Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Privacy Encryption

Introducing the NSA-Proof Crypto-Font 259

Daniel_Stuckey writes "At a moment when governments and corporations alike are hellbent on snooping through your personal digital messages, it'd sure be nice if there was a font their dragnets couldn't decipher. So Sang Mun built one. Sang, a recent graduate from the Rhode Island Schoold of Design, has unleashed ZXX — a 'disruptive typeface' that he says is much more difficult to the NSA and friends to decrypt. He's made it free to download on his website, too. 'The project started with a genuine question: How can we conceal our fundamental thoughts from artificial intelligences and those who deploy them?' he writes. 'I decided to create a typeface that would be unreadable by text scanning software (whether used by a government agency or a lone hacker) — misdirecting information or sometimes not giving any at all. It can be applied to huge amounts of data, or to personal correspondence.' He named it after the Library of Congress's labeling code ZXX, which archivists employ when they find a book that contains 'no linguistic content.'"
This discussion has been archived. No new comments can be posted.

Introducing the NSA-Proof Crypto-Font

Comments Filter:
  • by Anonymous Coward on Saturday June 22, 2013 @04:59PM (#44080907)

    Undecipherable my ass.

    • by account_deleted ( 4530225 ) on Saturday June 22, 2013 @05:10PM (#44080979)
      Comment removed based on user account deletion
      • by icebike ( 68054 ) on Saturday June 22, 2013 @05:22PM (#44081087)

        He's from a school of design, give him a little slack for not understanding how computers work...

        No doubt he uses that font for all his email, having recently switched from comic sans.

      • Re: (Score:3, Insightful)

        Meanwhile geeks, who do understand how computers work, instead of developing technologies supporting encryption and pricacy by default, have instead hopped into bed with big data and the NSA. There are more geeks helping the NSA builds a Stasi apperatus than there are geeks working on building a truely anonymous and untappable internet.

        The more I think back to the likes of the whole Firefox self signed certs debacle, the more I see the NSA survellance apperatus collectively roaring with laughter at geekdom'

        • by Yvanhoe ( 564877 ) on Saturday June 22, 2013 @10:36PM (#44082529) Journal
          Ok, now you are getting me angry.

          Geeks have been very vocal about wiretapping issues for a LONG time. Does ECHELON ring any bell? Geeks have created institutions like the EFF, tools like Tor, GPG, darknets, bittorrent, bitcoin. It is true that few people use them, and it is true as well that they allow a truly anonymous internet that escapes even NSA surveillance. I refuse that because you are too lazy to get an interest in these free tools you pretend that these problems are met with indifference in the tech community. Reality could not be further from the truth.

          People making most of these tools did this for free. When was the last time you did spend money in order to protect your privacy or anonymity? The market of surveillance is several dozens of billions of dollars yearly. The market of consumer counter-surveillance is almost inexistent. Yet, effective tools that are very easy to use exist. Don't forget to thank the geeks that have known for decades that the NSA was spying on you, found it immoral and spent years working gratis to provide you for free an excellent tool.

          Geeks employed at several levels at ISP do all that they can to keep internet free and neutral. The fact that regular internet is quite free (compared for instance with what you usuall get on your 3G smartphone) is due in large part because geeks in their majority have a strong ethical sense and know the value of openness. Snowden and Assange are geeks, but if you look at the HBGary leaks, you will see that developpers strongly opposed some policies. Whistleblowers about surveillance are almost always geeks involved in the infrastructure. Never legislators, managers, officiers, who know as well the extent of the surveillance.
        • by CodeBuster ( 516420 ) on Sunday June 23, 2013 @12:12AM (#44082849)

          Meanwhile geeks, who do understand how computers work, instead of developing technologies supporting encryption and pricacy by default, have instead hopped into bed with big data and the NSA

          Security is not something that you can simply buy as a product and then forget about. The tools are freely available, but they don't work well or even much at all unless you know how to use them. The Edward Snowden affair and his attempts to communicate securely with journalists via email serves to highlight the difficulties encountered by normal people attempting to install and use these tools. To some extent this is inevitable because good security requires knowledge of cryptographic procedures and strict observance of key handling protocols that most people outside of tech or intelligence circles would find to be esoteric at best and most probably incomprehensible.

