Slashdot Mirror

← Back to Stories (view on slashdot.org)

None of Your Pixelated or Blurred Information Will Stay Safe On The Internet (qz.com)

Posted by BeauHD on from the prescription-glasses dept.

The University of Texas at Austin and Cornell University are saying blurred or pixelated images are not as safe as they may seem. As machine learning technology improves, the methods used to hide sensitive information become less secure. Quartz reports: Using simple deep learning tools, the three-person team was able to identify obfuscated faces and numbers with alarming accuracy. On an industry standard dataset where humans had 0.19% chance of identifying a face, the algorithm had 71% accuracy (or 83% if allowed to guess five times). The algorithm doesn't produce a deblurred image -- it simply identifies what it sees in the obscured photo, based on information it already knows. The approach works with blurred and pixelated images, as well as P3, a type of JPEG encryption pitched as a secure way to hide information. The attack uses Torch (an open-source deep learning library), Torch templates for neural networks, and standard open-source data. To build the attacks that identified faces in YouTube videos, researchers took publicly-available pictures and blurred the faces with YouTube's video tool. They then fed the algorithm both sets of images, so it could learn how to correlate blur patterns to the unobscured faces. When given different images of the same people, the algorithm could determine their identity with 57% accuracy, or 85% percent when given five chances. The report mentions Max Planck Institute's work on identifying people in blurred Facebook photos. The difference between the two research is that UT and Cornell's research is much more simple, and "shows how weak these privacy methods really are."

73 of 139 comments (clear)

  1. This is my shocked face. by Anonymous Coward · · Score: 1

    This is my shocked face: https://upload.wikimedia.org/wikipedia/en/d/d8/Mr_Swirl.jpg

    Putting a big black square over your face in Paint is the only surefire method.

    Anyway, using social media and simultaneously demanding privacy is pure silliness to begin with. The real question is how much of an illusion of privacy needs to be maintained to keep you from complaining.

    1. Re:This is my shocked face. by anarcobra · · Score: 1

      Only if you also make sure that the file format doesn't support EXIF of some other metadata that contains your address or an unmodified thumbnail.

    2. Re:This is my shocked face. by Mashiki · · Score: 1

      Putting a big black square over your face in Paint is the only surefire method.

      Only works if you're applying it to the same layer. Otherwise some programs will save it as a new layer, making it trivial to uncover and that's that.

      --
      Om, nomnomnom...
    3. Re:This is my shocked face. by anarcobra · · Score: 1

      Of course it's trivial. But how many people actually think to do this?
      I think that many people, probably even most, think that the picture is all there is, and never even consider that there might be other data stored in the file.

    4. Re:This is my shocked face. by Cinnamon+Beige · · Score: 1

      You...do know that jpeg, gif, and png--the image formats most often seen on the internet--all require you flatten the layers in the process of saving, right? It's only trivial to remove the black square when it's still in its own layer. Still, the easiest tool to use for applying that black square is the most simple pixel-pushing program on the machine you're using, which probably will never ever support layers. Something like GIMP or Photoshop is fussy and overkill.

      Basically, it looks like the article pretty much is verifying that the KISS principle applies here: You're better off just not fussing with blurring or pixelation and going the box route. I'm more concerned for the people who didn't go on social media using this for privacy, but rather what happened is that the news outlet or reality TV show's makers thought this was a good way to protect people's privacy... (This particularly applies to those who had been promised privacy or have their identity protected by law.)

  2. I felt a disturbance in the force. by Hognoxious · · Score: 5, Funny

    The algorithm doesn't produce a deblurred image

    I felt a great disturbance in the force, as if a million Japanese porn fans cried out in disappointment.

    --
    Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    1. Re:I felt a disturbance in the force. by Anonymous Coward · · Score: 1

      Ah, was about to comment about Japanese porn. Technically, it's brute-forceable, "these combination of pixels generated this large square with the following color.", and at 30 samples per second one could reverse engineer that combination.

