Tutorial | How to Tell Between Real & Fake Screenshots.
I put this guide HERE because there’s too many fake pictures going around and this is a start to fight it. If it’s in the incorrect section, Moderators can move it.
I’ve noticed that most people are having trouble finding the authenticity of some screenshots, and usually end up posting them while they are unver
This little tutorial will show you how to view an image at a deeper level to find out if it’s authentic.
GETTING STARTED
We’ll need a few things before we can work
• Basic computer operation knowledge (Installing programs, downloading/uploading, opening files in other programs etc)
• KNOWLEDGE
All files, coded in any language, have a base of information, hidden in hexadecimal format.
To remain on topic, I’m not going to say much about this except for that each hexadecimal value has a translation into a character code, usually ASCII (American Standard Code for Information Interchange) or Unicode (Universal Code). More Information is available at http://en.wikipedia.org/wiki/Hexadecimal
• A good Hex Editor with ASCII/Unicode Support. I use WinHex, which is available below.
http://www.x-ways.net/winhex.zip
http://www.topshareware.com/WinHex-download-9171.htm (information)
The Tutorial
Look at the two images above; do you see anything different about them? No.
They’re exactly the same right? Well, yeah, there’s no visible difference.
The one on the LEFT is a real screenshot, taken by a phone. The one on the RIGHT is fake, edited in Adobe Photoshop to have my good friend ask-vinay’s name present.
NOTICE THE WAY COOL BATTERY ICONS IN THE CORNER, HIGHLIGHTED BY BLUE BORDERS!
As you can see there is no way to tell the difference between the two and this creates a problem, you may think you have authentic screenshots, while they are not and vice versa. The easiest way to find a difference is to open the files up in a resource hacker (this type of hacking isn’t illegal) such as a hex editor. Open the files in WinHex…
The values in red represent the ASCII code of the offset of hex values you are currently viewing.
There isn’t much to see here and you’ll keep looking at the strange symbols in the ASCII viewer till you get bored. Notice that this image doesn’t have a signature (I’ll explain) and that it’s 12 pages long.
This is the authentic image. Identifiable by those characteristics mentioned above.
------------------------------------------------------------------------------------------
To identify a signature, open the file in WinHex and click the FIND button (Ctrl+F). Type in the name of a popular image editing toolsuch as Photoshop and you should get results. The text “Photoshop” is clearly visible in the ASCII viewer of the image. Notice that it’s also 16 pages long as compared to the other one which was 12 pages long. One can conclude that this is the fake image because of such characteristics.
These files were all in the PNG (Portable Network Graphics) format, which is very uncommon and is hard to identify, I used it because the image size is very low but has high quality. Below is a screenshot with the more popular JPEG (Joint Picture Experts Group) format, which has a very clear signature visible on the FIRST page. Notice that it shows the time and date of creation, and its 125 pages long.
And that’s pretty much the easiest way to do it. I hope it’s helped you and it’ll reduce the number of fake images being posted on the forum. If you have any problems, feel free to PM me and I’ll help you out.
I put this guide HERE because there’s too many fake pictures going around and this is a start to fight it. If it’s in the incorrect section, Moderators can move it.
I’ve noticed that most people are having trouble finding the authenticity of some screenshots, and usually end up posting them while they are unver
This little tutorial will show you how to view an image at a deeper level to find out if it’s authentic.
GETTING STARTED
We’ll need a few things before we can work
• Basic computer operation knowledge (Installing programs, downloading/uploading, opening files in other programs etc)
• KNOWLEDGE
All files, coded in any language, have a base of information, hidden in hexadecimal format.
To remain on topic, I’m not going to say much about this except for that each hexadecimal value has a translation into a character code, usually ASCII (American Standard Code for Information Interchange) or Unicode (Universal Code). More Information is available at http://en.wikipedia.org/wiki/Hexadecimal
• A good Hex Editor with ASCII/Unicode Support. I use WinHex, which is available below.
http://www.x-ways.net/winhex.zip
http://www.topshareware.com/WinHex-download-9171.htm (information)
The Tutorial
Look at the two images above; do you see anything different about them? No.
They’re exactly the same right? Well, yeah, there’s no visible difference.
The one on the LEFT is a real screenshot, taken by a phone. The one on the RIGHT is fake, edited in Adobe Photoshop to have my good friend ask-vinay’s name present.
NOTICE THE WAY COOL BATTERY ICONS IN THE CORNER, HIGHLIGHTED BY BLUE BORDERS!
As you can see there is no way to tell the difference between the two and this creates a problem, you may think you have authentic screenshots, while they are not and vice versa. The easiest way to find a difference is to open the files up in a resource hacker (this type of hacking isn’t illegal) such as a hex editor. Open the files in WinHex…
The values in red represent the ASCII code of the offset of hex values you are currently viewing.
There isn’t much to see here and you’ll keep looking at the strange symbols in the ASCII viewer till you get bored. Notice that this image doesn’t have a signature (I’ll explain) and that it’s 12 pages long.
This is the authentic image. Identifiable by those characteristics mentioned above.
------------------------------------------------------------------------------------------
To identify a signature, open the file in WinHex and click the FIND button (Ctrl+F). Type in the name of a popular image editing toolsuch as Photoshop and you should get results. The text “Photoshop” is clearly visible in the ASCII viewer of the image. Notice that it’s also 16 pages long as compared to the other one which was 12 pages long. One can conclude that this is the fake image because of such characteristics.
These files were all in the PNG (Portable Network Graphics) format, which is very uncommon and is hard to identify, I used it because the image size is very low but has high quality. Below is a screenshot with the more popular JPEG (Joint Picture Experts Group) format, which has a very clear signature visible on the FIRST page. Notice that it shows the time and date of creation, and its 125 pages long.
And that’s pretty much the easiest way to do it. I hope it’s helped you and it’ll reduce the number of fake images being posted on the forum. If you have any problems, feel free to PM me and I’ll help you out.
0 comments:
Post a Comment