          There are more geeks helping the NSA builds a Stasi apperatus than there are geeks working on building a truely anonymous and untappable internet.

          I'm not aware of any practical method of two-way communication that isn't subject to eavesdropping given enough resources. You can make yourself more difficult to follow, but as a practical matter if they want to listen in they will find a way to do so.

          the more I see the NSA survellance apperatus collectively roaring with laughter at geekdom's heedless self-destruction of itself and the internet.

          The people who work for the NSA have families and children too. Some of them might even be your neighbors. Surely your concerns aren't entirely separate from theirs on these matters? If they can listen to any of us then they can listen to all of us. Even Senators and Congressmen understand this much and it's no laughing matter.

          • by WaywardGeek ( 1480513 ) on Sunday June 23, 2013 @12:58AM (#44082975) Journal

            The tools for private communication are there, and geeks like me contribute what we can (not that much in my case). Instead of saying "it's not rocket science", we should say, "it's not crypto." This stuff is hard, which is why it's fun.

            His statement that there is no practical way to safeguard privacy is true to a point. No one in the world is going to decrypt my one-time-pad encrypted email that I encrypt on a machine not connected to the Internet, transfer by USB stick, and email as an attachment. Instead, if anyone really cares, they'll just get my data the old fashioned way. It's really a matter of how much money the eavesdropper is willing to spend. Anything over I'm guessing maybe $100,000, and they just hire an expert to bug my house, car, cell phone, clothing, have an affair with my wife and run dog. If we care to, and have at least a small clue, we can encrypt whatever we want securely. At least if no one really cares to know what we're encrypting.

            I agree with Google, Microsoft, and friends. We should let our service providers be honest with us, and have a public debate about privacy vs. security.
            I don't have any secrets. Not one. Now that doesn't mean I post all my passwords on my blog,

            • by ooooli ( 1496283 ) on Sunday June 23, 2013 @02:01PM (#44086779)
              Obligatory xkcd: http://xkcd.com/538/ [xkcd.com]
      • by Instine ( 963303 )
        It's actually very difficult for the text to be read and filtered by a computer using this form of obfuscation, as long as there are enough variants of each letter, and they are well randomised throughout the content. However, you don't actually need a special font: http://www.tienhuis.nl/utf8-generator [tienhuis.nl]
    • I want to know why he thinks the NSA prints out each webpage and email and then runs it through OCR.

      ???

    • Even if the image recognition software wasn't adaptive (which I know at least some are), an image document with this font would scream red flag. A document with lots of text but low correspondence to common latin fonts?
    • Re: (Score:2, Insightful)

      by Anonymous Coward
      This is the first submission I have modded down since the ability to vote down submissions. I tend to vote and mod positively. Who in their right might voted this story up? Speak up so we may mock you.
    • Re: (Score:3, Insightful)

      Undecipherable my ass.

      More importantly, it's not as though the NSA reads your email by printing it out and sending it off for OCR... Font doesn't mean much if you have the document in any remotely sane digital format.

      • Re: (Score:2, Informative)

        by Anonymous Coward

        Undecipherable my ass.

        More importantly, it's not as though the NSA reads your email by printing it out and sending it off for OCR... Font doesn't mean much if you have the document in any remotely sane digital format.

        Speaking from experience as the copier repair guy, government agencies do in fact print stuff out so they can scan it - all the time.

        • by SoCalChris ( 573049 ) on Saturday June 22, 2013 @11:26PM (#44082707) Journal

          I've got a client that's a non-profit group home for abused kids. Because of what they do, and their funding sources, they have to send daily activity reports for each of the kids, including medical, psychological, behavior, school notes, etc...

          Every day, the reports are hand written on to forms, which are then typed into a computer, which are then printed, which are then faxed to the county (Typically 75-100 pages of fax each day), which is then entered into the county's computers, which is then printed out and filed.

          Between the original handwritten report, printed copy of the entered report, received fax, and county copy, multiplied by around 100 pages per day amounts to almost 150,000 pages created every year for something that could very easily be done almost entirely electronically.

