82 comments

[ 0.20 ms ] story [ 158 ms ] thread
Was expecting this to be yet another article about EXIF data (only). Glad to learn something new!
> So, even if you used two cameras of the same make and model to snap a uniformly lit surface – where every point on the surface has the same brightness – there'd be subtle differences unique to each camera.

Ok, but will that survive JPEG compression? Since JPEG is meant to remove details that aren't visible to the human eye it would be surprising if this fingerprint survived in a usable way.

According to the article:

> Technically, it should be possible to suppress, for example, by reducing the image resolution, says Farid. But, by how much? This of course depends on many factors such as the type of device used for image capture, as well as the fingerprint matching algorithm employed. There is no one-size-fits-all solution to fingerprint removal.

The effect is real, but cameras actively try to suppress it. Cameras have a map of particularly bad pixels which are ignored (much like a bad sector map in a hard drive), and when doing long exposures most cameras will/can do two exposures, where the second one is made with the shutter closed.

I'm skeptical this works after boiling 24...50 megapixels down into a tiny web-sized image with 1-3 MP.

Yes, it does survive compression. That’s why if you’re into astrophotography and want to stack pictures you start by taking a black picture. That way, you capture the noise pattern to remove from the noise from the other pictures.
Wouldn't astrophotography be done using lossless (or no) compression?
It depends. Cheap webcams are commonly used for planets, for example. They record a bunch of JPEGs or a movie, which are then processed and stacked. The idea is that with many exposures you get as much signal as with a long one, without the associated artefacts (noise from high sensitivity, blur from fluctuations in the atmosphere, etc). Compression artefacts don’t matter as much, but sensor noise does.

Of course, in some cases shooting RAW from a specialised camera is better, but quite often JPEGs straight out of a standard (cheap DSLR or mirrorless, or webcam) camera are more than enough. Takes an order of magnitude less memory as well, which counts when you have stacks with 200 pictures.

There is a discussion here, for example: https://www.planetguide.net/astrophotography-webcam/

Getting rid of dark noise is one thing, the gain of each pixel is apparently a bit random due to manufacturing processes as well. You'd have to take a picture of a uniform white surface to calibrate that out as well.
Yes, exactly. Except that we take a picture with no light at all to get an image of the noise from the sensor, typically leaving the lens cap on.
JPEG compression is calculated locally in small segments, so variations across the whole surface can still survive, each segment being independent. JPEG is not "meant" to remove detail, more like prioritize large-scale phenomena, which in this case would preserve imbalances between segments.
> In the post-truth age, the ability to spot fakery is obviously a positive development

I like how they call the modern world. Though, I'm not sure what time in history can be called "truth age".

Most of the history was "pre-truth age". By the intermediate value theorem there surely was a brief, infinitesimal period of "truth age". /jk

I guess the word "post-truth" means the lack of truth as an objective or goal, not the lack of truth by itself.

> what time in history can be called "truth age".

I'd say most of it, and we're still largely there.

People basically believe what they're being told and shown. Being inhertinaly skeptical is very rare.

>post-truth age

This sad term makes me feel like there are adults out there still grappling with the fact that lies and uncertainty exist

(comment deleted)
Why is it that cameras automatically add metadata to photos, anyway? If I go to buy a camera, what I expect it to do is take photos and that's it, not to add some data to the photos without asking me.
(comment deleted)
We have very different expectations. I'd be pretty annoyed if I couldn't browse and sort my photos by date taken.
That makes sense. I myself would prefer to have to do something to get the camera to add a timestamp to a photo but I can understand that probably so many people want it to be the default that there's little reason for manufacturers to not make it the default.
Btw. it is not just about date and location. Many cameras also add the lens, aperture, exposure time and the like, which can be very useful for post-processing. I think most EXIF information isn't that sensitive.

And regarding the timestamp: it isn't that accurate after all, because the timezone is 'local' (whatever that means). So if you don't know where the picture has been taken or can't be sure that the device actually uses the local timezone (who changes the time on his DSLR when he travels to a different timezone?), you can only derive the date with certainty.

