平时大家都习惯用马赛克来编辑掉敏感信息,防止外泄。但最近一名安全研究员在其个人博客中表示,他已经成功破解了马赛克算法,可以还原其中的文字信息。
Usually everyone is used to using mosaics to edit sensitive information to prevent leakage. But recently a security researcher said in his personal blog that he has successfully cracked the mosaic algorithm and can restore the text information in it.
The algorithm that restores the mosaic comes from Dan Petro, who is the lead researcher at the security firm Bishop Fox, and according to his blog post, Mosaic One is a very bad, insecure method that leaks sensitive data. He recommends never using mosaics to obscure textual information.
Mosaic is cracked! The Great God has developed a restoration algorithm
On his personal blog, he released a tool called "Unredacter". And it demonstrates bit by bit how the tool restores the mosaicked text.
Mosaic is cracked! The Great God has developed a restoration algorithm
In the example, even a thick mosaic of the original text does not help. And its operation is not complicated, and it can be put into use with a simple installation and startup.
Mosaic is cracked! The Great God has developed a restoration algorithm
There are not no tools for cracking mosaics, and there is a similar tool Depix before. But its visual effect is not very good, there are various distortions in the shape of the text, and the user must combine the context to see the real meaning of the text.
Mosaic is cracked! The Great God has developed a restoration algorithm
With the blessing of Unredacter, through the matching algorithm to find the text closest to the original text, there is no such "text distortion" problem.
In addition, Dan also said that as long as it is a similar smeared mosaic, no matter what tool is used, it can be cracked with the help of Uredacter, which shows that the software does have a certain degree of versatility.
If you're really afraid of leaks, he also gave the best answer for occlusion, which is to use a black bar that covers the entire text. No pixelation, no blurring, nothing that might leak your information.
还原马赛克的算法来自于Dan Petro,他是安全公司Bishop Fox的首席研究员,而根据他的博文,马赛克一是一种非常不好、不安全,而且会泄露敏感数据的方法。他建议永远不要使用马赛克去遮挡文字信息。
马赛克被破解了!大神研究出还原算法
在其个人博客中,他发布了一个名为“Unredacter”的工具。并且一点一点演示了该工具如何将打了马赛克的文字还原。
马赛克被破解了!大神研究出还原算法
在示例中,即便原文打了厚厚的一层马赛克但依然无济于事。而且它的操作也不复杂,简简单单的安装启动就能投入使用。
马赛克被破解了!大神研究出还原算法
破解马赛克的工具并非没有,此前就有类似的工具Depix。但是它的视觉效果并不太好,文字形状存在各种扭曲,用户必须结合上下文看出真正的文字含义。
马赛克被破解了!大神研究出还原算法
而在Unredacter加持下,通过匹配算法,寻找最接近原文的文字,就不存在这种“文字扭曲”的问题。
此外,Dan还表示,只要是类似的涂抹马赛克,无论通过何种工具,都可以借助Uredacter破解,可见该软件确实有一定的通用性。
如果你实在害怕泄密,他也给出了最佳的遮挡答案,那就是使用可以覆盖整个文本的黑条。没有像素化、没有模糊、没有任何的可能会泄露你的信息。
