Fingerprintable Camera Anomalies

[HulaHoopWhonix]

There is a new scary technique to deanonymize activists/users who post pictures by fingerprinting pixel anomalies caused by the camera hardware:

https://www.google.com/patents/US20150124107 Facebook patent: fingerprinting your camera via quirks in its pixels to work out associations between users.

Any (fingerprintable) picture ever posted non anonymously by an activist is enough to link them to any pictures shared anonymously even if the metadata is sanitized and the faces blurred.

Questions:

How prevalent is this problem with cameras?

How can it be detected to warn users and what countermeasures can be applied in such situations?

[harlo]

The fingerprinting techniques are actually well documented and have been for years. Have a look at the work by Dr. Jessica Fridrich: http://dde.binghamton.edu/download/camera_fingerprint/

[harlo]

That said, we have not discussed any techniques to counter this. Without the extra information provided by a social graph (Facebook's, or another service, i.e. Google) it would be hard to make use this info. But alas, this is the world we live in now, so it's good to discuss. Thanks!

[hex-m]

Some research brought me to a nice presentation from Jessica Fridrich. It explains PRNU and how it could be removed. Recent research argues, that it's possible to identify a smartphone using a single picture.