Why blurring sensitive information is a bad idea

Off-Topic unrelated to other forums.
Forum rules
Post Reply
Anach
Modder Moderator
Modder Moderator
Posts:3211
Joined:Sun Feb 23, 2003 2:11 pm
Location:Hobart
Contact:
Contact Anach
Why blurring sensitive information is a bad idea

Unread post by Anach » Thu Nov 15, 2007 9:32 am

http://dheera.net/projects/blur.php

Undoubtedly you have all seen photographs of people on TV and online who have been blurred to hide faces.

Adapted from the Wikimedia Commons

For the most part this is all fine with peoples' faces as there isn't a convenient way to reverse the blur back into a photo so detailed that you can recognise the photo. So that's good if that is what you intended. However, many people also resort to blurring sensitive numbers and text. I'll illustrate why that is a BAD idea.

Suppose someone posted a photo of their check or credit card online for whatever awful reason (proving to Digg that I earned a million dollars, showing something funny about a check, comparing the size of something to a credit card, etc.), blurring out the image with the far-too-common mosaic effect to hide the numbers:

Seem secure because nobody can read the numbers anymore? WRONG. Here's a way to attack this scheme:
Use of undefined constants causes assumptions!
Top
Post Reply

Return to “Off-Topic”