    • by Anonymous Coward

      If the NSA and other snoops capture and record data that is sent and just store it for subsequent analysis when the need arises, a better approach to foiling them would be to not actually send data at all, but only to compute data live at each end.

      Computing the data of a communication can be done in countless ways, from timing the intervals between items of data sent (where the data is either garbage or readable misdirection), to encoding it in IP addresses used, applying mathematical functions to the liv

    • I tested a couple of the more human-readable variants with the OCR built into Adobe Acrobat, and Acrobat did really well. The normal Sans and Bold variants were recognized with nearly 100% accuracy, so I am unsure why they are even included. There were only a few letters in the noise variant that it consistently got wrong, but it got them wrong in a consistent manor (e.g. i turned into !), so some simple find and replace could get you a reasonably readable document. After that I got bored and I didn't try

  • Easy to crack? (Score:5, Informative)

    by doomtiki ( 789936 ) on Saturday June 22, 2013 @05:01PM (#44080915)
    Given that this seems to be just a simple font, why would it be hard to write an OCR program to decipher specifically this font (or any other supposedly secure font)? Perhaps a program that dynamically obfuscated text like a CAPTCHA would be more useful. This appears to be more of an artistic statement than something useful.
    • Re:Easy to crack? (Score:5, Informative)

      by Baloroth ( 2370816 ) on Saturday June 22, 2013 @05:06PM (#44080955)

      It isn't any more difficult to crack. Moreover, the absolute only way it would introduce any difficulty at all is if the NSA is scanning images of text. You can bet 95% or more of the data they intercept is already in digital form. The computer already knows what letters are what, so this will help precisely not at all, unless you start sending your emails in image formats, in which case, which is... yeah, not exactly a good plan. Just use encryption if it needs to be secure. This doesn't do anything.

      • Agree with parent: this is just silly, unless what is being sent is an image of the text. Not ASCII or any other binary encoding.

        And if one was going to send images of secret messages, what would make more sense is to use steganography: put the message in image. Like probably millions of Internet users are doing already. How else can you explain the plethora of cute kitten pictures?

        A point on which I'd like to see serious discussion by persons who know what they are talking about: How hard is it to deter

        • Agree with parent: this is just silly, unless what is being sent is an image of the text. Not ASCII or any other binary encoding.

          Maybe useful if you're sending your sekrit plans by fax, postcard, or carrier pigeon. Or, would have been useful until NSA had a copy of the font.

          Oh well, back to the drawing board.

        • You can look to see if the image is bit-for-bit the same as a known clean image on the internet. EG you intercept an image in an email that also appeared on, say, 9gag. You do a check to see if the image is in the same resolution, the same codec, etc. If you know they're the same format and such, you can delta the two images, if there's a difference you look to see if the difference is on the least significant bits. If so, that's pretty strong evidence that the image has a seganographic message in it.

          Ot

          • Re: (Score:2, Insightful)

            by Anonymous Coward
            By simply owning a cat though, or living in a neighborhood with cats, you would have a generator for an infinite number of pictures with no clean version anywhere on the internet.
          • Re:Easy to crack? (Score:5, Interesting)

            by dgatwood ( 11270 ) on Saturday June 22, 2013 @07:12PM (#44081691) Homepage Journal

            Depends on the steganography method used, and on how many images are sent using that method. If you're a spook and you see somebody suddenly sending lots of images to someone else, you might grow suspicious, at which point you'll start performing analysis to see if there are patterns emerging across the entire set of images, such as certain pixels that are always higher than the adjacent pixels by a certain amount. Granted, such patterns can just as easily be caused by sensor flaws, but some fairly primitive steganography techniques could be detectable in this way.

            Second, because subpixel noise in cameras isn't random—it tends to obey a gaussian distribution, and thermal noise can vary considerably from frame to frame depending on the length of the exposure—when spread over a large enough number of sequential or nearly sequential photos taken by the same camera, the steganography might be detectable by using a model of the predicted levels of noise that the image sensor should produce for a shot of a given duration and the elapsed time since the previous shot. This won't tell you what is embedded in the image, but if you're lucky, it might tell you that with a high probability, something is embedded. Depending on the circumstances, that might be enough to get a warrant. Then again, it could just be Digimarc.