      Not that it'd be worth it. And if it's just some calculated pixels, is it still a photo of that actress' naughty bits?

    2. Re:I felt a disturbance in the force. by Anonymous Coward · · Score: 1

      A lot of Japanese porn used to be obscured with a few well-known reversible filters. That practise disappeared with the increase of the export market, as they'd then sell the uncensored versions at inflated prices abroad for grey-import back to Japan.

  3. Not too surprising... by orlanz · · Score: 3, Informative

    For a computer, most algorithms behind comparing two pictures is already a blurred picture of both. Most of these algorithms take samples/pixels of the pictures and see if the relationships of both sets of samples are the same or within a margin of deviation. There is little value in comparing pixel by pixel for exact matches. Similar to human finger prints.

    A blurred picture is similar to taking less samples on one picture and setting the margin of deviation wider.

    But for computers, 57% is pretty bad. 85% is also very bad and that's when you are telling the machine the answer. At those rates, this is kind of hard to do mass comparisons... the false positives would be far too high for any human to weed through. This will apply more for targeted searches where an investigator wants the 5 most probable matches to a blur. Unlike the researchers here who know the answer before hand, he still needs to take the guess on which one it actually is.

    In a criminal investigation, if we had a database of likely suspects, this would work. But we are all about mass collection of data data data. With a large population of pictures, the blur will probably match a lot more than 5.

    1. Re:Not too surprising... by AmiMoJo · · Score: 5, Interesting

      That pixelated images are insecure has been known about for years. I seem to recall it was even mentioned on Slashdot. There are many other attacks, for example if you have text (like a number plate) you can just try running a dictionary attack of images through a pixelation filter and select the closest matching result.

      Black bars have always been the preferred method.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    2. Re: Not too surprising... by phayes · · Score: 1

      The /. old article I think the the gpp is referring to wasn't using neural networks to match a small dataset of blurred pictures as in this example but that the "spiral" Photoshop filter (take a circle, rotate the outmost pixels X degrees, move 1 pixel inward, repeat) that was used to hide the faces of adults pedophiles in pictures seized in a number of raids is mostly reversible. I suppose you could use a program to do so but back then it was just people applying a reverse spiral tool in Photoshop.

      --
      Democracy is a sheep and two wolves deciding what to have for lunch. Freedom is a well armed sheep contesting the issue
    3. Re:Not too surprising... by Script+Cat · · Score: 2

      This is just another false evidence generator. Give me a pixelated image and I'll paint any number of an infinity of images that will average out to that patch of squares.
      There's data missing if you add data that's false evidence.
      There's dogs everywhere!

    4. Re:Not too surprising... by ausekilis · · Score: 1

      Somehow I don't think European censorship is going to really help out here.

    5. Re:Not too surprising... by im_thatoneguy · · Score: 1

      Yeah, the problem with this research is that you need a small dataset. Characters are pretty easy with just 26. With a small sunset of faces it should be easy to identify blurred faces but start adding variables and this attack vector gets absurd: Pixel blur radius, filter type, 6 billion people as options, lighting etc. If you are deciding "which of these hundred people" is this, I guess it's useful but I cant see this being useful to deanonymize a random person on Facebook.

    6. Re:Not too surprising... by Solandri · · Score: 1

      Interpol reversed the (deterministic) Photoshop swirl filter a child molester had been using to hide his face in the child porn pics he published.

      Black bars are the obvious method for hiding someone's identity. But then idiot producers who didn't understand security or math decided they weren't aesthetic, and ordered their media compnies to use pixelation or blurring instead. Even recording video of the person in a darkened room isn't enough - the camera can pick up enough low light data to yield a passable image when enhanced.

  4. Old school censoring.... by wkwilley2 · · Score: 1

    Just do like I do. If you put a picture of your car online, put a black bar over the license plate.

    --
    Have you ever fallen asleep at the keybhanusdiog?
    1. Re:Old school censoring.... by RobinH · · Score: 1

      Actually, I was wondering: what kind of risk do you have from your license plate being visible in an online photo? Obviously I see them blurred out all over the place, and even blurred out the plates on my pictures when I sold my last car, but I'm not really sure why it's so important. What can someone do with my license plate number?

