Blur: Add warning about tool being insecure for sensitve info #191
Description
Hey, not sure how to make this an immediately useful and actionable issue, but I wanted to bring awareness, and hopefully attention from someone who has more specialized knowledge into this compared to me who would be able to pitch in with guidance.
The blur tools, regardless of the strength (e.g. apply 3 times as suggested in #179), might be leaky in the face of sophisticated tooling.
Here is a couple resources on this:
- Research Paper: On the (In)effectiveness of Mosaicing and Blurring as Tools for Document Redaction, by Steven Hill*, Zhimin Zhou, Lawrence Saul, and Hovav Shacham (2016)
- Blog Post: Never, Ever, Ever Use Pixelation for Redacting Text By: Dan Petro, Senior Security Engineer
Here is a direct quote from the paper's conclusion
Mosaicing and blurring are popular forms of redaction because they have a certain aesthetic appeal to the naked eye. The images that these methods produce are highly suggestive of text; as a result, they do not disrupt the visual appearance of documents to the same extent as cut-out or black box methods for redaction. But while mosaicing and blurring are lossy transformations, they preserve far more information than most users realize.
I just discovered swappy, it looks like an incredible utility, and I'm likely going to implement it into my config right after submitting this issue! My hope is that this issue might enable productive discussion in how to improve this tool to become even awesome-r :)