It's a cool idea but it kind of bothers me that with all this effort, you still only get a boolean worth of information (it was either accessed or not). No clue about who, when, where or why.
there is I believ a similar thing useing paint spatters as idicators of authentisity of electronics and also as proof of tampering, as the patterns are unique and can be produced, recorded ,quickly and cheeply.
> If of one or more elements within the mosaic are modified, unauthorized access or compromise can be assumed.
... But how is the recipient certain of what the mosaic should be? You can't put the reference photo in the same package, because it's taken after sealing. And if you send it separately, that package is also subject to tampering.
> ...an original photo, which has been taken for example, by a manufacturer, signed and transmitted to a customer via an encrypted communication channel, with a photo of the current state.
Old discussion https://news.ycombinator.com/item?id=31897530 (642 points | June 2022 | 165 comments)
It's a cool idea but it kind of bothers me that with all this effort, you still only get a boolean worth of information (it was either accessed or not). No clue about who, when, where or why.
Chaos Computer Club talk on this (using glitter nail polish) from way back in 2014...
https://www.youtube.com/watch?v=zpFKeVuP0_w
The talk covers A LOT more and focusing on "evil maid" attacks.
I would have never come across this except on HN & it's awesome!
I first learned about it via the blink comparison app on f-droid, linked in the article.
there is I believ a similar thing useing paint spatters as idicators of authentisity of electronics and also as proof of tampering, as the patterns are unique and can be produced, recorded ,quickly and cheeply.
Much like the split tally stick: https://en.wikipedia.org/wiki/Tally_stick
> If of one or more elements within the mosaic are modified, unauthorized access or compromise can be assumed.
... But how is the recipient certain of what the mosaic should be? You can't put the reference photo in the same package, because it's taken after sealing. And if you send it separately, that package is also subject to tampering.
> ...an original photo, which has been taken for example, by a manufacturer, signed and transmitted to a customer via an encrypted communication channel, with a photo of the current state.
Thanks, glossed over that, and also should have thought of it.
um, you like text it or email it?
The article anonymized a face using the compromised swirl method
Yeah but it looks like the face was also blurred before the swirl
"The rice is a little more fine-grained"
nice writeup!