      --
      "I have never let my schooling interfere with my education." - Mark Twain
    2. Re:Old school censoring.... by 110010001000 · · Score: 1

      With a database (police, credit agencies, etc) they can link that plate number to you and see everything about you that they have collected. You can assume most bad guys have access to that kind of database at this point, considering network security is non-existent.

    3. Re:Old school censoring.... by Coisiche · · Score: 1

      Well somewhere there will be a database that ties the number plate to your name and address. Actually probably several databases not all subject to the same degree of security. Then the absence of the vehicle outside said address would be a good indicator of the premises being empty.

      And security breaches aren't the only problem for these databases, in the UK those permitted to access the official database have been known to access it unofficially.

      And I would also expect that people well versed in scams and frauds could provide a far longer list than I can of how it could cause problems for you.

    4. Re:Old school censoring.... by AHuxley · · Score: 2

      Depends who is after the info and what contacts they have and at what price.
      Law enforcement, ex or former law enforcement, private detective might all have their contacts.
      The other issues is state police, federal agencies and the mil just seeking all pics online for matching faces, passenger faces and plate numbers in case they are ever seen near any sensitive site.
      The private sector will often have their own security walk out and take a picture, use facial recognition, try and find a plate number.
      A protester, someone doing a first amendment audit might be walking around, careful never to trespass but their transport might be within walking distance. Law enforcement may not wish to be on camera doing a chat down so they drive around until they find the plate number of interest.
      Another step later is to see if the plate is on any state or federal, mil social media databases.
      Private detectives also have access to very large private sector social media databases that try to offer a lot of images once and now on social media as a service.
      A lot of different groups will hire private detectives to run plates and faces on any one seeking work or new asking questions. Does the resume really hold, the car match the history? Citizen journalists might have the paperwork, hair cut, accent, life story, friend on the inside but then walk back to the car and get photographed..
      So on the state, federal mil and private sector, a lot of interest is in social media, any kind of images and images over the decades of media and early social media.
      Removing something public from social media quickly is often too late as federal, state and private brands then have that data. An image of a license plate is all in the mix and has many interested groups collecting.

      --
      Domestic spying is now "Benign Information Gathering"
    5. Re:Old school censoring.... by coinreturn · · Score: 1

      Well somewhere there will be a database that ties the number plate to your name and address. Actually probably several databases not all subject to the same degree of security. Then the absence of the vehicle outside said address would be a good indicator of the premises being empty.

      I have two ways of defeating that - a garage and a second car. If I'm selling a car, I can guarantee you I have at least one other fucking car.

    6. Re:Old school censoring.... by radish · · Score: 1

      Then the absence of the vehicle outside said address would be a good indicator of the premises being empty

      As would knocking on the door and getting no response. In fact, that would be a much better indicator of the premises being empty assuming the possibility that more than one person lives there.

      --

      ---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"

  5. Different tasks by Anonymous Coward · · Score: 1

    Blurring is a technique reversible with Wiener filtering. Basically the quality of recovery very much depends on subsequent quantization/compression. Pixelation is more complete information loss.

    However, the article talks about video filters. In that case, per-frame pixelization will let a lot of image detail become recoverable through motion compensation (straightforward blurring is less suscetible to this recovery strategy). So if you really want to inhibit recovery, blot out the information hard. The less your result depends on the originally available information, the better.

    And people can still be identified by gait etc, so just blocking out the face is still not buying you perfect cover.

    1. Re:Different tasks by lxs · · Score: 1

      Paste in a different face and then pixelate.

      It's the perfect crime!

  6. Blurred Lives Matter by turkeydance · · Score: 1

    Pixelated too

  7. Re:Research is a bit blurry by TheRaven64 · · Score: 2

    Exactly. Adding noise... adds noise. If you have a relatively small data set, then the edit distance between the blurred image and one or two of the originals is likely to be smaller than the others, which is what this kind of system determines. If you have a very large dataset, then you're going to end up with far more false positives.

