Schneier on Security
A blog covering security and security technology.
« Latest News on the War on the Unexpected |
| Credentica »
February 14, 2008
Embedding Iris Watermarking in Photos
Canon has filed a patent on embedding an iris scan of the photographer in the metadata of photographs, presumably secured with a digital signature.
Posted on February 14, 2008 at 1:06 PM
• 33 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
That might imply that they're working on eye-controlled autofocus for the digital EOS line. They had it in the EOS-3, but for a variety of stated technical reasons, haven't brought it forward.
So, I just read the link and have no clue whether or not this watermarking is reversible, and how that biometric data is protected from interception.
It's a good thing I never actually look into the viewfinder of my camera.
Many digital cameras have a relatively large LCD viewfinder, in addition to or in place of an optical viewfinder. The LCD allows you to hold the camera 12-18 inches in front of you, and still see the 'preview' of the photo you're going to take.
Iris scanning won't work with LCD viewfinders.
And if you don't want this technology in your camera, then buy a Canon model that doesn't have this technology, or buy a different brand.
And I just got used to using the screen rather than the viewfinder on my camera :-)
I guess they're aiming for 'professionals' (who don't mind paying for the extra CCD).
Fingerprint scanner on the shutter release button anyone? (maybe I should patent that :-)
I'm not sure why I want something such as an iris scan embedded in my images. As a professional photographer, I love the idea of watermarking and improved watermarking would be great but why an iris scan? Why not just use the existing, already embedded EXIF data, which includes my name and copyright information already and make it more resistant to being eliminated through file conversion.
To me this seems like a senseless use of flashy technology to little or no benefit. Maybe I'm missing something.
One potential use is in imaging used in forensics. It would tie an image used as evidence not only to trhe camera, but to the photographer. Seals the chain of evidence. I expect that (currently) this would be an extra cost option for those sorts of professional use, rather than the paranoid, though attractive, "they're always tracking us". That'll come in a few years :)
This seems like a perfect solution to a problem I can't quite think of. Chain of custody for digital photographs used as evidence? It's not terribly useful for the article's stated purpose (making sure copyright holders are credited for their photos) since the person behind the lens isn't necessarily the person who gets the credit, and you want their name anyway (their iris-print is kind of irrelevant).
The person who photographed every page of the last Harry Potter book is probably glad his camera didn't have this feature.
So how long until the camera that snaps your driver's license photo also grabs a snapshot of your iris or retina at the same time?
This could be as simple as hashing enough of the iris as to make it unique and then embedding it so that you can easily sort different photographer's pictures, be it on your computer, flickr, etc. If this is the case, it would be useful and secure.
I'm assuming this is more for use in SLR's, which still rely on the viewfinder.
Thomas> Fingerprint scanner on the shutter release button anyone?
Thomas> (maybe I should patent that :-)
Great idea. Too bad you can't patent it. You just published it.
"I'm assuming this is more for use in SLR's, which still rely on the viewfinder."
You're probably right. Still, customers can "vote with their dollars" by buying a different brand/model, if they don't want that technology in their own camera.
I seriously question the validity of identify as retinal identification. The ATM card, useful for our every day transactions are threatened by the ease of being cloned. If devices that capture iris (retinal scan) become common, obtaining "irrefutable" identifications will be within the reach of criminals as much as the authority. As far as I know, my DNA samples are covering the walls and floors of the places where I live and anyone who wants to get a sample are just a "physical contact" from me. DNA amplification or retinal scan data cloning for "n-X-body" maybe are just your next torrent download.
Who am I is what other can said about me.
Errors in digital signature (you know, Government do not make error...) maybe your next nightmare if your biometrics are bein captured an used to malicious purposes.
Once upon a time I suggested this as part of a patent application through IBM as an effort to turn digital photos into "forensic" evidence. The decision was taken to not pursue it.
Mind you, I felt that multiple factors were needed in such a camera, but, at the same time, all you can do is lock the camera to a person, and, if GPS is installed, you can keep the clock up to date, so you know when, and, potentially, where a photo _may_ have been taken.
Digital media is _hard_ to "guarantee" because there will always be some kind of an exploit to get around such controls.
Data is data. They're not going to get a patent on watermarking.
The patent is for the unobtrusive device on the camera taking the biometric and watermarking fast enough to allow seamless operation.
I hate exploits that involve a mellonballer.
Arrghhh!! Iris scanning is *totally* unrelated to retinal scanning.
The iris is the coloured part on the front of the eye. It can be photographed from a distance (if necessary). The retina is at the back of the eye, it can only be photographed from very close up by looking through the eye's lens.
"[The iris] can be photographed from a distance.."
True. Every photograph anyone has ever taken that shows a person's face, shows a photograph of their iris(es).
That doesn't change the fact that this technology doesn't work with LCD viewfinders. Or that the photographer could wear sunglasses, and thereby defeat the technology.
Okay, I can see how they want to trace just who took that kiddie porn pic, but won't this just encourage the use of tripods and cameras with digital displays? I think that technology that would tie a picture to a particular camera would be more useful.
And, it's data. It can be tweaked, if someone is so inclined.
"Okay, I can see how they want to trace just who took that kiddie porn pic"
Except that's not what they want to do.
