Day: April 15, 2018

One-Pixel Attack Fools Neural Networks

April 15, 2018 by 34 Comments

Deep Neural Networks can be pretty good at identifying images — almost as good as they are at attracting Silicon Valley venture capital. But they can also be fairly brittle, and a slew of research projects over the last few years have been working on making the networks’ image classification less likely to be deliberately fooled.

One particular line of attack involves adding particularly-crafted noise to an image that flips some bits in the deep dark heart of the network, and makes it see something else where no human would notice the difference. We got tipped with a YouTube video of a one-pixel attack, embedded below, where changing a single pixel in the image would fool the network. Take that robot overlords!

We can’t tell what these are either..

Or not so fast. Reading the fine-print in the cited paper paints a significantly less gloomy picture for Deep Neural Nets. First, the images in question were 32 pixels by 32 pixels to begin with, so each pixel matters, especially after it’s run through a convolution step with a few-pixel window. The networks they attacked weren’t the sharpest tools in the shed either, with somewhere around a 68% classification success rate. What this means is that the network was unsure to begin with for many of the test images — making it flip from its marginally best (correct) first choice to a second choice shouldn’t be all that hard.

This isn’t to say that this line of research, adversarial training of the networks, is bogus. The idea that making neural nets robust to small changes is important. You don’t want turtles to be misclassified as guns, for instance, or Hackaday’s own Steven Dufresne misclassified as a tobacconist. And you certainly don’t want speech recognition software to be fooled by carefully crafted background noise. But if a claim of “astonishing results” on YouTube seems too good to be true, well, maybe it is.

Thanks [kamathin] for the tip!

Continue reading “One-Pixel Attack Fools Neural Networks”

Shutter Bug Goes Extreme With Scratch-Built Film Camera

April 15, 2018 by 5 Comments

Should a camera build start with a sand mold and molten aluminum? That’s the route [CroppedCamera] took with this thoroughly impressive camera project.

When we think of cameras these days, chances are we picture the ones that live inside the phones in our pockets. They’re the go-to image capture devices for most of us, but even for the more photographically advanced among us, when a more capable camera is called for, it’s usually an off-the-shelf DSLR from Canon, Nikon, or the like. Where do hand-built cameras fall in today’s photography world? They’re a great way to add a film option to your camera collection.

Cast lens body before machining

[CroppedCamera] previously built a completely custom large-format view camera, but for this build he decided that something a bit more portable might do. The body of the camera is scratch-built from aluminum, acting as the lightproof box to hold the roll film and mount the leaf-shutter lens. There’s an impressive amount of metalwork here — sand casting, bending, TIG welding, and machining all came into play, and most of them new skills to [CroppedCamera]. We were especially impressed with the shrink-fit of the lens cone to the body. It’s unconventional looking for sure, but not without its charm, and it’s sure to make a statement dangling around his neck.

It’s tough to find non-digital DIY camera builds around here — best we could do were these laser-cut plywood modular cameras. Then again, you can’t beat this wearable camera for functional style.

Continue reading “Shutter Bug Goes Extreme With Scratch-Built Film Camera”

Hide Secret Messages In Plain Sight With Zero-Width Characters

April 15, 2018 by 30 Comments

Fingerprinting text is really very nifty; the ability to encode hidden data within a string of characters opens up a large number of opportunities. For example, someone within your team is leaking confidential information but you don’t know who. Simply send each team member some classified text with their name encoded in it. Wait for it to be leaked, then extract the name from the text — the classic canary trap.

Here’s a method that hides data in text using zero-width characters. Unlike various other ways of text fingerprinting, zero width characters are not removed if the formatting is stripped, making them nearly impossible to get rid of without re-typing the text or using a special tool. In fact you’ll have a hard time detecting them at all – even terminals and code editors won’t display them.

To make the process easy to perform, [Vedhavyas] created a command line utility to embed and extract a payload using any text. Each letter in the secret message is converted to binary, then encoded in zero-width characters. A zero-width-non-joiner character is used for 0, and a zero-width-space character for 1.

[Vedhavyas’] tool was inspired by a post by [Tom], who uses a javascript example (with online demo) to explain what’s going on. This lets you test out the claim that you can paste the text without losing the hidden data. Try pasting it into a text editor. We were able to copy it again from there and retrieve the data, but it didn’t survive being saved and cat’d to the command line.

Of course, to get your encoding game really tight, you should be looking at getting yourself an enigma wristwatch

Continue reading “Hide Secret Messages In Plain Sight With Zero-Width Characters”