    To give a simple example, consider a data set of four people: two white, two black, and of those one each with blond hair and one with dark. You add a lot of noise, but you can still effectively identify them by averaging the colour in the top third and bottom two thirds of the image. You should get a 100% accuracy even with a lot of noise in the image. Now consider doing the same thing on a data set of 100 people in those same four categories. At best, you'll narrow it down to about a quarter of the people.

    Neural networks aren't magic. They can approximate any mathematical function and they're often easier to generate than working out what the function that you actually want would look like. If there is enough information in the source data for discrimination, then a neural network can be trained to extract it and perform the classification. If there isn't, then you're out of luck.

    Often; however, these things work because the blurring is not actually a very lossy transform. It's a convolution filter that only discards a very small amount of information, but does so in a way that confuses the human brain (the opposite of something like JPEG, which tries to throw away only the information that the human visual cortex doesn't use to identify the image). A number of such transforms have been shown to be either fully reversible, or partially reversible such that you can identify the original quite clearly.

    --
    I am TheRaven on Soylent News
  8. Re:Why? by Big+Hairy+Ian · · Score: 4, Interesting

    I'm just reminded of the case (About a decade ago) of a pedophile who published photo's of himself abusing children with his face obfuscated by the photoshop swirl tool. The police desperately wanted to ID him but couldn't deobfuscate the photos so they published them minus the abuse sections hoping that members of the public might identify the man based on his surroundings. Of course the public not being utter fucknuggets quickly deswirled the photo and published it on the internet. I never did find out how long the guy survived.

    --

    Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

  9. Sensationalist blabber.... by Anonymous Coward · · Score: 2, Informative

    It is a fundamental law of computer science that you cannot increase the amount of information in a given dataset. In this case the combined dataset of the blurred image and the learned statistical averages of a human face.

    Once an image has been blurred (information has been deleted) it cannot be recreated. What you can do is to apply statistical averages in the hopes of getting something which might resemble the original information. It will - however - be just that, cosmetic improvements based on statistical averages.

    If sufficient information has been removed by blurring the image, the deblurring process - no matter if you use the word AI or statistic averages - cannot recreate a uniquely identifiable image.

    1. Re:Sensationalist blabber.... by Blaskowicz · · Score: 2

      Though if you have many blurred pictures of a face or license plate, you might get on something. There might be quite a lot of information in a minute-long video that includes a blurred face.

    2. Re:Sensationalist blabber.... by dublin · · Score: 1

      It's not necessary to reconstruct the image to perform a good recognition on it.

      --
      "The future's good and the present is nothing to sneeze at." - Roblimo's last ./ post
  10. Re:Why? by wonkey_monkey · · Score: 2

    It was the police who deswirled the photographs.

    --
    systemd is Roko's Basilisk.
  11. Re: Re: by wkwilley2 · · Score: 1

    You know, you raise a good question.

    I've just always been told it's a good practice, but yeah, what would someone actually be able to do with someone else's plate numbers?

    --
    Have you ever fallen asleep at the keybhanusdiog?
  12. "Deep learning" by 110010001000 · · Score: 1

    Can we stop with this "deep learning" bullshit now? It is just algorithms. Every moron has to interject "AI" or "deep learning" or "neural nets" into their program description. This is really stupid "research" anyway. Is this what passes for research in CS now?

    1. Re:"Deep learning" by Anonymous Coward · · Score: 2, Informative

      "Deep learning" is a configuration of a neural network. Historically we couldn't have nested neural networks because we didn't know how to train them in any reasonable amount of time. Then we figured out how, and discovered nested nets work far better than traditional neural networks.

      So you get more specific and descriptive going from: algorithms -> AI -> reinforcement learning -> neural networks -> deep learning.