"Still, customers can "vote with their dollars" by buying a different brand/model, if they don't want that technology in their own camera."
Somehow I suspect it's not going to be marketed to people who don't want it, so "vote with their dollars" is probably mostly irrelevant.
This isn't about some corporate/government intrusion into people's private lives. It's about helping photographers protect their copyrights. All these comments about just using the LCD viewfinder or refusing to buy a camera equipped with it are just irrelevant, and a bit paranoid, too.
How effective it may or may not be at protecting copyright is a reasonable discussion but the rest of these comments are just bizarre.
Umm, I don't really see what folks here are so upset about.
Here's the benefit to me as a professional photographer: I have a biometric tied to an image with which I can make the claim that I was the one who took the image in the first place. Regardless of later image manipulations, I should be able to produce the original file to bolster my claim. (The strength of that claim of course depends on multiple other factors, including the integrity of the watermarking process.)
Canon is not out to spy on anybody. They have a professional base which is concerned about unauthorized/unattributed use. (Less about unauthorized reproductions... Most pros I know are happy when lots of people see their shots, as long as they get proper credit, and get paid if somebody makes money off of it.) They have another base that is concerned about the chain of evidence (and they already have add-on technology to tie a photograph to the camera that took it).
My guess is that if we see this technology surface in a Canon, it will be:
1) in the professional models,
2) enabled/disabled via user choice,
3) embedded in the RAW data, and
4) embedded in the EXIF, which can be stripped.
Really. I don't see what y'all are hyperventilating about.
Additionally, as I said in the first comment, this stuff probably came about as an offshoot of adapting the eye-controlled autofocus engine to the digital EOS line, which is way, way cool.
I can just imagine marrying the EOS-3 style AF with the EOS-1D mk III AF engine (now that it's fixed), and drool.
For those who didn't read the link: the iris capture (as described) doesn't occur when taking a photo, but during a prior registration phase. So you can still use the LCD display, the feature still appears optional, and there is still no bullet-proof association between photo and photographer.
All it seems to do is allow a biometric-based tag to be added to photos, and it requires a conscious choice on the part of the user.
Actually you could do it even easier--in many, but not all, states, an eye test is performed as part of driving license issuance/renewal. Simply do the eye scan as the person is having their eyes tested.
"Okay, I can see how they want to trace just who took that kiddie porn pic"
However, it's trivial for the photographer to defeat such use: contact lenses to change eye-color and patterning are cheap and commonplace; take a look at a few episodes of Farscape to see some of the flashier examples being used in a theatrical setting.
The main use of this, as others have observed, is a questionable attempt to hinder forgery and copyright theft.
Ah, sure. Evince your intellectual superiority by *actually reading the article*.
But did you do the patent search?
And read the patent application?
If you had, then you would have clearly seen that line 27 in the background section clearly references a previous patent application for the same technology, but applied automatically during the same moment that the photograph is taken.
This application appears to be a method for adapting the real-time technology to cameras without optical viewfinders.
(Oh, and in case it's not clear, I'm trying to be funny at you above, not snarky.)
I can't even be funny at the right person. Now, that's funny.
My comment above was directed to you, not James.
"So how long until the camera that snaps your driver's license photo also grabs a snapshot of your iris or retina at the same time?"
Erm, they already do; last time I checked, you weren't allowed to close your eyes while your DL photo was taken. And yes, an ordinary snapshot with any decent quality camera, at a distance of a few feet, IS high enough resolution to calculate an iris code.
On the other hand, the resolution as printed on the DL is not high enough (at least, not around here.)
Retinal scans are a whole different story; you need to have your eye pressed up against a big scary machine which shines an infra-red beam in it. It's supposed to be undetectable but in fact some people find it painful. While FAR, FRR, EER and similar parameters are very good (similarly to iris scans), it has the additional advantage of being one of the few useful biometrics that is quite difficult to sample unobtrusively.
How is the watermark build into the picture?
If you can extract it for proof - you should be able to replace it in an digital environment - shouldn't you?
I should really read some wikipedia.
Of course it might be an protection against simple copy-paste actions.
But why do they use an irisscan? Why not digitally signing the picture with your private key?
While genetic engineering is improving, biometrics make news - tomorrow we will change our iris like we change our shirt today. :)
Nice Big Brother patent, but what if...
- the user shots the photo looking the LCD backpanel rather?
- once downloaded to a PC, the user batch-"washes" the photoes with any Open Source software capable of handling JPEG erasing watermarks, date, cam model etc?
- someone reverse the watermarking to get the iris data of someone else and blame him of some inappropriate photoes?
@ ice weasel
I'd rather have my iris scan confirm somebody hasn't nicked my camera body. This one's going to be more expensive.
The right place to apply a watermark is after the camera. Not only does my computer have more CPU power, it also has the metadata I WANT embedded, not some whacky iris hash that nobody will ever set up a repository for.
I must be getting tired. I read the headline as "Embedding waterboarding in photos."
It could just as easily (and a lot more reliably) tie the photo to the SN of the camera (especially since you will have 'pre scan' your iris anyhow, and select which one to use)
If the picture came form your camera, you have a pretty good case.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.