At the start of May a new image authentication service was launched. Izitru (“is it true”) was developed by Fourandsix Technologies Inc. to “allow anyone who captures a photo to certify the original before they make any modifications or begin sharing it”. Hany Farid is one of the co-founders of Fourandsix and probably the leading authority on digital image forensics. He’s developed some excellent methods for detecting image modifications and tampering.
As Izitru is a publically accessible web based tool I decided to give it a try. For these initial tests I created a small set of test images – simple snapshots of my garden taken with a Pentax K20D and an iPhone4. I make no apologies for the aesthetic lack in the images or the state of my garden!
Pentax K20D Images
My first upload was a JPEG generated in-camera on the K20D (http://www.izitru.com/T9ti0). This was flagged as “Undetermined file history – Our forensic tests are inconclusive, so we are unable to confirm that this is an unmodified original file from a camera”. This was something of a surprise as I’d shot it as RAW (DNG) and converted to JPEG in-camera. In the strictest sense this is not the original file as it has been converted from the DNG, but I’m not convinced that converting to JPG in-camera is any different to saving as JPEG at capture time.
To test this I took another shot (a few days later) with the camera set to save to JPEG directly (http://www.izitru.com/qymFE) . The test results are identical. So what’s going on here? Why is my original image not getting the highest trust rating? The Tips section of the website yields a clue: “
We don’t yet have a complete set of tests for your camera model.
One of the tests performed by izitru relies on a database of “signatures” that describe the distinct ways that different camera models store their JPEG files. We’re continually expanding this database of signatures as new cameras are introduced. If we don’t yet have a complete signature set for your camera model, then you may be unable to pass this test, and the best rating we can assign to your image will be “Medium Trust”. However, with sufficient uploads from you and others using the same camera model, we’ll eventually collect sufficient data to build a complete signature list.
Based on this I assume that my venerable K20D hasn’t made it into the signature database yet!
Many photographers shoot RAW images of some sort and then produce a JPEG image using something like Aperture, Lightroom or Photoshop. I took my original DNG file from the K20D and processed it through Photoshop (http://www.izitru.com/SopZM) and Lightroom (http://www.izitru.com/o09Yh) with no modifications. Both images failed for potentially modifications – specifically being resaved. The structure of the JPEGs should not be an issue as, presumably, both have been profiled by Izitru. It could be due to the image source being less than mainstream. Or perhaps the site considers images generated by Photoshop and Lightroom to be an immediate fail. Given how common this sort of workflow is this could be an issue.
Next I tried an image taken with the standard iOS camera app on an iPhone4 (http://www.izitru.com/IAxY0). This got the green light: “High Trust -This image passed all of our forensic tests, so the evidence strongly suggests it is an unmodified original file from a camera”. From this I assume that the iPhone4 is included in the signature database.
To test this further I took an image (http://www.izitru.com/NFuUX) using the “645Pro” camera app which is my preferred choice when I want to get more control than the in-camera app offers. This received the rating: “Potential file modification – Our forensic tests suggest this file has been re-saved since initial capture. Because this file is not a camera original, it is possible that it was modified”. I would have expected this to fail in the same way as my K20D images but it did not.
A little further investigation revealed one possible source of the discrepancy. I had uploaded the processed JPG saved by 645Pro which, depending on the way the app works under the hood, may have been resaved from the original file. I took the shot again (http://www.izitru.com/T4Erd) a few days later with 645Pro set to save a direct ‘MAX Quality JPEG” but the results were the same. I’d like to look into this further but at the moment I don’t want to get sidetracked by trying to discover how exactly 645Pro processes and saves its images.
So back to the iPhone4 camera-app images. According to the documentation one of the things Izitru is looking for are signs that the image has been resaved. So I took this image (http://www.izitru.com/hEEqF) which originally received a ‘High Trust’ rating and loaded it into Photoshop. I resaved it at the highest JPEG quality with no other adjustments (http://www.izitru.com/aAJIJ). The resave was detected by Izitru. I then took the original image, edited it to remove Luna (http://www.izitru.com/Z5qI5), saved it as a highest quality JPEG and re-uploaded. This also failed the forensic test for a resave. I was hoping the significant edit would be detected in some way but it was not.
The next step was to see if alternations to the non-image data in the JPEG files were detected. Metadata stores all sorts of information about when, where and how a picture was taken. Using the PhotoMe application I altered the “DateTime” tag (http://izitru.com/Z8Gzw), and the “DateTimeOriginal” tag (http://izitru.com/Yh6dz). I also changed the filename in Explorer (http://izitru.com/Hd1TO). None of these changes were detected.
I did not try altering the GPS data as these images did not include this. This would be an obvious target for manipulation so I do intend to test this in the future.
So does it work? Well yes, but it depends how you want to use it.
If you want to snag an image from the internet and validate it, then Izitru will not give a useful result. Almost every image will fail for having been resaved at the very least.But then the site does not claim to be such a tool.
Its primary purpose is to provide a validated original against which other images can be compared. So a photographer could upload their image, get it validated, and then set it free in the wilds of the internet. No matter how many times the image is cropped, edited, captioned, Facebooked, or uploaded to ICanHasCheezburger the original will still be available for comparison.
I originally started looking at this following a comment by David Cambell on twitter:
“Not a question of “too much photoshop.” Any change at all = fail http://nyti.ms/1hxO5zJ No professional image will pass IMO.”
Given that images from two common photographer’s workflow tools (Lightroom and Photoshop) and in-camera JPGs from my DSLR all failed to get the highest rating this is a reasonable assertion which could limit the utility of the tool. I need to investigate this further using images sourced from something more mainstream. Who wants to lend me a 5D Mk III?
Changes to metadata do not seem to be detected though I have not tested this exhaustively. Adjusting the GPS location and date/time information of an image are a likely target for forgery.
It may be that this tool is best suited to cameraphone images where there is no intermediary software and the in-camera processing can be well characterised. So it may be of more use to citizen journalists than more mainstream photogs. I’ll be interested to see how much traction it gains.
This is far from an exhaustive test and there are areas I would like to look at in more detail, time permitting.
During the upload Izitru performs the following tests signature analysis, JPEG structure, double JPEG detection, JPEG coefficient analysis, sensor pattern analysis, and JPEG ghost detection. I hope to look at these in more detail so see exactly what operations are being performed.
Testing with other DSLR models is required. It may be that the in-camera JPEGs of other cameras may get the highest rating. But what about in-camera processing such as colour and curves? Such an image would be ‘original’ but would the audience consider it ‘unedited’?
Assessment of other cameraphone apps and the way they save their images is also worth further investigation.
Tests on metadata editing and GPS data.