Warning: There’s an app for blurring out sensitive information in images called Obfuscate being featured on #GNOME Software right now.
Please be careful.
The default blur setting can easily be reversed.
The default should be to replace the areas with a solid colour or a pattern not derived from the underlying information.
This really should not be a featured app in its current state.
#security #linux #apps #obfuscate
thm | tomáš א mládek
in reply to Aral Balkan • • •😬 This really should be common knowledge, I've seen lots of people make the same mistake.
Having this misfeature in a "featured app" is absolutely dangerous.
Aral Balkan
in reply to Aral Balkan • • •Pixelating Text Not A Good Idea
Hackadayjan ale
in reply to Aral Balkan • • •extension
this.addEventListenerFile(filePath)
Aral Balkan
in reply to jan ale • • •Aral Balkan
in reply to Aral Balkan • • •Aral Balkan
in reply to Aral Balkan • • •Case it point, the text in my image was revealed by @janale about fifteen minutes after my original post.
toki.social/@janale/1083740420…
#GNOME #Obfuscate #security
jan ale (@janale@toki.social)
toki.socialFernanda
in reply to Aral Balkan • • •Aral Balkan
in reply to Fernanda • • •Wow.
Just replied here:
gitlab.gnome.org/World/obfusca…
Security: Default obfuscation settings are not secure (#45) · Issues · World / Obfuscate
GitLabAral Balkan
in reply to Aral Balkan • • •Right, the app’s developer has agreed to change the default tool to pure colour replacement (which is secure).
While he wants to keep the blur tool also (for non-sensitive stuff/aesthetic uses), I hope that he’ll be adding a warning to it when it is first used that alerts people not to use it for sensitive information and/or that the app description reflects that.
All in all, a positive development.
And now I can go back to coding…
was B (this is my old account)
in reply to Aral Balkan • • •Trisha Lynn 🇵🇭 🇺🇸 🇨🇦
in reply to Aral Balkan • • •Aral Balkan
Unknown parent • • •Fernanda
in reply to Aral Balkan • • •nikomaru
in reply to Aral Balkan • • •nemo™ 🇺🇦
in reply to Aral Balkan • • •True folks should be very carefull
positive.security/blog/video-d…
nitter.unixfox.eu/mr_phrazer?c…
twitter.com/mr_phrazer
synthesis.to/
github.com/subeeshvasu/Awesome…
people.duke.edu/~sf59/TIP_Demo…
github.com/BishopFox/unredacte…
bishopfox.com/blog/unredacter-…
Never Use Text Pixelation To Redact Sensitive Information
Dan Petro (Bishop Fox)Fruitlov3r
in reply to Aral Balkan • • •