We all have had moments where we accidentally deleted that file before quickly realizing our mistake. Digital Forensics is the science of recovering information previously thought lost on digital systems. The field, only having come into vogue a few years ago, is now a core focus of many three letter government agencies. This week was a small introduction into this quickly changing field.
whodunit.c was the first of this weeks challenges and it tasked us to recover an image from what appears to be a serious of endless noise. By filtering out all the red pixels, the artificial noise placed on top we are able to see the true image. This questions asks us to consider how images are stored, as a series of RGB triplets (e.g. 255, 255, 255), and how might we modify this triplets. As we have control of each color in a pixel it is relatively simple to just remove all the red from the image and saturate the others colors. This lets us see the true image hidden behind the noise. When we do so we are left with the following image:
So if we know we can modify the contents of these little things called triplets (pixels) that make up our images, what is keeping us from doing more mundane operations to them such as copying them? resize.c asks us to take from input from the user; an image, and a integer, and to scale the image up by that factor. So instead of just having each RGB triplet display once, we now might ask it to display six, seven, or eight times to get a photo of eight times the resolution. This was very fun challenge, despite being unknowingly complicated. While my solution I produced works, it is not very efficient, and admittedly very poor. I will hopefully be taking another crack at this problem over the weekend to find a superior solution.
Oh no! You’ve fallen down in the middle of your vacation and your camera is smashed to pieces, how will you ever recover those photos! Recover.c challenges us to recover photos ‘lost’ on an SD card. Before we dive in let’s do a brief introduction into how memory works. Imagine a memory card as a large development of houses. At each driveway there is the physical house itself (the pointer) and the physical house itself. How imagine you were driving along this street blind, guided only by your GPS. If we destroy the address, the physical house might still be there, but you won’t be able to find it. When you ‘delete’ something on your computer you are effectively just deleting the address. The house is still there, but your GPS can’t find it, and as such can write over it. (in this example, build a house on top of it) However until you write over it, the physical house is still there, it’s just really hard to find.
In recover.c we are asked to look for the trademarks of the house that used to be there, find some algorithm that can deduce the deleted addresses that point to the still extant photographs. This is an incredibly hard challenge and one that was incredibly fun to toil through. It took many hours of frustration to tune my algorithm to stop and start exactly where it needed to and not overshoot a photo. This is was an incredible problem for combining everything we’ve learned in the course thus far.
What an amazing week of problems. This week’s Pset was both perfectly paced and an incredible challenge. It brought together all that we’ve learned in past weeks as far as syntax goes, and brought in the new element of image manipulation and forensics. This week served as a fantastic introduction into the world of digital forensics and image storage. I hope all coming Pset’s live up to this high bar. Looking towards the future; this week we will be taking our first quiz (yay) and also implanting a spell checker. I am looking forward towards keeping you updated on my progress in the coming weeks.