            Finally, there's the question of the randomness of the source material (or, more to the point, the lack thereof). If the base image is at the native sensor resolution of the camera, the nature of the image sensors themselves could potentially be exploited to detect some types of steganography. In a real-world image sensor (except for Foveon sensors), there's no such thing as a pixel; there are only subpixels that produce a value for a single color. The camera must combine these values (a process called "demosaicing" [wikipedia.org]) to compute the color for a pixel in the final image. Because the subpixels that make up a pixel are not physically on top of one another, the camera typically computes the estimated value for the color at a given physical point on the sensor by combining adjacent subpixel values in differing percentages. For example, if the green subpixel is chosen as the "center" of the pixel and the red subpixel is to the left and the blue is above, it might mix a bit of the red from the "pixel" to its right and a bit of the blue from the "pixel" below it. (This explanation is overly simplistic, but you get the basic idea.)

            Unfortunately for steganographers, the way that particular cameras construct a pixel value from adjacent subpixel values is predictable and well understood. If a steganographic technique does not take that into consideration, it is highly likely that, given knowledge of the camera and its particular mixing algorithm, the steganographic data can be detected simply by determining whether there is any plausible set of subpixel values that could result in the final computed pixel values for the entire image. For that matter, given that most of the algorithms for subpixel blending are straightforward, even without knowledge of the particular camera, it is highly likely that steganography can be detected, because portions of the image that contain no hidden data will likely only be producible by a single algorithm, and portions of the image that contain hidden data likely will not be.

            Those are just a couple of types of analysis off the top of my head that might potentially be used against some types of steganography, given some types of source material, etc. It is entirely possible that there are steganographic techniques that are resistant to these sorts of analysis, and there are likely many other interesting types of analysis that I have not mentioned. I have not kept up with steganographic research personally, so I can't say with any certainty.

            • Depending on the circumstances, that might be enough to get a warrant.

              Those no longer seem to matter to your government.

          • Except many of the services in question do not present clean images. They will watermark it, recompress it, change metadata, etc. And that's assuming that the steganography is added to an existing picture. If no clean image exists, then there is no known clean image.
            • Yeah. That's why this type of steganography detection is really hard to actually implement.
              Another commenter replying to me outlined a number of cryptanalysis methods that don't seem to rely on a known clean copy. Although, they do seem to rely on bitmaps and known information about camera sensors. I'd expect an easy way to screw up an analysis would be to change to a lower bit-depth apply a few randomly tuned effects, re-encode the photo to a different codec, and then do the steganographic embedding. Th

              • It seems like an easy way to assure the steg could not be identified (let alone extracted) would be to apply a steganographic mask first: using Method A for selecting pixels to alter, encode an entirely random text onto the image, then use Method B to encode the payload on the result.

                I'm thinking that you would still want to use some form of encryption on the payload first.

                Makes me wonder to what extent steg techniques are being used today.

    • by Slugster ( 635830 ) on Saturday June 22, 2013 @05:09PM (#44080973)
      That is because you are like stupid.

      This would be totally rad to make signs with the next time hipsters wear the V masks and have one of those "Occupy Mall Street" things again.
  • by Bruce66423 ( 1678196 ) on Saturday June 22, 2013 @05:03PM (#44080931)
    which is only subsequently translated into a type face when the item is converted into an image which doesn't contain the letters. So all your data would have to be held as such PDFs, which are no longer searchable.Nice idea - shame about the reality
    • by cold fjord ( 826450 ) on Saturday June 22, 2013 @05:14PM (#44081019)

      The great tragedy of Science — the slaying of a beautiful hypothesis by an ugly fact. -- Thomas Huxley

    • PDFs very much can be searchable, and cut & paste-able, etc.

  • by cdrudge ( 68377 ) on Saturday June 22, 2013 @05:06PM (#44080949) Homepage

    I guess it will work for all my digital content that I save as raster graphics. Which is...um...none of it.

    • I guess it will work for all my digital content that I save as raster graphics. Which is...um...none of it.

      Meanwhile, at NSA headquarters...

