time, the licence plate, blurred, reflected in a window, with someone standing in front of it.. just 'clean up the image', and bobs your uncle - one licence plate revealed clear as day. :)
    • by Dachannien (617929) on Sunday January 07, 2007 @10:46AM (#17497450)
      It's hilarious every time they do this. They start with a picture of some guy's face from 500 feet away that looks like a big skin-colored blur, and by the time they're done enhancing it, you can see right up the guy's nose. Of course, they want to keep it realistic: to show that you can only enhance an image so much, his nose hairs are slightly pixelated.

      • Re: (Score:3, Funny)

        by 1u3hr (530656)
        Of course, they want to keep it realistic:

        Whichis why it uses the authentic photpenhance sound effect as the image appears in rows, like dot matrix printer. Us imaging professionals see that every day.

        The weird thing is that they must have a whole staff of highly qualified computer geeks who do their effects who could tell them this was bullshit.

        • by radtea (464814) on Sunday January 07, 2007 @01:34PM (#17498548)
          The weird thing is that they must have a whole staff of highly qualified computer geeks who do their effects who could tell them this was bullshit.

          You need to realize that CSI is science fiction masquerading as a cop show. Their impossible tricks with image processsing and the like are the show's equivalent of FTL travel. But despite having miraculous technology, they actually get the method and attidudes of science right, at least on the original series. They look at the evidence, and struggle to overcome their prejudices regarding what they would like to be true. Sometimes they follow false trails, and have to accomodate new facts by discarding the theory they've built up so far.

          Gil Grissom may be the only character in TV history who actually behaves more-or-less like a real scientist.
          • Re: (Score:3, Insightful)

            by 1u3hr (530656)
            They look at the evidence, and struggle to overcome their prejudices regarding what they would like to be true. Sometimes they follow false trails, and have to accomodate new facts by discarding the theory they've built up so far.

            I suppose that's one way to look at it. For me, I gave up after the first season. The "false trails" thing just became a cliche; you KNOW that it's never the one or how who it seems to be first; that's always a red herring. And the complete unreality of the CSI geeks going around

            • Re: (Score:3, Insightful)

              by aussie_a (778472)
              Its actually quite easy to tell if they've caught the real killer. "Does the show have 20 minutes or less out of 1 hour to go? If yes, probably the right killer. If no then the wrong killer. If the show has 10 minutes or less then it is definitely the real killer."
              • You obviously haven't watched it this season. The number of cases that roll over from one episode to the next has greatly increased this season. As a matter of fact, the one running plot (the miniature killer) that spanned, I believe, more than 4 or 5 episodes, which they neatly tied up a couple weeks ago, appears to have resurfaced in the season opener.

        • by sahonen (680948)
          The weird thing is that they must have a whole staff of highly qualified computer geeks who do their effects who could tell them this was bullshit. If said geeks were right in the room with the script writer I would agree with you, but they don't come in until after the show's already been shot.
      • Ah yes .... the patented CSI "reverse algorithmic". That one earned a chuckle from me.
      • by pvt_medic (715692)
        But then they are able to extract from the picture a reflection in someone eye to see who is behind the photographer. Good stuff, I am obviously an unskilled photoshop user.
    • by rednip (186217) *

      I see this happening on CSI all the time
      Yea, and I see time and space travel on TV all the time too. CSI doesn't pretend to be anything more than fiction and expecting a TV show to be more realistic just because it's popular is like expecting blog writers to be accurate, it's nice when it happens, but I don't expect it.
  • Impossible! (Score:2, Insightful)

    by Anonymous Coward
    You do realise that an algorithm to "un-blur" a blurred image is a total waste of time, right? There's no way for the algorithm to know how many times and in what various directions I blured the image - or if I added/deleted text before blurring. It's like a virus for Linux.. no one writes it because it's a waste of time. Leave it to slashdot to post bullshit.
    • Re:Impossible! (Score:5, Informative)

      by dheera (1003686) on Sunday January 07, 2007 @10:48AM (#17497464) Homepage
      the problem is more the fact that so many people on the internet use just a simple mosaic to do blurring. i can cite enough examples from google image search if i wanted to. others resort to applying a motion blur effect just once which can be reversed by deconvolution if it's not blurred enough. if you use the smudge tool, good for you, i don't think there's a good way to reverse that. the problem is that blurring and mosaic techniques are simple, consistent transformations, while smudging is not.
      • I really don't get why people post sensitive information on the web in any form. The example in the article shows a "Sample" check. Then mentions something about a real check involving winning 1 million dollars.

