The practice of blurring out text using a method called pixelation may not be as secure as previously thought.
While the most foolproof way of concealing sensitive textual information is to use opaque black bars, other redaction methods like pixelation can achieve the opposite effect, enabling the reversal of pixelized text back into its original form.
Dan Petro, a lead researcher at offensive security firm Bishop Fox, has demonstrated a new open-source tool called Unredacter to reconstruct text from the pixelated images, effectively leaking the very information that was meant to be protected.
The tool is also seen as an improvement over an existing utility named Depix, which works by looking up what permutations of pixels could have resulted in certain pixelated blocks to recover the text.
The threat model works on the underlying hypothesis that given a piece of text containing both redacted and un-redacted information, the attacker uses the information about the font size and type gleaned from the clear text to predict the concealed information. Read more:https://bit.ly/3s0lAsE