      If Findfile(@SYSTEMDIR & "\Fonts\" & "ZXX.tff") Then {
              Enhanced_anal_prober();
      }

  • by carlhaagen ( 1021273 ) on Saturday June 22, 2013 @05:12PM (#44080993)
    ...when people with a fundamentally flawed understanding of computer communication try their hands at digital cryptography.
  • Yeah... (Score:5, Informative)

    by Georules ( 655379 ) on Saturday June 22, 2013 @05:13PM (#44081005)
    Looks like a fun little project, but subverted about as trivially as a ROT-13. A dynamic font might be a little better.

    How can we conceal our fundamental thoughts from artificial intelligences and those who deploy them?

    By using a real form of encryption.

  • by Connie_Lingus ( 317691 ) on Saturday June 22, 2013 @05:20PM (#44081063) Homepage

    hey this has given me an idea for the perfect secure font...every char is a blank.

  • "This project will not fully solve the problems we are facing now", they say. I'd say it barely solve some.
    It could even mislead people into thinking that writing emails with this font will make their messages safer. My father for sure would, as he doesn't know what UTF-8 nor what "charset" do mean.

    • You make an interesting point. It likely makes the entire problem worse by providing weapon with no power.
  • by RedBear ( 207369 ) <redbear.redbearnet@com> on Saturday June 22, 2013 @05:29PM (#44081141) Homepage

    I think most commenters here will end up completely missing the point, just as I initially did. Of course it will be trivial to bypass any possible protection the font might briefly provide, but that isn't the point. The making of the font is a political statement against government machinery and software spying on us and taking our humanity away. As such, I'd say it's quite clever and attention-getting.

    Now I'll sit back and watch 50 different people get up-modded for pedantically explaining how it will be trivial to train an OCR to recognize the font and how software reads the bytecodes and doesn't care about the font and blah blah blah...

    Is that a giant whooshing sound I hear?

    • by putaro ( 235078 ) on Saturday June 22, 2013 @05:45PM (#44081229) Journal

      And I will be writing all of my messages in crayon from now on because crayon will smudge up the scanner. It's only a point if it actually does something!

    • I think most commenters here will end up completely missing the point, just as I initially did. Of course it will be trivial to bypass any possible protection the font might briefly provide, but that isn't the point. The making of the font is a political statement against government machinery and software spying on us and taking our humanity away. As such, I'd say it's quite clever and attention-getting.

      Now I'll sit back and watch 50 different people get up-modded for pedantically explaining how it will be trivial to train an OCR to recognize the font and how software reads the bytecodes and doesn't care about the font and blah blah blah...

      Is that a giant whooshing sound I hear?

      Either way, it's still lame. I mean the pedants are obnoxious but so are pointless political gestures.

      • by RedBear ( 207369 )

        I think most commenters here will end up completely missing the point, just as I initially did. Of course it will be trivial to bypass any possible protection the font might briefly provide, but that isn't the point. The making of the font is a political statement against government machinery and software spying on us and taking our humanity away. As such, I'd say it's quite clever and attention-getting.

        Now I'll sit back and watch 50 different people get up-modded for pedantically explaining how it will be trivial to train an OCR to recognize the font and how software reads the bytecodes and doesn't care about the font and blah blah blah...

        Is that a giant whooshing sound I hear?

        Either way, it's still lame. I mean the pedants are obnoxious but so are pointless political gestures.

        Oh gosh, my sincerest apologies. I'll be sure to let everyone know that all political gestures need to be cleared by you first. You know, to make sure they're not "lame".

        If his purpose was to invoke widespread discussion of governmental spying on everyday activities of citizens, I'd say it was far from pointless. But that's just my opinion.

        • I don't know how the discussion of governmental spying can get any more widespread? You mean, the front page story in every media outlet in the world might not get noticed, but some random guy making a font - well, that will get everybody's attention.

    • If you want to make a political statement, why not just make a font that is all middle fingers? Equally useful, much clearer, and it requires far less effort. That he intends to make a political statement doesn't stop him from being a dumbass. There are plenty of stupid political statements. Furthermore, I'm not entirely convinced that he believes this to be a purely political statement. If he does, then he's done a poor job of explaining himself, as that is not what his statements convey. In all like
    • As with most art-based political commentary, almost nobody will get it outside of art circles.