    2. Re:"Deep learning" by K.+S.+Kyosuke · · Score: 1

      There's no reason to exclude the last three from the old-school generic description of AI, which is trying to teach computers to do things that humans currently do better.

      --
      Ezekiel 23:20
    3. Re:"Deep learning" by K.+S.+Kyosuke · · Score: 1

      So had they said "Using algorithms, the three-person team was able to identify obfuscated faces and numbers with alarming accuracy", that would make the sentence so much more informative, right? :D

      --
      Ezekiel 23:20
    4. Re:"Deep learning" by yes-but-no · · Score: 1

      Is 'machine learning' ok?

    5. Re:"Deep learning" by clodney · · Score: 1

      Can we stop with this "deep learning" bullshit now? It is just algorithms. Every moron has to interject "AI" or "deep learning" or "neural nets" into their program description. This is really stupid "research" anyway. Is this what passes for research in CS now?

      Of course it is just algorithms - that is what all computer science is. And in some cases those algorithms were known 20 or 30 years ago, but things that were computationally infeasible at that time are now trivial.

      And it is important to note that some of these algorithms work in ways that are very different than human vision, where humans are almost unable to understand how neural nets arrive at an answer.

      One fascinating example I saw on TV (I think it was 60 minutes) was that humans are unable to recognize faces that are upside down. They demonstrated this most vividly by showing the reporter a picture of her own daughter, and asking her to identify the face - she was unable to. Basically human visual processing is very optimized in surprising ways, so it is not at all surprising to me that software can do things that humans can't.

    6. Re:"Deep learning" by MrKaos · · Score: 1

      wow, no one has a sense of humour today

      --
      My ism, it's full of beliefs.
  13. Adobe Photoshop by campuscodi · · Score: 1

    I remember a demo of Photoshop from two years ago when they managed to reverse lens blur off a photo. It was only a matter of time.

    1. Re:Adobe Photoshop by MayeulC · · Score: 1

      Actually, I think he was talking about this: http://www.dailymail.co.uk/sci...

      And to OP: This is quite a bit more complex. Motion or lens blur is predictable, but it's harder to predict the blurring algorithm here. Plus, they do not technically "unblur" the picture. Unblur would probably work with some deconvolutional neural network (or other), provided you have access to a large enough database of a specific blur algorithm. And then, you would be able to unblur only this specific algorithm.

    2. Re:Adobe Photoshop by K.+S.+Kyosuke · · Score: 1

      But that's not a blur. That's a simple geometric transformation. All it does is to put the same image points into different places. Removing it is in principle no more difficult than correcting a distorted perspective, once you know a few important parameters.

      --
      Ezekiel 23:20
  14. Limited usefulness by hackertourist · · Score: 3, Insightful

    They had a photo with an obscured face and the same photo with unobscured face in their training set. It seems obvious a computer can match those two. The solution would be to use unique photos, not uploaded anywhere, as the source for obscuration and only publish the obscured version.

  15. Re:Why? by Anonymous Coward · · Score: 3, Informative

    The guy was caught in Thailand. The German police "deswirled" his photograph:

    https://en.wikipedia.org/wiki/Christopher_Paul_Neil

  16. Of course pixelation can be reversed by Oswald+McWeany · · Score: 1

    Most Asian women I see in the US are no longer pixelated.

    --
    "That's the way to do it" - Punch
  17. he has his own wikipedia page by Alien54 · · Score: 1

    Surprisingly he's not dead yet

    https://en.wikipedia.org/wiki/...

    news report

    http://thelede.blogs.nytimes.c...

    etc

    --
    "It is a greater offense to steal men's labor, than their clothes"
    1. Re:he has his own wikipedia page by epine · · Score: 1

      Surprisingly he's not dead yet

      It always shocks me how many people choose to publicly indulge their innermost vigilante compulsion in response to any report of a pedophilic compulsion. But then, I'm from Canada (exactly the same number of vigilante wannabees, but far more easily shocked when wannabees self-actualize).

      There's this meme that suicidal ideation is just a mouldering hair shirt until you begin to fantasize an actual, concrete plan.