        So, if you blurred it, you must have edited the photo. So in no way does a photoshopped photo prove you won a million dollars. Completely blanking out (with pure white, pure black, a texture, etc) the image proves just as much as the blur. WTF is the point? By contrast, PDFs and DOC files requires un
        • So, if you blurred it, you must have edited the photo. So in no way does a photoshopped photo prove you won a million dollars.

          Nor does coming over to your house to show you the actual million dollar check prove that I won it either. For all you know, I might have printed that one myself on my new color laser printer. Of course, I could deposit it and show you my online bank balance. But maybe I've setup some kind of strange proxy which does a man-in-the-middle with the bank and replaces a deposit for $100.00 with one for $1000000.00 instead. Or I could take you with me to the bank and deposit it with the teller. But maybe th

      • by mustafap (452510)
        Personally, I just replace the part to be hidden with an image of a similar type. For example, in all my pictures of porn or gratuitous violence I replace the heads of any identifiable individuals with that of Bill Gates. Works great ( well, apart from the porn )
      • by Kjella (173770)
        A mosaic works perfectly, because it's lossy and one-way as hell. Take a 3x3 pixel block that is like
        100 120 140
        110 130 150
        120 140 160
        becomes
        130 130 130
        130 130 130
        130 130 130
        and there's no information here that can be recovered about the distribution. The only thing that happened here was that he conviently choose a block size and low-information data which essentially mapped 10 possible values (images of 0-9) to 256 shades of gray. Obviously, you can now find that there's one shade per number. In a photo t
    • by KDR_11k (778916)
      The idea is not to reconstruct arbitrary information from a blurred image, it's to "decrypt" text that was blurred.
    • by TheSpoom (715771) *
      Did you read the article? (Yeah, I know, this is Slashdot.)

      Dude was effectively talking about a dictionary attack on the blurred information; he was treating it as a one-way hash and was at no time attempting to decrypt the information. What he was doing was reencrypting (reblurring) every possible combination possible on the image in question and seeing which one was closest. For a mosaic effect like the one he described (which is used quite frequently), it seems to be pretty effective.
    • by duckpoopy (585203)
      You do realize that you are completely wrong, right. There are many approaches to blind deconvolution. Many of these techniques are quite old. Although it is a difficult problem, it is not cutting-edge stuff.
    • an algorithm to "un-blur" a blurred image is a total waste of time

      Maybe for a single image, but how about blurred or pixelated informants or (increasingly) logos on TV, with many closely correlated frames?

  • by p51d007 (656414) on Sunday January 07, 2007 @10:48AM (#17497460)
    Anytime I post a picture, such as a car with a license plate, I BLANK out the numbers/letters with three colors, a block of white, then a block of silver, then a block of black. Not layers, just the colors.
    • by jez9999 (618189)
      For those of us who don't get this joke, could someone please explain what is funny about it??
  • Blurring can be made secure, if the picture is blurred or pixelated) to the maximum. Then no one can see the original numbers any longer, therefore creating the highest possible degree of security.
    • Re: (Score:3, Interesting)

      by dheera (1003686)
      not always true. while it's reasonably good today, some day in the future, if we have 16-bit color channel depth ever become a standard (a 16-bit tiff for example), there will be enough data maintained at the edges of the blurred region to reconstruct the data. all you have to do is FFT the region, divide by a gaussian, inverse FFT, then keep repeating for different gaussians - this will basically divide out the system function used for blurring. 8-bit channels of today don't quite make it practical resolut
    • RTFA (Score:5, Informative)

      by porneL (674499) on Sunday January 07, 2007 @11:12AM (#17497594) Homepage

      The whole point of the article is that blurring and pixelating beyond recognition isn't enough. You don't need to see the original numbers, you just have to find numbers that blur to a similar blob. It's a dictionary attack with blur as a hash function.

