Detecting Forged Images (and Russian lies?, mass spying predates 9/11)

Are you staring at a photoshopped picture?

There are a couple of ways to tell, and the article covers the major ones. (one that doesn’t work are in-camera cryptographic signatures, which have been broken.)

All of the tricks tend to rely on image artifacts arising from multiple compression passes. If both the source image and new edits are from lossless/RAW files, it’s very hard to tell where the edits were done. (This is a serious limitation on this procedure, at least for detecting professional edits.)

But as soon as a JPEG file is brought into the mix, things get much easier…

Simplest is to look at quantization error. If you double-save a JPEG file, a histogram of the file will fairly clearly show the picture was opened in an image editor and saved again.

Error level analysis is a bit more sophisticated — and can highlight which parts of an image were pasted in. Pasted-in image areas show up much brighter or darker, since the compression was done differently for them. (Somewhere there’s a photo of an Al Quaeda propaganda video screenshot, with error level analysis showing the books in the foreground were added in later — presumably as a secret visual code.)

Clone detection automatically detects when parts of an image were “cloned” into another part… in other words, if you’re staring at a North Korean military exercise.

Lastly, since JPEG compression algorithms aren’t necessarily standardized and may produce different results even with the same quality setting, you can look for changes in JPEG artefacting across the image.

Russian lies?: Fidel Castro claims the Russians lied, and Cuba did not refuse Snowden entry. (Castro even insinuates the Russians lied to Snowden to keep him in Russia.)

“[Just a few hours ago US-friendly news agencies spread the word Snowden was trapped in Russia because Cuba bowed to US pressure.]

I don’t know if someone in some place said something to Snowden or not, because that’s not my job. I read what I can about the news, opinions, and books of the world. [… and proceeds to call Kommersant’s claims “libel” and the newspaper reactionary. But then with regards to Kommersant’s quote that Snowden spent a few days at the Russian consulate:]

If I wanted to, I could speak about these issues, about which I know very much.” (http://www.cubasi.cu/index.php?option=com_k2&view=item&id=20749:reflexiones-del-companero-fidel-la-mentira-tarifada&Itemid=17)

It turns out PRISM-style spying has been going on for a long time indeed: “in 1997 we went on a tour of the colocation facility. That is the place we hold all the servers. The person who was giving the tour said ‘that is the NSA room’. I asked ‘what do they do in here?’ and he said ‘they collect every e-mail and website visit that comes through here’.

That has been going on since 1997 so it doesn’t really have anything to do with security. They are trying to make it pretend like it does, but they have just been doing this forever. ” (http://rt.com/op-edge/privacy-breached-security-us-nsa-898/)

http://articles.forensicfocus.com/2013/08/22/detecting-forged-altered-images/

(too much to quote)

Advertisements
%d bloggers like this: