Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security

Blurring Images Not So Secure 166

Posted by CmdrTaco from the release-the-blue-dot dept.
An anonymous reader writes "Dheera Venkatraman explains in a webpage how an attacker might be able to extract personal information such as check or credit card numbers, from images blurred with a mosaic effect, potentially exposing the data behind hundreds of images of blurred checks found online, and provides a ficticious example. While much needs to be developed to apply such an algorithm to real photographic images, he offers a simple, yet obvious solution: cover up the sensitive information, don't blur it."
This discussion has been archived. No new comments can be posted.

Blurring Images Not So Secure More

Blurring Images Not So Secure

Comments Filter:

  • Impossible! (Score:2, Insightful)

    by Anonymous Coward on Sunday January 07, 2007 @10:44AM (#17497442)
    You do realise that an algorithm to "un-blur" a blurred image is a total waste of time, right? There's no way for the algorithm to know how many times and in what various directions I blured the image - or if I added/deleted text before blurring. It's like a virus for Linux.. no one writes it because it's a waste of time. Leave it to slashdot to post bullshit.

  • Re:Sqinting Works (Score:2, Insightful)

    by jones_supa ( 887896 ) on Sunday January 07, 2007 @10:51AM (#17497490)
    Squinting your eyes also works.
    It really does. Some of the codes are so lightly blurred that they can be interpreted with only bare eyes.

  • Summary of technique (Score:5, Insightful)

    by pla ( 258480 ) on Sunday January 07, 2007 @10:56AM (#17497512) Journal
    He basically points out that a blurred mosaic amounts to a form of inexact hash function. While irreversable, if you have a small enough input space, you can exhaustively hash all possible candidates and pick the one(s) that best match the target.

    Interestingly enough, while he points out that most financial account numbers contain a degree of error detection and correction, he chooses to use that to reduce the match set, rather than the candidate set. I suppose this would matter if you wanted to prove a hypothesis (if the best match yields a valid number, you have a p=[valid/total]), but if you just want to steal someone's account info, you'd do better to reduce your processing time and just try the best few results in order.

  • Re:bars (Score:2, Insightful)

    by eneville ( 745111 ) on Sunday January 07, 2007 @11:03AM (#17497538) Homepage
    and what is wrong with saying "i agree" to the article. this is a public forum for people to voice opinions, if you think that is wrong, just set the widget to show comments rated +5.

  • Re:how about a big DUH..... (Score:1, Insightful)

    by Anonymous Coward on Sunday January 07, 2007 @12:00PM (#17497872)
    What would be wrong if you blanked out the numbers with just one color?

  • You can actually go one step further with wavelets (Score:5, Insightful)

    by StandardCell ( 589682 ) on Sunday January 07, 2007 @12:17PM (#17497986)
    In a lot of advanced image processing where you want to upscale an image, you can actually use a wavelet-based scaling technique that recovers amazing amounts of detail. In most digital TVs these days, they use a two-dimensional polyphase finite impulse response filter tuned for a certain degree of Gibbs phenomenon (ringing around harder edges) versus detail loss. But this has its limits, and it doesn't intelligently reconstruct the image details. In addition, it's notoriously difficult to tune properly for all content.

    In contrast, wavelet based scaling can actually reconstruct phenomenal amounts of detail from a degraded image. For digital TV applications where you have DVDs or standard definition content displayed on a high-definition fixed-resolution display, wavelet-based scaling can actually make real details re-emerge where they weren't there before. The bottom line explanation is understanding and interpreting the influence of adjacent pixels with a minimum of error as the article's author demonstrates (although, as the parent post explains, he's going about it in a convoluted way). I've actually seen the preliminary results that some engineers had shown me that makes it look like something a government agency would use to enhance satellite or surveillance camera images. It makes DVDs look almost exactly like HD-DVD or Blu-Ray HD content. In fact, I expressed my concern that this scaling method could be used on digital TVs to actually "unmask" blurred or blocked faces on TV shows and introduce liability issues.

    Nevertheless, it is possible to reconstruct a LOT of detail from blocked out or blurred faces or pretty much any content. Doing it in real time on HD resolution displays is a different matter altogether as it requires enormous computing power. But it is coming in the next 3-5 years. If you're really interesting in blocking out content on digital photos, use a solid black color over the part you don't want recognized.

  • "But, really..." (Score:4, Insightful)

    by solitas ( 916005 ) on Sunday January 07, 2007 @12:36PM (#17498086)
    (from about 2/3 down the page):
    So yes, I used an image against itself and designed it to work here. But the algorithem can surely be improved to work on real stuff. I don't have the time nor desire to improve this any further, though, because I'm not the one after your information.

    Yeah, like: surely someone else can make it work - I've only described a fantasy in an article that'll work only under fabricated examples and circumstances and I don't want to put myself in a position of proving it unworkable in general use.

  • Re:old news - I see this on TV every day. (Score:3, Insightful)

    by 1u3hr ( 530656 ) on Sunday January 07, 2007 @02:02PM (#17498818)
    They look at the evidence, and struggle to overcome their prejudices regarding what they would like to be true. Sometimes they follow false trails, and have to accomodate new facts by discarding the theory they've built up so far.

    I suppose that's one way to look at it. For me, I gave up after the first season. The "false trails" thing just became a cliche; you KNOW that it's never the one or how who it seems to be first; that's always a red herring. And the complete unreality of the CSI geeks going around with guns, interrogating people, being action heroes, made it harder to suspend disbelief. Actually, I think the X-Files got procedure more realistic.

  • Re:old news - I see this on TV every day. (Score:3, Insightful)

    by aussie_a ( 778472 ) on Monday January 08, 2007 @03:59AM (#17505488) Journal
    Its actually quite easy to tell if they've caught the real killer. "Does the show have 20 minutes or less out of 1 hour to go? If yes, probably the right killer. If no then the wrong killer. If the show has 10 minutes or less then it is definitely the real killer."

  • Re:Japanese porn (Score:3, Insightful)

    by TheoMurpse ( 729043 ) on Monday January 08, 2007 @04:21AM (#17505596) Homepage
    Only if the number of possible cunts is fixed and known.
    Somehow, I feel like I'm not reading Slashdot. Did the channel get changed over to MTV's New Year's Countdown [youtube.com] (language NSFW)?

    I hereby dub Tablizer the John Cleese of Slashdot. I've never seen anyone use that word here before (John Cleese said "fuck" during his eulogy of Graham Chapman at the televised funeral, and allegedly was the first to use the f-bomb on TV, or something like that).

Slashdot Top Deals

Two can Live as Cheaply as One for Half as Long. -- Howard Kandel

Close