    • by 1u3hr (530656)
      Blurring can be made secure, if the picture is blurred or pixelated) to the maximum. Then no one can see the original numbers any longer, therefore creating the highest possible degree of security.

      Please, RTFA. If you know these are numbers and the font (as on a credit card) that means you only have to get 10 levels of grey to have an excellent chance of working each digit out. You can't "see" it, but the information is there. Just use the eyedropper to select one colour, then paint over it.

  • by haakondahl (893488) on Sunday January 07, 2007 @10:51AM (#17497494)
    An unclassified report was released with information blacked out to make it unclassified. The problem is that whatever software was used to produce the PDF with classified information hidden had only applied a layer which was easily removed.

    People who do not understand the technology they are working with should not have this kind of release authority. And that's the hard part--the higher up you are in the food chain, the less likely you are to understand the new tools your organization is working with.

    There are very few users in government who could not do their jobs just fine using Windows 3.11, WordStar 3.x and an e-mail client on a fast but simple machine.

    Slaved as the government is to Microsoft's development cycle, however, the government will always be at the cutting edge of compromised.
    • I thought of the PDF thing too when I read the article!

      Yeah, that's decidedly the exception to this rule.

  • Un-blurring photos (Score:2, Interesting)

    by rzei (622725)

    While I acknowledge knowning little about different blurring algorithms could someone enlight a bit how much of "unblurring" can be done? I realize there are some "sharpen" filters in Photoshop and Gimp but AFAIK they all seem to be based on highlighting edges or something like that.

    As in the TFA, the Bill Gates picture has a small part of it blurred (his face). Could it be possible to calcute all the possible variations that give the same bitmap as the original when filtered with gaussian blur? What I

    • It's sort of like rot13 encryption. Do it enough times and you're bound to get the same things as what went in. 79 times - nope. 113 times - nope. But dammit, the 186th time works!
    • Try a Google (Scholar) search for ("blind") "Deconvolution", e.g. the Lucy-Richardson (if I recall correctly) algorithm. MatLab's image processing toolkit has some of them as built-in functions. It's one of the standard machine-learning problems.

      In short: "Blurring", as most image processing software does it is a convolution (i.e. a multiplication in Fourier-Space) of the original image with a Gaussian kernel. Since the resulting image is real but the multiplication takes place in the full complex Fourie
  • by pla (258480) on Sunday January 07, 2007 @10:56AM (#17497512) Journal
    He basically points out that a blurred mosaic amounts to a form of inexact hash function. While irreversable, if you have a small enough input space, you can exhaustively hash all possible candidates and pick the one(s) that best match the target.

    Interestingly enough, while he points out that most financial account numbers contain a degree of error detection and correction, he chooses to use that to reduce the match set, rather than the candidate set. I suppose this would matter if you wanted to prove a hypothesis (if the best match yields a valid number, you have a p=[valid/total]), but if you just want to steal someone's account info, you'd do better to reduce your processing time and just try the best few results in order.
    • by StandardCell (589682) on Sunday January 07, 2007 @12:17PM (#17497986)
      In a lot of advanced image processing where you want to upscale an image, you can actually use a wavelet-based scaling technique that recovers amazing amounts of detail. In most digital TVs these days, they use a two-dimensional polyphase finite impulse response filter tuned for a certain degree of Gibbs phenomenon (ringing around harder edges) versus detail loss. But this has its limits, and it doesn't intelligently reconstruct the image details. In addition, it's notoriously difficult to tune properly for all content.

      In contrast, wavelet based scaling can actually reconstruct phenomenal amounts of detail from a degraded image. For digital TV applications where you have DVDs or standard definition content displayed on a high-definition fixed-resolution display, wavelet-based scaling can actually make real details re-emerge where they weren't there before. The bottom line explanation is understanding and interpreting the influence of adjacent pixels with a minimum of error as the article's author demonstrates (although, as the parent post explains, he's going about it in a convoluted way). I've actually seen the preliminary results that some engineers had shown me that makes it look like something a government agency would use to enhance satellite or surveillance camera images. It makes DVDs look almost exactly like HD-DVD or Blu-Ray HD content. In fact, I expressed my concern that this scaling method could be used on digital TVs to actually "unmask" blurred or blocked faces on TV shows and introduce liability issues.