After all, whenever you post an image online you should be aware of the information you put out there. For example, if you are an American and in the background of the picture is the Eiffel Tower, a burglar doesn't have to be Sherlock Homes to guess that you are on vacation.

In addition, the article is about the information that is not explicitly encoded into the image (like EXIF), but implicitly reveals the sensor fingerprint, which you would not see even if you would take a look at every byte in the file, because you need to know what exactly to look for. If you know what too look for, you could theoretically see it even on the printed version of the picture ;-)

At least the date and time you took the photo are very helpful, and I'm glad it is there when looking through my photos. When we switched to APS cameras end of the 90s this info was also added to film photos. (Edit: EPS -> APS)
APS. That’s a term I haven’t seen in a while. It was a pretty “flash in the pan” spec that only lasted for a few years, and never caught on. My wife has a very nice APS SLR that is covered in dust. We stopped being able to get film for it, even before digital cameras started to take off.

It was too little, too late. Pros never took to it, and the smaller size and variable aspect made it less-than-ideal for consumer printing.

Your expectations don't gel with what actual users of these cameras expect. Normal users want this metadata to help with organizing their photos and help with post processing. I am sure the user manual tells you what EXIF data is stored by default and how to disable the data if you so choose. Howeve if you actually read the article you'd know this is not about metadata at all.
I did read the article, but I figured this comment section would be a good place to put a question about metadata.
Contrary to the article ("hidden information", "parasitically burrows itself into every photo", "not the only thing hidden in your photos") which tries hard to make it sound somewhat shady, EXIF metadata is neither hidden nor hard to remove. In fact, it is hidden so badly, that even Windows Explorer can view and edit it. Virtually every photo/image editing tool shows it and can remove it as well.
Because the data is insanely useful. iOS uses it to show a map of your photos so you can browse by location. Google photos also lets you search by location. It can also be used by image processing software to apply default settings when importing photos from cameras. You may have set up different profiles for different cameras based on what you have found looks best for the hardware.

Almost all social media strips this data other than really amateur stuff or 4chan. Or in the case of vice, their own site.

4chan does strip exif data. Sometimes when people posted photos with location data somebody would notice and order a pizza to their location, back when it was still a relatively civil place, then at some point they started removing it.
To help users organize their photos by location, date, and time. Nothing nefarious about it, it is something that the majority of people find convenient.
Wouldn't you need a reference picture to compare two cameras? Or would you be able to determine which camera took a specific picutre if you get hold of it and can take test pictures? Or can you just compare two completely separate pictures and determine if they are taken with the same camera? If you can then that means protestors/anarchists who intend on documenting what is going on and want to stay anonymos should buy a sort of "burner" camera that they do not use for anything else.
The first rule of hand wavy forensic pseudoscience club is that there are no rules, you just need to be able to bamboozle a jury.
You can analyse things like vignetting, distortion and chromatic aberration to identify a camera model or family. I suppose you could also look for details in AI-processed photos to try and identify the processing software, possibly down to the software version. It would work with phones, for example. Not with manually processed photos, though. The dark noise pattern is specific to each sensor, so if you can reliably get this, you could identify specific devices. So, there are caveats but you can get a lot of information.

It's probably a good idea to use a common phone or cheap camera. And change date and time, and make sure it does not leak anything in the EXIF metadata. And make sure that the sensor does not have any dead pixel, because that would be a dead giveaway.

this technology could also be used to reveal AI-generated synthetic imagery

Yeah, AI may one day be able to fool the human visual system but it will never be able to add a watermark to a video.

LOL, I don't understand what they were thinking when writing this part. AI may be used, probably, in order to remove the watermark even right now, not one day, but recognizing the non uniform part, subtracting it and adding a different one. To create the training set of same-image taken with differnt-sensor is not hard.
It's a game of cat and mouse of course.
Where the mouse is now the size of a horse.

Ultimately this is a classic case of security through obscurity, it won’t protect us from deep fakes long term.

I've seen a lot of attempts at neural network image generation that create constant artifacts in the images. It's not that image generators are unable to add a specific bias to their images in an attempt to look like a specific camera. It's the opposite: generators have their own signatures that these techniques can detect and track.
That part doesn’t really need ML of any kind; ultimately unless a watermark is based on a rigorous and proven cryptographic scheme, it can be faked.

