funsec mailing list archives
Re: Image forensics
From: Dan Kaminsky <dan () doxpara com>
Date: Mon, 28 Dec 2009 04:16:37 +0100
Neal's code is neat and pretty, but chapter and verse is no substitute for open code and side by side checks. A LOT of his output bears a strong resemblence to edge detection (really, look for high frequency signal, it'll show up in every test). I want to be clear, I have no doubt whatsoever that he's using the techniques as described. I also dont doubt the fundamental thesis that some manipulation can be detected (especially in a trivial case like 'was this image downsized' or 'was this saved by Photoshop instead of a Canon camera', which is obvious from quantization tables if not from the raw EXIF). But some of these techniques feel a little interpret-y. More samples would be great. On Dec 28, 2009, at 3:21 AM, "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca> wrote:
An interesting analysis of a graphic recently used by Victoria's Secret in their advertising. This gives chapter and verse of the techniques used, and results obtained, demonstrating the ability to determine if an image has been altered, and even which parts of an image have been modified, and how. http://www.hackerfactor.com/blog/index.php?/archives/322-Body-By-Victoria.html I find this particularly interesting because of the apparently widely held belief that steganography is "undetectable" without comparision to the original image. Most of the "Photoshop disasters" are glaringly obvious to the naked eye. As this demonstrates, analysis and detection of modification is easily accomplished, even when the differences are not apparent to the human eye. (Well, except for the straps. That was pretty stupid ...) ====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org I live in my own little world, but it's OK, they know me here. victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/ index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/NoticeBored http://twitter.com/rslade _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Image forensics Rob, grandpa of Ryan, Trevor, Devon & Hannah (Dec 27)
- Re: Image forensics Dan Kaminsky (Dec 27)
- Re: Image forensics Martin Tomasek (Dec 28)
- Re: Image forensics Imri Goldberg (Dec 28)
- Re: Image forensics Martin Tomasek (Dec 28)
- Re: Image forensics Martin Tomasek (Dec 28)
- Re: Image forensics Dan Kaminsky (Dec 27)
- Re: Image forensics Martin Tomasek (Dec 28)
- Re: Image forensics Gadi Evron (Dec 28)
- <Possible follow-ups>
- Re: Image forensics Dr. Neal Krawetz (Dec 28)
- Re: Image forensics Dan Kaminsky (Dec 28)
- Re: Image forensics Dr. Neal Krawetz (Dec 28)