top | item 46973674

(no title)

This was also my understanding.

It's essentially like "cracking" a password when you have its hash and know the hashing algorithm. You don't have to know how to reverse the blur, you just need to know how to do it the normal way, you can then essentially brute force through all possible characters one at a time to see if it looks the same after applying the blur.

Thinking about this, adding randomness to the blurring would likely help.

Or far more simply, just mask the sensitive data with a single color which is impossible to reverse (for rasterized images, this is not a good idea for PDFs which tend to maintain the text "hidden" underneath).

discuss

swiftcoder|18 days ago

> mask the sensitive data with a single color which is impossible to reverse

You note the pitfall of text remaining behind the redaction in PDFs (and other layered formats), but there are also pitfalls here around alpha channels. There have been several incidents where folks drew not-quite-opaque redaction blocks over their images.

yetihehe|18 days ago

> just mask the sensitive data with a single color which is impossible to reverse (for rasterized images, this is not a good idea for PDFs

Also not a good idea for masking already compressed images of text, like jpg, because some of the information might bleed out in uncovered areas.

johnmaguire|18 days ago

Interesting - does a little extra coverage solve this or is it possible to use distant pixels to find the original?