They are apparently not doing anything like that, it’s just “hey, these photo sites are all a bit different”.

Well, that’s what they’re saying publicly anyway, could be complete bs and every sensor has a government sanctioned backdoor in it.

IIRC, Facebook has a patent where photos taken with the same camera can be detected, which I think is similar to "photo response non-uniformity". They use it for recommending friends. I think there was a case where Facebook was recommending to friend request other people who all had their weddings taken by the same wedding photographer!
In the article there is no mention that EXIF tags are stripped away by all the major social networks / messaging systems.
It's there actually: >Some social media platforms remove information like geolocation (though only from public view), but many other websites do not.
Its also important to know that just because they strip it for the public facing file, there is no reason they don't store it privately to comply with legal requests.
They mention that they don’t publish them but surely keep them and analyse them themselves
This reminds me of a technobabble fingerprinting technique in the (not very good) movie Beyond a Reasonable Doubt (2009). It has a pretty uncanny resemblance to the method the researcher created for detecting if a photo has been altered (the idea being that cameras have unique noise fingerprints and you can detect if some part of the image doesn't have the same fingerprint to cast doubt on the authenticity of the photo).
exiftool -all= filename.ext

That is all.

Someone didn't read the article...
This is why I always print out my photos and then fax them to Google to be uploaded to my albums.
That would likely unironically be a thing if Google were a german company.
That would probably be the only way of doing it. And you would have to give Google a 3 months notice to remove a photograph from your album.
Some fingerprints and/or editing artifacts survive this. Search for "rebroadcast attack".
Actually, that is the first time I see the JPEG artifacts as something beneficial.

Maybe they should invert the 'quality' scale and call it 'privacy' ;-)

If cameras had a setup step similar to astrophotography systems, this wouldn’t be a thing. Dark frame to remove thermal noise, bias frame to remove noise in the ADC, and a flat frame to remove vignetting.

I don’t actually see any of those as being difficult to implement - but I guess there’s also no market.

Most cameras remove a black frame from photos with a long exposure. I’m not sure about mobile phone cameras though.
> I’m not sure about mobile phone cameras though.

How could they? They have no physical shutter.

It's perhaps prudent to be very wary when using this technique.

Errors in a CCD are not necessarily random - if the error is on a mask used in the silicon production process, you might find for example that hundreds of other sensors across the world all have a very similar error profile.

Knowing if your software has picked up two images taken by the same camera, or one of the few hundred made with the same masks is going to be awfully hard to do with sufficient confidence...

This is exactly a technique used in media forensics. You can even tell things like crop region and lens geometry (due to subpixel statistics and chromatic aberration). Train a resnet on tens/hundreds of thousands of images and you'd be surprised what labels it can learn.
In 2014 when my city was innundated with floods and no electricity meant internet was hard, I tracked down a photo posted online using exif data to inform another person that the photo was of his neigbourhood and that the photo was taken at a particular time.

I remember spending days/weeks 18 hours a day cold calling all my contacts one after the other because I wanted to "hear someone say they are alive".

In the end everything worked out pretty fine and a major disaster didnt happen.

it's why I often share screenshots of photos... to remove as much information from them as possible
That is a really good idea... plus you have the image at the exact viewing resolution you want to share. 8)
and if you crop it, you get a random size every time and it is easier to prove that you have the original.
Is there a similar article online somewhere that can be read without having to enable JavaScript?
A lot of mobile cameras now take high resolution images (108 MP, 50 MP) and downsample them to something like 8 or 12 MP. Since this is done in the same way every time I guess any systematic noise could still be detected, but it will be attenuated and even more difficult to find, and that's before JPEG compression, multiple frames fused for HDR, and so on.

Tying a specific camera to one or a few photos in a criminal case sounds extremely dubious. Natural images are full of different kinds of noise anyway, and each pixel only has 256 levels of intensity.