      Everyone will think "This is stupid, why would you do that? It's hard to read; I don't get it."

    • I agree it's a fun little project. Looks neat too. The problem is that it actually has no use at all, but is demonstrated falsely to have some kind of technical advantage. Snake oil.
    • Comment removed based on user account deletion
    • It's not about missing the point, it's about the how email actually works. It's not that this method doesn't work, it's that it's a complete and total non sequitur. It's like trying to hide your income from the IRS by endorsing all your paychecks in disappearing ink.

  • At a moment when governments and corporations alike are hellbent on snooping through your personal digital messages, it'd sure be nice if there was a font their dragnets couldn't decipher.

    It is just a font! If I'm sending a digital message, as the intent of this article states, then it hardly matters what font I want it displayed in. What am I expected to do, print every email that I type and all of the data that I want to send into an image that uses this font and just send the image? I'm not convin

  • You could obfuscate HTML by generating a custom font with glyphs in the Unicode private use space for each message, then using hard-to-read characters. This is, of course, a monoalphabetic substitution, which is close to the weakest known cryptosystem. At best it might be useful for getting spam through filters.

    If anybody started using this font for CAPCHAs, there would be a module to break it for spam programs within weeks. Assuming the existing learning algorithms didn't solve it automatically.

  • by wonkey_monkey ( 2592601 ) on Saturday June 22, 2013 @05:46PM (#44081233) Homepage

    Yes, as anyone with half an ounce of sense will have already realised, no font will ever be NSA proof. The first mistake was publishing it on the internet...

    The creator is trying to make a point about privacy, not implement a workable solution.

  • Firstly, if its using standard character values and this font is laid over it, then you just look at the character value.

    Secondly, If this is only for display documents, there's OCR and the NSA is unlikely to get a sneaker net hard copy anyway.

    So if you limit it to electronic documents, then the only way to make it unreadable is

    a) the underlying character values are goofy ( the letter 'z' displays as "A").

    So the unicode character values
    zd% ne@erkaw $ekkew
    is actually display as
    "The terrorist network."

    And the

    • I guess, it is meant to be something like reverse-steganography: the characters would be openly readable by humans, but would map 1:1 to a permutation of the codes. What I mean: suppose that what looks like "M" on the screen has the ASCII Code for "A", then the NSA scanners would read "A" and obtain a slightly unparseable text.

      Of course, NSA could still apply basic kindergarten 101 cryptanalysis (e.g. by selecting characters according to their frequency and mapping them to EATOINSHRDLU...), but that would

  • lousy encryption idea. I mean, all one has to do is add this to an OCR database in order to decipher the text. anything printed and mapped is in essence already broken.
  • The idea should be to get ideas out on a larger scale, not hide them.

  • So his stuff will actually show up in that font when they try to read it.

    Wait...

  • by pbjones ( 315127 ) on Saturday June 22, 2013 @06:19PM (#44081401)

    Too easy to train OCR for his font. Same glyph for same character. When they say that NSA is reading your mail, they don't mean snail mail. I'm sure that it seamed like a good idea at the time.

  • That is to use anti-NSA measures for communication.

    On a side note, even just trying to read the example on the website gave me a headache. And I bet an OCR could read it much much faster than me.
  • If I use this for all my writing will it make me as k3wL as if I used 1337 speak?

  • Many have already pointed out that making an unreadable font would really only protect against physical letters (as in, mail, not email) being read, or perhaps text being distributed through raster images. After all, 0x446561746820746F20416D6572696361 means the same thing, whether it's displayed in Helvetica, Times Roman or this new font.

    We have measures that are better against machine interception (such as encryption), but those still have one flaw - they're obviously hiding something, and apparently "havi

    • Many have already pointed out that making an unreadable font would really only protect against physical letters (as in, mail, not email) being read, or perhaps text being distributed through raster images.

      That's exactly what he's trying to do. He's trying to make an un-OCR-able font. Of course, that will only last until the OCR software is trained against his font, but hey! It'll be good for a week.

news: gotcha

Working...