zlacker

[return to "Image Scrubber: tool for anonymizing photographs taken at protests"]
1. Ansil8+vn[view] [source] 2020-05-31 18:06:15
>>dsr12+(OP)
Some tips to maximise user privacy while deploying this tool:

1) The code, for now, runs locally. This is good. To avoid the possibility of the code being tampered with at a later day (for example, it could be modified to send copies of the image to a server), download the webpage and use the saved copy, not the live copy.

2) Do not use the blur functionality. For maximum privacy, this should be removed from the app entirely. There are _a lot_ of forensic methods to reverse blur techniques.

3) Be weary of other things in the photograph that might identify someone: reflections, shadows, so on.

4) Really a subset of 2 and 3, but be aware that blocking out faces is often times not sufficient to anonymise the subject in the photo. Identifying marks like tattoos, or even something as basic as the shoes they are wearing, can be used to identify the target.

◧◩
2. _bxg1+9K[view] [source] 2020-05-31 21:07:36
>>Ansil8+vn
A replacement for blur could just be black boxes. Seems easy and safe enough.
◧◩◪
3. Polyla+u21[view] [source] 2020-05-31 23:14:45
>>_bxg1+9K
Make sure they are 100% opacity. A lot of people mess this up and use 90% opacity or similar and the original image can be revealed by messing with the color levels.
◧◩◪◨
4. t-writ+K91[view] [source] 2020-06-01 00:13:25
>>Polyla+u21
I've doxxed my Reddit username on my Apple phone doing that exact thing. The black marker is not opaque, even after a few stripes over the username. You have to do it many more times.
◧◩◪◨⬒
5. aspenm+4d1[view] [source] 2020-06-01 00:47:30
>>t-writ+K91
Easier to select an area and delete it from the layer entirely so that a transparent hole is left. Then make sure you cleanup EXIF and other metadata or you may have the original image still in a thumbnail field at reduced fidelity.

Free online metadata viewer http://exif.regex.info

Powered by FOSS (Perl-based) https://exiftool.org

◧◩◪◨⬒⬓
6. girst+pk1[view] [source] 2020-06-01 02:25:40
>>aspenm+4d1
Do not keep it transparent! The Gimp for example keeps the underlying colour data, and just sets the opacity to 0.

this bug (closed as Expected Behavior) has a demonstration: https://gitlab.gnome.org/GNOME/gimp/-/issues/4487

◧◩◪◨⬒⬓⬔
7. Persei+4B1[view] [source] 2020-06-01 07:09:05
>>girst+pk1
Is PPM a safe round-trip format to remove all metadata and transparency? I'd like to recommend it to a friend and as far as I know it really only contains RGB as text and has no extensions for exif or similar. But after so many gotchas, as listed here in the thread, I'm somewhat paranoid...
◧◩◪◨⬒⬓⬔⧯
8. jstanl+JT1[view] [source] 2020-06-01 10:49:43
>>Persei+4B1
ASCII PPM supports comments, so it is possible that EXIF or other identifying information would get written into the comments by some tool.

I have only ever observed PPM comments right at the start of the file, so you could open it in a text editor and remove the comments from the start. Maybe check the very end of the file as well.

Binary PPM does not support comments, so that would be a better solution. PPM documentation here, you want possibly P3 or more likely P6 https://en.wikipedia.org/wiki/Netpbm#File_formats

[go to top]