      After Tony learns of the soccer coach's affair with his student, he contemplates murdering him in retaliation. After a visit with Dr. Melfi, who asks him why he would assume the burden of righting wrongs in society, and after hearing Artie's plea for legal justice, Tony calls off the hit and the coach is arrested by the police. After this, Tony arrives home after a night of drinking on Xanax and confesses to Carmela (as well as to an eavesdropping Meadow) "I didn't hurt nobody."

      Tough confession. There it was for the taking, wet work with a halo on top, and all I got was this empty bottle of pills.

    2. Re:he has his own wikipedia page by Blaskowicz · · Score: 1

      Why kill a pedophile when we find jail to be enough for murderers, and people like Rudolf Hess, Albert Speer and Slobodan Milosevic?
      A few children getting raped isn't that big of a deal.
      Go kill a pedophile, then we'll jail you for the murder, hopefully with an exemplary long sentence.

    3. Re: he has his own wikipedia page by BlytheBowman · · Score: 1

      We shouldn't kill him. Instead, lets just stick the bastard in a supermax windowless isolation cell 24hr lockdown for the next 20 years. Make sure there is nothing he can kill himself with in his cell. Death is too easy for monsters like these, they need to SUFFER and go complety mad.

    4. Re:he has his own wikipedia page by lgw · · Score: 1

      It always shocks me how many people can remain detached from their desires when confronted with the actual evidence that children are actually physically molested and yet no physical punishment occurs to the perpetrator beyond jail time. Or, better spoken, why WOULDN'T you want to put a bullet through the brain of a serial pedophile? Maybe you need to be able to think if it was YOUR kid that happened to. Maybe if it happened to YOU. Then you can ask why wouldn't the desire to become a vigilante be natural?

      It must be the norm, given the problem the UK had with immigrants grooming underage girls, progressing to basically making sex slaves of them, which affected hundreds of girls, and was ignored for a year because the police didn't want to accuse immigrants of crimes: it's still happening. Oh, the police are finally policing, after the scandal broke, but the problem hasn't been solved. This is exactly the sort of situation where I'd expect vigilante justice:a heinous crime, and the police not helping.

      But do realize that's not the norm for pedophiles and molested kids. Almost always, when a kid is molested it's a relative. Vigilante justice is less appealing in that case, except perhaps to the kid.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    5. Re:he has his own wikipedia page by anarcobra · · Score: 1

      Why do they need more punishment than just jail time?
      The whole point of courts and a justice system is that it's justice, not revenge.
      Otherwise we might as well do away with the pretense and let vigilantes mete out "justice".

  18. The correct term is "differently resolved". by Pseudonymous+Powers · · Score: 2

    Why would you show a blurred photo anyway? Show the face in full, or don't show it at all. There is no compromise here.

    That's no image filter, that's just the way my face naturally looks, you insensitive clod!

  19. That's why you don't blur. by Jason1729 · · Score: 1

    If you care about security, you shouldn't be using blur, you should be putting a nice black circle over it. A yellow smiley face works just as well.

  20. Cut/past by p51d007 · · Score: 1

    If I take a photo that has license plates, street addresses etc...I CUT them out, PAST another image of the photo in place. If you don't just blur it, but REMOVE it, how would they figure it out?

  21. Re:Research is a bit blurry by fustakrakich · · Score: 1

    I wonder if this can be used to attack steganography...

    --
    “He’s not deformed, he’s just drunk!”
  22. Your privacy by JustAnotherOldGuy · · Score: 1

    It's gone.

    Between social media mining, NSA/CIA/FBI operations, license plate readers, Stingray gadgets, the GPS in your phone, cell tower triangulation, TPMS scanners, and the video cams on every power pole and stop light, the concept of 'privacy' or anonymous behavior is pretty much gone.

    I'd wager it would be nearly impossible to travel between any to major cities or buy anything in a store without leaving a trackable signature.