Is it possible the two photos were exported from some photo software ten minutes after each other, and the export adjusts the EXIF timestamp? Probably less likely, but just positing another scenario.
> Photo response non-uniformity, however, is far more difficult to extricate.

I don't see why? Seems like all you need to do is take a photo of an evenly lit gray card, determine the variation of each pixel, and then apply the reverse of that to every photo you take.

And a simple filter can even get around the "evenly lit" part trivially, as long as it's smoothly lit. (I.e. handle gradients.)

The article doesn't mention this at all -- yet isn't this the kind of thing astronomy photographers do when stacking photos, to prevent the "fingerprint" from accumulating?

Of course, it's not even clear this "fingerprint" is even remotely readable from average photos -- it seems like it would be completely indistinguishable in any scene with detailed textures. So it's really only in areas of blank walls, sky, etc. where it poses a risk.

It's difficult to extricate for the reasons you mentioned - various textures interfere with extracting it. But it's also surprisingly difficult to purge once you extract that fingerprint.

Astronomers (I presume) do much more in the way of non-uniformity correction (NUC). Often one of the biggest differences between consumer cameras and industrial/scientific ones is the ability to continuously recalibrate them, either in firmware or in post. You could do the same with off-the-shelf cameras and some software, but there's little need most of the time.

> But it's also surprisingly difficult to purge once you extract that fingerprint.

Can you explain why? Is it not just a simple subtraction?

E.g. is it not a pattern of predictably varying intensity per-pixel, but a spatial pattern of nondeterministic noise? So each individual pixel has a likelihood of contributing to the "fingerprint" in any given photo, but you don't know if it contributed in this one?

Or does it totally predictable on the sensor, but the on-camera RAW processing followed by JPEG compression transform it in non-predictable ways, so that you'd need to extricate it on RAW data directly before any processing?

Or is it something extremely non-linear that changes depending on pixel brightness per color channel, or is drastically different depending on exposure time?

I'm super curious if you or anyone has actual knowledge here.

The theory sounds simple, but my (barely) educated guess is that an "evenly lit grey card" is an understimated endeavor.

There is a reason why 3D rendering is difficult; light bounces an awful lot. Objects slightly tint the whole room even if unperceptibly. Lamps vary in intensity, and their shape affect the outcome. So how do you even set the scene up? With a small card the phone being so close can affect lighting. A distant large surface requires more distant lights for uniformity, o simply more lights. Getting the camera out of focus might be useful, but can't correct large scale phenomena properly. Getting the watermark is the difficult part imo.

After all that, once you substract it from every picture you take, every subtle mistake you made in the watermark generation phase will become your new watermark. You bet your privacy on your error being very close to the zero function across the whole grey card. As mentioned in every other comment, astronomers do these calibrations often... for a living. I'm simply not that invested beyond removing EXIF data.

> The photo timestamps, however, said otherwise. The images were taken 10 minutes apart.

Perhaps I'm stupid but could it be possible that the camera clocks were not set correctly?

Also, what timestamp were they using for this comparison? EXIF data? Filename (some cameras store the filename of images/videos as the datetime it was taken)? Filesystem time it was written, and was that on the camera or when the files were dumped to a computer and saved there one after another sequentially?

There could be several potential sources for this "timestamp," but I haven't seen the one they are talking about actually mentioned.

ELI5: if someone downloads photos that I have uploaded to a) Reddit b) Facebook c)Instagram can they access the Exif info?

What if I have cropped and re-saved using GIMP or Mac's Preview?

GIMP has options to preserve or strip exif data in the Export tool. Can't speak with confidence about the other stuff that I don't use, but I expect that social media probably preserves it at least internally -- that should be really easy to test if you've got an account on the sites you're concerned about
Then there are companies like Parler which didn’t even bother to remove the meta data. Unbelievably noob, they deserved to be shutdown even if I am generally pro free speech. Made it easy to find the white supremacists though.
The company didn't protect noob users from themselves?
When will manufacturers or others "test fire your camera" before it is sold and file the results? That database will be worth money to someone in the future (not the customer)

I believe this is done for handguns - they test fire the gun, then record the way the firing pin marks a cartridge - all before it is sold.