      Nevertheless, it is possible to reconstruct a LOT of detail from blocked out or blurred faces or pretty much any content. Doing it in real time on HD resolution displays is a different matter altogether as it requires enormous computing power. But it is coming in the next 3-5 years. If you're really interesting in blocking out content on digital photos, use a solid black color over the part you don't want recognized.
      • by iangoldby (552781)
        Found this link for GreyCstoration [ensicaen.fr] which sounds similar to what the parent mentions. This isn't a wavelet technique, but it seems to produce quite good results. But I'm always very skeptical of any claim to restore detail not in the original image - in this case it seems to rely on the idea of

        locally smooth the image preferably along the image structures

        which can give the subjective impression of improving detail, but only because that is what our brains expect to see in a sharp image.

        Does anyone have a l

      • > If you're really interesting in blocking out content on digital photos, use a
        > solid black color over the part you don't want recognized.

        No need for black. Just replace the part you don't want recognized with something else rather than blurring it (or better yet replace it and then blur it. Let them waste their computing power).
      • by NickDngr (561211) *
        In most digital TVs these days, they use a two-dimensional polyphase finite impulse response filter tuned for a certain degree of Gibbs phenomenon (ringing around harder edges) versus detail loss.
        That is an awesome sentence. You win the prize for stringing together the most buzzwords.
      • Okay so I'm replying to this rather late, despite enjoying the post when the article first came out. Is there a way to tell which, if any, HDTVs and/or DVD players on the market employ wavelet based techniques? Cheers, Justin
  • Wouldn't multiple blurs over the same area also make it much harder to decipher? Yes, [evil person] could apply the affect multiple times as well, but that would be assuming they knew that a) the person had done it more than once and b) how many times they'd actually done it.
    • by Pieroxy (222434)
      In other words, security through obscurity. When it's so simple to just mask the offending area... Go figure.
  • MaxEnt (Score:5, Informative)

    by TeknoHog (164938) on Sunday January 07, 2007 @11:14AM (#17497612) Homepage Journal
    This is a kind of maximum entropy [maxent.co.uk] method, like the unsharp mask in image processing. Basically, if you know the blurring (convolving) function, you can reverse it. There are more sophisticated algorithms for cases where the blurring function is unknown, based on certain regularities; for example motion blur has a fixed direction and magnitude.
    • by SharpFang (651121)
      Not always. Convolution matrix can be a lossy transform operation. If you're replacing a 5x5 pixels area with medium average of values of pixels contained within ('resolution drop blur') there's no way in hell you could reproduce all 25 pixel values just from the color they've been averaged to. If each pixel is an average of itself and 24 surrounding pixels within 2 pixels range, solution becomes an enormous set of equations, because it depends on unknown values of pixels which depend on its own (unknown) v
    • by MobyDisk (75490)
      You didn't read the article, which is why you are completely wrong. An unsharp mask cannot recover data from a blur. And knowing the convolving function does not allow you to reverse it. The best you can do is guestimate, which is what the maxent algorithm you linked to does. It does not reverse the function since that is mathmeatically impossible. And the method discussed in the article does not use this approach.
      • by TeknoHog (164938)

        I did read the article, and I wanted to point out that what they are doing is not entirely new. Their approach is somewhat different than what you usually see, but the idea is basically the same.

        I also know that convolution isn't always reversible, but in many cases it is. I've made professional use of deconvolution to cancel motion blur in a well-defined system. In less defined systems you need to use stuff like MaxEnt, but it also assumes that there is some unknown, well-defined convolving function.

  • maximum entropy (Score:5, Informative)

    by localoptimum (993261) on Sunday January 07, 2007 @11:21AM (#17497640)
    This kind of problem is indeed quite easy to solve with a good algorithm. It's a hard(!) inverse problem, meaning that there are many possible model solutions (guessed number combinations) that match your data (pixels). The weakest link is knowing exactly the blurring algorithm that was used.