    You'd basically have to travel by bicycle with your head covered (leaving your cell phone at home, of course) and pay for stuff in cash while wearing gloves. I'm not sure even that would do it.

    --
    Just cruising through this digital world at 33 1/3 rpm...
  23. ENHANCE! by ilsaloving · · Score: 1

    Wait... you mean that's an actual thing now?

  24. Re:Why? by Salgak1 · · Score: 1

    Hey, glasses seem to work as an effective disguise for Clark Kent. . .

    . . .oh, nevermind. . .

  25. Re:The obvious next step by Anubis+IV · · Score: 1

    I'd suggest that the obvious next step is to produce a device and corresponding software that will allow a user to see through frosted glass or the wavy glass blocks that are frequently used in the bathrooms of homes. Both are intended to let natural light in while providing privacy by breaking up/diffusing the image in ways that make it impossible for the human brain to reconstruct, but there's no reason (I can see) that a computer shouldn't eventually be able to reconstruct the original image, allowing someone to effectively look through privacy glass as if it was perfectly clear.

    The applications in law enforcement and voyeurism are obvious.

  26. Use a fake blur by davidwr · · Score: 1

    Either mask the face/license plate/whatever entirely or replace it with a "fake blur" that was made from another image.

    For license plates, use a sample plate like ABC-123 to generate the blurred image.

    Faces will be a little harder to do: Either 1) you will only have a few "sample faces" and things will look creepy even if you use the best-matching sample, 2) you will have a few thousand and you will, in effect, leak information, or 3) you will be in between and it will look creepy and leak information.

    Perhaps just masking the face altogether will be the best option.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  27. Re:The obvious next step by Gorobei · · Score: 1

    The wavy glass block inverter was done at least 10 years ago. Can't remember the paper, sorry, it was before arxiv was standard.

  28. Just enhance the image! by Tony+Isaac · · Score: 1

    That's what they do on all the crime scene investigation shows!

  29. Re:The obvious next step by Anubis+IV · · Score: 1

    Well. That's terrifying.

  30. Re: Why? by BlytheBowman · · Score: 1

    Why blur at all, instead of just putting a solid black oval over the face, including hair? Then there is ZERO chance of anyone or any machine being able to retrieve or reconstruct anything?

  31. Lens blur is easy by Solandri · · Score: 1

    The lens has a certain unchanging point spread function (how a point of light is spread into a blur) which scales linearly with distance away from (and closer than) the focal plane. You estimate the size of the blur, then apply an inverse of this PSF. The process is similar to tomography used in CT scans (Computer-assisted Tomography) and MRIs. Likewise, camera shake simply adds a linear smear component to this PSF. Heck, technically you don't even need a lens. The light shining through a window which falls as a smear on a piece of paper (or sensor) is just the Fourier transform of the scene visible through the window. FTs are symmetric (reversible), so if you run a FT of what that sensor records, you get back the image out the window. The catch being that you need to record both intensity and phase data. That's what a hologram does. You shine a laser at a scene, and the scattered laser light (FT'ed) falls onto the holographic film which records the light interference pattern (phase and intensity data). Shining the same laser light through the film (another FT) recreates an image of the original scene. This is also how light field cameras work, and why they're able to change focus after the "photo" has been taken. They're capturing the light field (intensity and phase), and are able to completely reconstruct the scene.

    Gaussian blurs are harder to undo because they're random. "Gaussian" means you're applying a random blur which falls within a statistical normal curve. i.e. Each time you run a Gaussian blur on the same photo, the end result is slightly different. But in blurred video, you've got multiple sequential Gaussian blurs of the same subject. Time-averaging those causes the normal curve to narrow into a sharp peak, at which point the statistical randomness is close to nil and you can (theoretically) reverse the blur.

  32. Re:Why? by lgw · · Score: 1

    Oh, all the super villains know his secret identity. But it's not like he's weaker at work or anything, and they want him to spend 8 hours a day working a normal job!

