2 min read

Stop pixelating! New tool reveals the secrets of "redacted" documents

Graham CLULEY

February 18, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Stop pixelating! New tool reveals the secrets of "redacted" documents

Imagine you want to publish online an image of a document, but there are parts of it which you want to remain confidential.  Maybe part of the image is somebody's phone number, or email address, or another piece of personal data that would be inappropriate to share publicly.

What should you do?  You should redact the offending part of the image.

Okay, that makes sense.  But how should you redact the text?

Well, a new tool makes crystal clear that it's a big mistake to redact text by pixelating it.. or indeed blurring it, or even applying a "swirl" filter.

As Dan Petro, a researcher at Bishop Fox explains, you should "never, ever, ever use pixelation for redacting text."

Petro is the author of a tool called Unredacter that can take "redacted documents" and retrieve the original words from pixelated text.

In order to do its work, all Unredacter needs to know is:

  • What font the redacted text is written in
  • What size of font is being used in the redacted text
  • That the contents of the redaction is actually text

Frankly, those aren't hard to ascertain - because redacted text is rarely shown in isolation.  Normally you will have a section of clear text (where the font and font size is fairly simple to ascertain) alongside a section which has been redacted through pixelation.

As he describes it, Petro's tool sees through the pixelation letter by letter - cycling through the possible letters until the most likely solution is found:

"Basically, we guess the letter “a”, pixelate that letter, and see how well it matches up to our redacted image. Then we guess the letter “b”, and so on."

As Petro explains in his blog post, the process is a little more complicated than that - and there are a number of other factors to consider for a successful reveal of the hidden text - but with the tool released, the ability to redact pixelated text has been put in the hands of anybody.

"The bottom line is that when you need to redact text, use black bars covering the whole text. Never use anything else. No pixelization, no blurring, no fuzzing, no swirling," says Petro.

So, what should you do instead of pixelation (or blurring or swirling) if you want to redact text?  What you should do is ██████ out the text with an opaque black bar instead.

Just make sure that you really overwrite the text in an image, and don't make the mistake of sharing a document where the black bar effect might be undone.  For instance, in the past nuclear submarine secrets have been accidentally shared in PDF files which looked like they had been redacted, but in fact could have their contents read by just clicking "copy-and-paste."

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Russian Cybercrime Group Attacks Germany for Helping Ukraine Russian Cybercrime Group Attacks Germany for Helping Ukraine
Vlad CONSTANTINESCU

January 30, 2023

1 min read
Stratford University Announces Data Breach as It Closes Shop Stratford University Announces Data Breach as It Closes Shop
Filip TRUȚĂ

January 30, 2023

1 min read
Bitdefender Wins Editors’ Choice at PCMag – ‘The Best Antivirus Software for 2023’ Bitdefender Wins Editors’ Choice at PCMag – ‘The Best Antivirus Software for 2023’
Filip TRUȚĂ

January 27, 2023

2 min read