Deep Neural Networks can be pretty good at identifying images — almost as good as they are at attracting Silicon Valley venture capital. But they can also be fairly brittle, and a slew of research projects over the last few years have been working on making the networks’ image classification less likely to be deliberately fooled.
One particular line of attack involves adding particularly-crafted noise to an image that flips some bits in the deep dark heart of the network, and makes it see something else where no human would notice the difference. We got tipped with a YouTube video of a one-pixel attack, embedded below, where changing a single pixel in the image would fool the network. Take that robot overlords!
Or not so fast. Reading the fine-print in the cited paper paints a significantly less gloomy picture for Deep Neural Nets. First, the images in question were 32 pixels by 32 pixels to begin with, so each pixel matters, especially after it’s run through a convolution step with a few-pixel window. The networks they attacked weren’t the sharpest tools in the shed either, with somewhere around a 68% classification success rate. What this means is that the network was unsure to begin with for many of the test images — making it flip from its marginally best (correct) first choice to a second choice shouldn’t be all that hard.
When we think of cameras these days, chances are we picture the ones that live inside the phones in our pockets. They’re the go-to image capture devices for most of us, but even for the more photographically advanced among us, when a more capable camera is called for, it’s usually an off-the-shelf DSLR from Canon, Nikon, or the like. Where do hand-built cameras fall in today’s photography world? They’re a great way to add a film option to your camera collection.
Cast lens body before machining
[CroppedCamera] previously built a completely custom large-format view camera, but for this build he decided that something a bit more portable might do. The body of the camera is scratch-built from aluminum, acting as the lightproof box to hold the roll film and mount the leaf-shutter lens. There’s an impressive amount of metalwork here — sand casting, bending, TIG welding, and machining all came into play, and most of them new skills to [CroppedCamera]. We were especially impressed with the shrink-fit of the lens cone to the body. It’s unconventional looking for sure, but not without its charm, and it’s sure to make a statement dangling around his neck.
Fingerprinting text is really very nifty; the ability to encode hidden data within a string of characters opens up a large number of opportunities. For example, someone within your team is leaking confidential information but you don’t know who. Simply send each team member some classified text with their name encoded in it. Wait for it to be leaked, then extract the name from the text — the classic canary trap.
Here’s a method that hides data in text using zero-width characters. Unlike various other ways of text fingerprinting, zero width characters are not removed if the formatting is stripped, making them nearly impossible to get rid of without re-typing the text or using a special tool. In fact you’ll have a hard time detecting them at all – even terminals and code editors won’t display them.
To make the process easy to perform, [Vedhavyas] created a command line utility to embed and extract a payload using any text. Each letter in the secret message is converted to binary, then encoded in zero-width characters. A zero-width-non-joiner character is used for 0, and a zero-width-space character for 1.
Of course, to get your encoding game really tight, you should be looking at getting yourself an enigma wristwatch…