Unredactor - Blur Function is not Enough
Reading Time: < 1 minute

The Blur function used to hide information is not good enough and has become increasingly common and you can test documents yourself.

The blur function can be woefully inadequate with the use of better technology and better software. Jumpsec, security consultants last year issued a challenge text inviting people to deblur the message. This week Dan Petro, a lead researcher at infosec shop Bishop Fox, confirmed he’d broken the blurring.

Petro is not revealing the full text of the blur in order to keep the surprise intact. Additionally, he released an open-source version of the code he used, dubbed Unredactor. Users can use it to test out to see what they find and provide feedback. You can watch how it’s done in the video, and the end message is very clear. (watch out as the video does contain swearing)

Petro said, “The bottom line is that when you need to redact text, use black bars covering the whole text. Never use anything else. No pixelation, no blurring, no fuzzing, no swirling. Oh, and be sure to actually edit the text as an image.”

Related Article:
VMware Security Patches for High-Severity Flaws Affecting Multiple Products
EU Data Protection Authority Calls for Ban on Pegasus-like Commercial Spyware
Crypto Hackers Steal $36 Million from Retirement Accounts