    In the real world, data is imperfect and noisy, so the article is thus far correct. What is not correct is simply to pick the data with the nearest match, because it's a best match to the noise also. Maximum entropy is one algorithm which gives you a probabilistic answer, i.e. "the chances that this particular combination is the right one is [whatever] percent". You then pick the most likely one. Astronomers use this technique all the time for removing the blur and diffraction on their images. I personally use it regularly for nuclear spectroscopy, and it's absolutely solid if you use it carefully.

  • This is precisely why I hand write all my checks with a sharpe marker, here's an Example [mises.org].
  • Daniel Cohen-Or [tau.ac.il] manages something I consider far more interesting. Take for instance this PDF about image reconstruction [tau.ac.il].

    There's quite a few more impressive papers on his page, for those interested in graphics.
  • This reminds me of when a company sent out a PDF file with a lot of very sensitive information covered in black, but it was done with a black box in Acrobat.

    If you read it on screen or printed it out, it worked as they expected. But when you selected the text and copy and pasted it somewhere else, you could read every bit, including the names and details they thought were obscured.

    • by NevarMore (248971)
      That wasn't just a company, that was the US government.
    • This reminds me of when a company sent out a PDF file with a lot of very sensitive information covered in black, but it was done with a black box in Acrobat.

      Not a company, 'The Company'. They were declassified CIA documents if I remember rightly.

  • See that little icon on the toolbar that looks like an eraser. Click it and then drag it over the area you want to remove (the credit card number or whatever else). The information is gone and there is no way to bring it back.
    • if the layer has alpha, it may be even less secure than blurring :) not a problem when using plain jpegs, of course (but may affect png)
  • ...contains almost the same information as the original. Consider a 1D example with a sequence of pixels:

    1-10-20-5-8-10

    Now perform a simple blur by averaging each pixel withh its neighbors (padding with zero at edges):

    3.7-10.3-11.7-11-7.7-6

    Suppose we lose the original. Note that we have still have 6 values and we know the equation that generated each one. So we have 6 equations in 6 unknowns, and we can solve. (In real life blurs are more complex, but in practice they are still linear, including blur fr

  • "But, really..." (Score:4, Insightful)

    by solitas (916005) on Sunday January 07, 2007 @12:36PM (#17498086)
    (from about 2/3 down the page):
    So yes, I used an image against itself and designed it to work here. But the algorithem can surely be improved to work on real stuff. I don't have the time nor desire to improve this any further, though, because I'm not the one after your information.

    Yeah, like: surely someone else can make it work - I've only described a fantasy in an article that'll work only under fabricated examples and circumstances and I don't want to put myself in a position of proving it unworkable in general use.

  • Long ago, I posted up a picture about Vonage 911 and a screenshot for dslreports.com long ago.
    You'll find it here:
    http://www.dslreports.com/r0/download/800075~433b 0 c31ec1520970b77229393b7d713/vonage.png [dslreports.com]

    Now, unless you know what mosaic settings I used, I don't see anyone cracking these numbers anytime soon. I think this sounds good in theory, but no good in practice unless everyone is using the exact same software to do the mosaic modification.
  • First, this isn't blur, it's pixelation, with big pixels. That's not the same as blur. True blur, like Gaussian blur in Photoshop, doesn't actually destroy that much information. After Gaussian blurring, each pixel has a unique value, but it's a linear combination of values from nearby pixels. There's almost as much information as before blurring; the only true losses are from rounding. That's a reversible process. [nist.gov]

    Pixelation, though, substantially reduces the amount of information in the image. Bef

  • Blur is of course insecure. Beyond this reverse-engineering trick, it's also a known visual trick that something which up close looks blurry and unrecognizable is actually more readable from a distance.

    I agree that blur is not a great idea, but "black bar" is tacky. Either get the area to match the surrounding area, via copy-and-paste (and then blur or something), or match the color and paint over.

    If those techniques make it look obvious, I've used Noise and Scatter in the past. Since Scatter is presumably
  • Just use a black brush and brush over the stuff you want hidden. This is what I always do.

    I don't care what algorithm you're using, you can't reverse a black paint stroke to discover what is underneath, those pixels are gone. (short of using code that exploits the multi-layers aspect of some image formats - but paint is not susceptable to this :P)

Information is the inverse of entropy.

Working...