    --
    Socialism: a lie told by totalitarians and believed by fools.
  33. Old technique by cellocgw · · Score: 1

    Turns out someone's been fixing blurred lines for a while now

    --
    https://app.box.com/WitthoftResume Code: https://github.com/cellocgw
  34. Let's see it indentify a black box by kheldan · · Score: 1

    Let's see their 'deep learning tool' identify something that's got a featureless black box over it, or someone's face that's got a black box or oval over it.

    --
    Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
  35. MS PAINT SAVES THE DAY! by ArylAkamov · · Score: 1

    All of this research, all of the effort.

    Defeated by a black box in MS PAINT.

    1. Re:MS PAINT SAVES THE DAY! by dublin · · Score: 1

      True, the lack of layers in Paint makes it a good choice for this kind of thing - perhaps the only thing it's really good at...

      It's stunning how many people do this kind of thing in Photoshop or Acrobat, but leave the layers intact, so you can remove the obscuration with a little advanced editing...

      --
      "The future's good and the present is nothing to sneeze at." - Roblimo's last ./ post
  36. Re:Research is a bit blurry by dublin · · Score: 1

    Ten years ago, I was CTO for a company making smart touchscreen devices for restaurant and bar tabletops. We didn't have a camera in any of the ones we fielded (people were still to weirded out by that idea, then), but I did some serious technical investigation on whether we could use an intentionally low-res image to determine basic demographics of the diners w/o voilating their privacy.

    In my research, I found an really interesting paper (from France, IIRC, it's been a while) showing that even a 16-pixel (!) image could still be used to determine the age and sex of a person to around 80-90% accuracy, and recognize the same person again over half the time. IIRC, it used both neural networks and some standard image processing, but nothing really exotic or so big that we couldn't run it locally in the display device, if we'd decided to. Even the author was amazed that this was possible, because neither he nor anyone else had thought there was enough information there to perform such a feat of recognition.

    But computers really don't look at things like we do, and why even "just metadata" (and it's a lot more than that, now) is so dangerous - with some not-too-complicated processing, the machine can tease out patterns in the data that we cannot.... (Note that this means that the spooks probably really can do some of the "ridiculous" image processing and recognition we tend to laugh at in movies and TV shows. No Way Out, indeed....

    --
    "The future's good and the present is nothing to sneeze at." - Roblimo's last ./ post
  37. Try unpixelating this by TomOTooleNZ · · Score: 1

    http://www.martinbackes.com/pixelhead-limited-edition/

    --
    as any fule kno
  38. Re:Research is a bit blurry by TheRaven64 · · Score: 1

    In my research, I found an really interesting paper (from France, IIRC, it's been a while) showing that even a 16-pixel (!) image could still be used to determine the age and sex of a person to around 80-90% accuracy, and recognize the same person again over half the time

    There was some research from DERA a while ago (back when DERA still existed, so a good 15 or so years back) trying to put biometric information on magstripe cards. They managed to put enough information in the 50 bits of space that they had to uniquely identify all of the faces that they tested it with (a few million) with no false positives. That's not really surprising, when you think that 50 bits gives you 2^50 combinations (about one quadrillion). With perfect encoding, you'd only need around 34 bits to uniquely identify every human, so 50 bits gave them a lot of space for the non-linear distribution of real faces in the possible-face space. 16 colour pixels gives you 384 bits, so there's a lot of possible discrimination with that much information (though there are probably a lot of combinations of pixel values that you never see: blue and pink polkadot faces are pretty rare).

    Note that this means that the spooks probably really can do some of the "ridiculous" image processing and recognition we tend to laugh at in movies and TV shows

    In the 90s there was a lot of research into algorithmic image compression. For faces, this works very well - you take an average face and then just encode the differences between a specific face and the average (then apply normal data compression to the result). You can often enhance images in the same way: If you know that the thing you're looking at is a face then that's a lot of information that you can add to data that you get from the source image. You may not get the original, but you'll probably get something that a human (or another well trained NN) can use to recognise the person.

    --
    I am TheRaven on Soylent News