Archive for October, 2007

Interview Discussing Digital Forensics Tools Used by Federal Agencies and Bounty Fishing

He’s the world’s foremost digital forensics specialist, working occasionally with the FBI on everything from fraud to child pornography. We asked Hany Farid, the mind behind the top digital forensic software also used on this site, a few questions about his life and work in this new and important field. Read his take on digital forgeries and some of the challenges he has faced throughout his unique and fascinating career.

Digital Fish

BF (Bounty Fishing): How did you first get involved with digital forensics?

HF (Hany Farid): I stumbled upon a clause in the Federal Rules of Evidence that stated that traditional 35mm film and digital images were, in the eyes of the law, equivalent when it comes to the introduction of photographic evidence in a court of law. This was ten years ago, and even then I thought “this is crazy”, and “this is going to be a problem pretty soon”. I spent about three years thinking about how to approach the problem of authenticating digital media. And about seven years ago, I had my first insight. Ever since, I have been developing mathematical and computational tools to detect tampering in digital audio, image, and video.

BF: Are there some forgeries that you can’t catch?

HF: Yes. In fact, I can create forgeries that our software can’t detect. But, it is difficult and time-consuming. And, as we develop more tools to detect different forms of tampering, it will becoming increasingly more difficult and time-consuming to create a convincing fake.

BF: Where do you see this all going? Are you getting better at catching forgers, or are they getting better at getting away with it?

HF: Both. The forger/forensics game is similar to the spam/anti-spam and virus/anti-virus. Both sides get smarter and more sophisticated. In the end, the forensics side has the harder job – it is always easier to create a fake than it is to detect it.

BF: Are forgers only using Photoshop? Or does specific forgery software exist?

HF: Adobe Photoshop is by far the most common photo-editing software used to manipulate photos. Because of this, Adobe is concerned about the impact of their software – they in fact fund some of the digital forensics research in my lab.

BF: What is the difference between your software and that used by federal agencies?

HF: Our software is the software used by some federal agencies. In fact, I just returned from the FBI forensics in Quantico, VA, where I was demonstrating the latest version of our forensic software.

BF: What it was like working on the child pornography case you mentioned in the New York Times article?

HF: Incredibly disturbing and incredibly important. The issue here is that the United States Supreme Court held that virtual or computer-generated child porn images are protected under the first amendment. As a result, a defendant can claim that the images that he/she possesses are virtual and hence protected. Then, prosecution has to prove that they are real. I have worked on several cases where the Court has asked for my opinion as to whether images are real or computer-generated. I don’t like looking at these images (they give me nightmares), but I think it is important for the Courts to hear a sound technical opinion in order to arrive at a reasonable legal conclusion.

BF: At the end of the day, a digital image is just 1s and 0s, right? How much are you looking for visual clues, and how much is an analysis of the file’s source data?

HF: We have many different forensic tools. Some looking for lighting or shadow inconsistencies, while others directly analyze the underlying pixel values. There are many ways to tamper with an image, so we need lots of different ways of analyzing images. Each case that I work on is different, and in each case I need to draw on a different approach, and sometimes create entirely new tools.

BF: Do you hire or work with successful forgers?

HF: I am a successful forger.

BF: Your services have been called upon for a wide range of situations. What was it that made Bounty Fishing a particularly good project?

HF: In some ways Bounty Fishing epitomizes the future. Here is a business model that critically depends on the ability to authenticate digital images. As we become a more digital and wired world, I am sure that we will see an increase in the number of businesses that are going to need to authenticate digital media. So, I was excited to see our forensic software be employed by Bounty Fishing.

BF: What’s the strangest case you have ever dealt with?

HF: I can’t say, but it was very strange.

BF: Are low quality photos easier to forge?

HF: Generally yes because reducing the size of an image and adding noise obscures traces of tampering – this is almost certainly why virtually all of the UFO/ghost/Loch Ness monster images are small, grainy and out of focus.

BF: Is this picture real?

Warped Face

HF: I sure hope not.